This pull request adds subresource integrity headers to all externally-loaded scripts and stylesheets, so that we don't have to trust the used CDNs (and also, potentially, for caching).
Websites created using Gerby probably don't handle user-sensitive data, but it's probably still a good idea to follow best practices and add these headers.
If one wants to upgrade the dependencies, the hashes have to be recalculated. One way to do this is to use https://www.srihash.org/. There are probably also command-line tools for this job; if not, I'll write one.
pbelmans
commented
6 years ago
This pull request adds subresource integrity headers to all externally-loaded scripts and stylesheets, so that we don't have to trust the used CDNs (and also, potentially, for caching).
Websites created using Gerby probably don't handle user-sensitive data, but it's probably still a good idea to follow best practices and add these headers.
If one wants to upgrade the dependencies, the hashes have to be recalculated. One way to do this is to use https://www.srihash.org/. There are probably also command-line tools for this job; if not, I'll write one.