Avoiding Font Piracy On Github & Netlify

After reading How Github became the web’s largest font piracy site (and how to fix it) I was wondering how I can avoid uploading/publishing font files on Github, considering that most of my sites are deployed by Netlify and require the complete source to be public.

Screenshot

At first I tried to encrypt the fonts using a 7z archive. Unfortunately, 7zip can not be used inside Netlify deploys, so I decided to try and download an archive from a secret, remote location before building the project:

"scripts": {
  "build": "npm run fonts:fetch && gatsby build",
  "fonts:fetch": "wget -O Dia.zip $SECRET_FONTS_URL; unzip Dia.zip -d ./static/fonts; rm Dia.zip",
}

I run an NPM Script called fonts: fetch, which will download a zip file from a secret location specified inside an environment variable. This zip file can then be extracted to a desired location.

Inside my deploy settings, I can then set that secret URL. Pretty sleek if you ask me!