The security aspect of offline documentation is the hard part. Especially post Offline Documentation Discussion - #53 by Patrick breaks it.
I don’t think it’s a good idea to download from whonix.org during the package build. It’s a remote, live, changing location. Not a source file.
Would be a break of the security model. I consider whonix.org a binary format. All Non-Qubes-Whonix VM images for now have been produced locally from source code on my developer hardware. (Except for binary Debian packages which are installed inside VM images as is from Debian repository.) Adding a binary file (the pdf) that I generated from the Whonix web server would break that model.
Since it’s a changing location, it would also break (future) reproducible builds.
The offline documentation would have to be created from source files.
But even https://github.com/Whonix/whonix-wiki-backup is not vetted. It’s auto generated on whonix.org server using git-mediawiki as backup tool. A breach of either whonix.org or github.com could lead to malicious content in these unvetted, auto generated source files and once a user clicks these, they could get compromised.
I think for offline documentation we first need to fix the documentation security model. That is, documentation is edited as source files on github. Whonix developers then keep merging and signing changes for being non-malicious locally. These source files would be used to create the website html. Not the other way around we are currently doing it. It might mean to move away from mediawiki. A lot work.