Regulatory requirements mandate that. Stock brokers in India are required to generate this document called “Contract Notes” which includes all the trades done by the user on the stock exchanges. It also contains a breakdown of all charges incurred by the user (brokerage, various taxes etc). And this has to be emailed to every user before the next trading session begins.

Does the law specify PDF? I would have thought pain text or even HTML would be sufficient.

I don’t know the situation in India but brokers in Austria and Germany do the same. The law does not stipulate the format but PDF is what everyone uses. I assume it’s because it can be signed and archived and will outlast pretty much anything. You need to keep these for 7 years.

Yes, in India, the law mandates that ECNs (electronic contract notes) need to be digitally signed with a valid certifying authority. While it's true that XML/docx/xls files could also support digital signatures, but I think PDFs are prevalent and also allow clients to verify this on their end, quite easily.

PDF is less likely to contain executable malicious code than other formats.

Is it? More so than say .csv file ?

I was under the impressions that pdfs are not that safe. I thought they can do stuff like execute a subset of PostScript and Javascript.

Look, when it comes to corporate reporting, PDFs are pretty much the gold standard. Sure, they've got some potential security issues, but any decent company's IT department has them well in hand.

Think about it - you want your reports to look sharp, right? PDFs deliver that professional look every time, no matter who opens them or on what device. Plus, they've got all those nifty features like password protection and digital signatures that the big guys love.

CSV files? They're great for crunching numbers, but let's face it - they look about as exciting as a blank wall. Try sending a CSV report to the board of directors and watch their eyes glaze over.

So, yes, for reporting in a company that's got its security act together, PDFs are your best bet. They're like the well-dressed, security-savvy cousin of other file formats - they look good and keep things safe.

More than plain text? I doubt so.

common people don't talk about plain text. what are you? a hacker?!?

I mean I guess you don't care as long as the file is signed if it is just some regulatory stuff that barely anyone would ever read anyway.

I'm interested to hear what you would propose.

Not sure what GP had in mind, but one can programmatically generate PDFs directly, without using something like Typst as a "middleman".

Have you tried doing that? It’s no fun at all and far from easy. I don’t quite see a benefit in doing it without some utility.

Besides, the generation of PDF reports is usually decoupled from the templates, so you will have to work on your own "middleman".

Apache iText, for example.

I guess some webkit solution like wkhtmltopdf

How is that more efficient than Typst exactly?