Updating the toolbox

[dotsara]

It's been… awhile.

I attempted to update the site (because of security alerts from GH) ~6 months ago, but I got frustrated and didn't finish. Maybe if I document it, I'll finish this time!

[dotsara]

Security Alerts

name	severity
jekyll	moderate
ffi	moderate
nokogiri	critical
yajl-ruby	high
activesupport	moderate

[dotsara]

Okay, so started with the most basic one: updating Jekyll.

When I tried jekyll serve, I got:

Configuration file: /Users/me/Sites/dotsara.github.io/_config.yml
       Deprecation: You appear to have pagination turned on, but you haven't included the `jekyll-paginate` gem. Ensure you have `plugins: [jekyll-paginate]` in your configuration file.
            Source: /Users/me/Sites/dotsara.github.io
       Destination: /Users/me/Sites/dotsara.github.io/_site
 Incremental build: disabled. Enable with --incremental
      Generating... 
  Liquid Exception: Liquid syntax error (/Users/me/Sites/dotsara.github.io/_includes/_head.html line 26): Unknown tag 'feed_meta' included in /_layouts/post.html
                    ------------------------------------------------
      Jekyll 4.0.0   Please append `--trace` to the `serve` command 
                     for any additional information or backtrace. 
                    ------------------------------------------------

So, one at a time!

Updating the Gemfile and _config.yml.

And done! 🎉

[dotsara]

Oh, but smartquotes was busted.

Went to the repo (https://github.com/kellym/smartquotes.js) and updated smartquotes.min.js (the updated file is just smartquotes.js but it's still minified, so I'll leave the file name as-is).

[dotsara]

Woohoo! I pushed the updated files from updating Jekyll and smartquotes and running jekyll build and the vulnerabilities are gone (as expected / hoped for). 🎉

[dotsara]

Ohhh, mixed https/http content. Firefox is blocking the CSS. 🔎

Fixed: it was my link for the Merriweather font from Google Fonts. 👍

[dotsara]

Also added dark mode styles! 🎉