1 files changed, 8 insertions, 8 deletions

diff --git a/website/posts/timely-delivery-of-security-updates.sxml b/website/posts/timely-delivery-of-security-updates.sxml
index e5e5aec..c1eb307 100644
--- a/website/posts/timely-delivery-of-security-updates.sxml
+++ b/website/posts/timely-delivery-of-security-updates.sxml
@@ -25,12 +25,12 @@
          ".  What this means is that the the package graph in Guix is an immutable, "
          (a (@ (href "https://en.wikipedia.org/wiki/Persistent_data_structure"))
             "persistent data structure")
-         "\x97similar to a singly-linked list in a functional programming language, or to the "
+         "—similar to a singly-linked list in a functional programming language, or to the "
          (a (@ (href "http://eagain.net/articles/git-for-computer-scientists/"))
             "object graph in the Git version control system")
          "."
          (br))
-      (p "A common difficulty with persistent data structures is the algorithmic complexity of updates\x97the computational cost of updating an arbitrary element of the data structure.  For instance, to update the nth element of a singly-linked list, you first need to traverse and copy the n\xa0?\xa01 elements at the head of the list, then insert the new element and make it point to the tail of the list."
+      (p "A common difficulty with persistent data structures is the algorithmic complexity of updates—the computational cost of updating an arbitrary element of the data structure.  For instance, to update the nth element of a singly-linked list, you first need to traverse and copy the n\xa0?\xa01 elements at the head of the list, then insert the new element and make it point to the tail of the list."
          (br))
       (p "With the functional package management paradigm, the cost of updating a package is simple to understand: you need to rebuild the package itself, "
          (em "and all the packages that depend on it")
@@ -39,26 +39,26 @@
          " build from source, there is no way we can be using binaries that cannot be "
          (a (@ (href "https://savannah.gnu.org/forum/forum.php?forum_id=8407"))
             "rebuilt from their Corresponding Source")
-         ", breakage due to incompatible application binary interfaces (ABIs) is foreign to our users, we have a precise trail of the tools that produced binaries\x97that is, builds are "
+         ", breakage due to incompatible application binary interfaces (ABIs) is foreign to our users, we have a precise trail of the tools that produced binaries—that is, builds are "
          (a (@ (href "https://en.wikipedia.org/wiki/Referential_transparency"))
-            "\x93referentially transparent\x94")
+            "“referentially transparent”")
          ", and as a bonus, we get "
          (a (@ (href "https://www.gnu.org/software/guix/manual/html_node/Features.html"))
             "features")
          " such as transactional upgrades and rollbacks, peaceful coexistence of different variants of the same package, and more."
          (br))
-      (p "But obviously, this update cost is very high when all you want is to deliver an important security update in a core package.  Regarding yesterday\x92s update, "
+      (p "But obviously, this update cost is very high when all you want is to deliver an important security update in a core package.  Regarding yesterday’s update, "
          (a (@ (href "http://www.gnu.org/software/guix/manual/html_node/Invoking-guix-refresh.html"))
             "guix refresh -l openssl")
          " shows that 2,115 packages depend on OpenSSL. On top of that, Guix supports 4 architectures, so needless to say, rebuilding everything that depends on OpenSSL would take time.  Sure, users do not have to wait for "
          (a (@ (href "http://www.gnu.org/software/guix/manual/html_node/Substitutes.html"))
             "pre-built binaries")
-         " and can instead build just what they need locally; in practice, they\x92d better have a powerful machine, though."
+         " and can instead build just what they need locally; in practice, they’d better have a powerful machine, though."
          (br))
       (h4 "Grafting important updates")
       (p "A solution to this problem has been floating around for some time: the idea is to "
          (em "graft")
-         " important package updates onto packages that depend on it.  That way, we would rebuild OpenSSL, but all we need to do for packages that depend on OpenSSL is to substitute the reference to the \x93broken\x94 OpenSSL with a reference to the security update, with the understanding that this substitution process is orders of magnitude cheaper than rebuilding packages, and faster than redownloading rebuilt packages."
+         " important package updates onto packages that depend on it.  That way, we would rebuild OpenSSL, but all we need to do for packages that depend on OpenSSL is to substitute the reference to the “broken” OpenSSL with a reference to the security update, with the understanding that this substitution process is orders of magnitude cheaper than rebuilding packages, and faster than redownloading rebuilt packages."
          (br))
       (p "Shea Levy had implemented a form of grafting "
          (a (@ (href "https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/replace-dependency.nix"))
@@ -84,7 +84,7 @@
       (h4 "Good news!")
       (p "This bug was finally addressed, "
          (a (@ (href "https://lists.gnu.org/archive/html/guix-devel/2016-03/msg00009.html"))
-            "just in time for yesterday\x92s OpenSSL update")
+            "just in time for yesterday’s OpenSSL update")
          ".  We have identified things to improve, but overall, it has worked pretty well.  It has worked so well that we even experienced "
          (a (@ (href "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22876#8"))
             "our first ABI break")