Closed dotsara closed 4 years ago
name | severity |
---|---|
jekyll | moderate |
ffi | moderate |
nokogiri | critical |
yajl-ruby | high |
activesupport | moderate |
Okay, so started with the most basic one: updating Jekyll.
When I tried jekyll serve
, I got:
Configuration file: /Users/me/Sites/dotsara.github.io/_config.yml
Deprecation: You appear to have pagination turned on, but you haven't included the `jekyll-paginate` gem. Ensure you have `plugins: [jekyll-paginate]` in your configuration file.
Source: /Users/me/Sites/dotsara.github.io
Destination: /Users/me/Sites/dotsara.github.io/_site
Incremental build: disabled. Enable with --incremental
Generating...
Liquid Exception: Liquid syntax error (/Users/me/Sites/dotsara.github.io/_includes/_head.html line 26): Unknown tag 'feed_meta' included in /_layouts/post.html
------------------------------------------------
Jekyll 4.0.0 Please append `--trace` to the `serve` command
for any additional information or backtrace.
------------------------------------------------
So, one at a time!
Updating the Gemfile
and _config.yml
.
And done! 🎉
Oh, but smartquotes was busted.
Went to the repo (https://github.com/kellym/smartquotes.js) and updated smartquotes.min.js
(the updated file is just smartquotes.js
but it's still minified, so I'll leave the file name as-is).
Woohoo! I pushed the updated files from updating Jekyll and smartquotes and running jekyll build
and the vulnerabilities are gone (as expected / hoped for). 🎉
Ohhh, mixed https/http content. Firefox is blocking the CSS. 🔎
Fixed: it was my link for the Merriweather font from Google Fonts. 👍
Also added dark mode styles! 🎉
It's been… awhile.
I attempted to update the site (because of security alerts from GH) ~6 months ago, but I got frustrated and didn't finish. Maybe if I document it, I'll finish this time!