jekyll-kw-sri 0.0.3 → 0.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5542954136a76dfbbfc00164ebbe573cd5a1b0b72519aa5362ccd63a6e9a8a25
4
- data.tar.gz: d9e667330f0c2aed78868b802b34bd0c1733aba9cfaaad0220f95b0ad15bf893
3
+ metadata.gz: 61f76f76ad7fda24e6db6ffb976c81a65761e70c75f1d1d3c926318c609799da
4
+ data.tar.gz: '0292981eefd1ff7556737a7189171c7867672b7869cad745a9907bccb06e8d92'
5
5
  SHA512:
6
- metadata.gz: e16a598b2ced45ed18c3d65ac818831084e0defab4fa4a356a6e2d8f146dd9005d2d8fc48af107c2999a6952e5c404bc213b5e4a907e5c60d5f69b49fb7a282c
7
- data.tar.gz: 348910861b855fcf5c34188d71b2defaf130bc421dff2e9b8ccfa58e927cf7bbf582fdde36bfb308c4e92db92440ce3dff2ea7abe710b03bbacb706c4593086f
6
+ metadata.gz: c2e6f5e3bf9c9a1ff4ea72fa57ba18cd8f72cb5afa0e1d0ba1b86c39d6be626abc2b65c7a2b45b72be149d88e19d9437ea4a7a9869a05f8eb40c89223bf7d2dc
7
+ data.tar.gz: 8950fb940ba4687122272ac2d74baf2d1e4b35829141ed1398cf8e92f911d7b8644a76c570c13117e5e2ec492bbd0101014bb8b1678077084c8142fa3267120b
data/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2020 n13.org
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
data/README.md CHANGED
@@ -1,16 +1,71 @@
1
1
  # jekyll-kw-sri
2
2
 
3
+ ![CI](https://github.com/n13org/jekyll-kw-sri/workflows/CI/badge.svg)
4
+ ![RuboCop](https://github.com/n13org/jekyll-kw-sri/workflows/RuboCop/badge.svg)
5
+
6
+ [![Maintainability](https://api.codeclimate.com/v1/badges/a82f10c3cd9fea769a0b/maintainability)](https://codeclimate.com/github/n13org/jekyll-kw-sri/maintainability)
7
+ [![Test Coverage](https://api.codeclimate.com/v1/badges/a82f10c3cd9fea769a0b/test_coverage)](https://codeclimate.com/github/n13org/jekyll-kw-sri/test_coverage)
8
+
3
9
  [![Gem Version](https://badge.fury.io/rb/jekyll-kw-sri.svg)](https://badge.fury.io/rb/jekyll-kw-sri)
4
10
 
5
- A plugin for jekyll to calculate [Subresource Integrity][Wikipedia SRI] (SRI) hashes for CSS (even SCSS and SASS) and JS files during build time.
11
+ A plugin for [jekyll][Jekyll Website] to calculate [Subresource Integrity][Wikipedia SRI] (SRI) hashes for CSS (even SCSS and SASS) and JS files during build time.
6
12
 
7
13
  > **Subresource Integrity** (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched resource must match.
8
14
 
9
15
  from [Mozilla docs][Mozilla Subresource Integrity]
10
16
 
11
- ## Configuration
17
+ ## 🔥 Usage
18
+
19
+ ### Usage for version `>= v0.1.0`
20
+
21
+ Use the [Jekyll Includes] `kw-integrity-css.html` for css, scss and sass; and the `kw-integrity-js.html` for js.
22
+
23
+ > For static, non-rendered `css` files the hash values have to me calculated and stored in a file. See `Action Items / Shell commands` section about SRI! All the hash-files should be stored in `./_includes/integrity` so they can easy used.
24
+
25
+ The markdown syntax shows the include file with one paramter "the filename".
26
+
27
+ ```markdown
28
+ {% include kw-integrity-css.html file='style.scss' %}
29
+ ```
30
+
31
+ The rendered html will use the default path, the css file and the calculated hash.
32
+
33
+ ```html
34
+ <link rel="stylesheet" href="/assets/css/style.css" integrity="sha384-cl6CK1yzEvoM3Sw3dL8YAm/P2VpQiD+mAFVkkb6Bh+23PP1ow2gXXGw4WnQlzO0B" crossorigin="anonymous">
35
+ ```
36
+
37
+ The markdown syntax shows the include file with all paramters. All parameter can be omit. The **default values** are file = "main.scss", path = "assets/css/" and hash = "sha384".
38
+
39
+ ```markdown
40
+ {% include kw-integrity-css.html file='style.scss' path='my/folder/to/css/' hash='sha512' %}
41
+ ```
42
+
43
+ ### Usage for version `< v0.1.0`
44
+
45
+ Use the [custom tag][Jekyll Liquid] `sri_scss_hash`.
46
+
47
+ > This approach was inspired by [vcsjones.dev Blog] and [vcsjones.dev GitHub].
48
+
49
+ The `html` inside the post or page markdown file, shows a usage of a `scss` file which will be compiled to a `css`. The hash of the integrity will be generated during the build time.
50
+
51
+ ```html
52
+ <link rel="stylesheet" href="{{ '/assets/css/kargware.css' | relative_url }}" integrity="{% sri_scss_hash /assets/css/kargware.scss %}" crossorigin="anonymous">
53
+ ```
54
+
55
+ The result of the html inside the markdown is the `href` and the `integrity`.
56
+
57
+ ```html
58
+ <link rel="stylesheet" href="/assets/css/kargware.css" integrity="sha384-cl6CK1yzEvoM3Sw3dL8YAm/P2VpQiD+mAFVkkb6Bh+23PP1ow2gXXGw4WnQlzO0B" crossorigin="anonymous">
59
+ ```
60
+
61
+ ## Changelog
62
+
63
+ * 0.1.0 Add html include files to use them with `{% include kw-integrity-css.html %}` or `{% include kw-integrity-js.html %}`
64
+ * 0.0.x Add the custom tag `{% sri_scss_hash %}`
65
+
66
+ ## ⚙️ Configuration
12
67
 
13
- Add `kw-sri` section to `_config.yml` configure the plugin globally.
68
+ Add `kw-sri` section to `_config.yml` configure the plugin globally. If you want to use defauls you can ommit the config-section.
14
69
 
15
70
  ```yaml
16
71
  kw-sri:
@@ -27,18 +82,46 @@ kw-sri:
27
82
  | hash_type | Which kind of integrity hash | sha256, **sha384**, sha512 |
28
83
  | write_source_mapping_url | Add the map-file like to the css | false, **true** |
29
84
 
30
- Add `sri: true` to **Front Matter** of `<page>` or `<post>` to activate the sri plugin.
85
+ ## 🚀 Action Items / Shell commands
31
86
 
32
- ## Build gem
87
+ Run linting and tests
33
88
 
34
- ## Publish gem
89
+ ```sh
90
+ bundle exec rubocop
91
+ bundle exec rake test
92
+ ```
35
93
 
36
- ## Run tests
94
+ Build gem package
37
95
 
38
96
  ```sh
39
- bundle exec rake test
97
+ bundle exec rake build
98
+ ```
99
+
100
+ Publish gem package
101
+
102
+ ```sh
103
+ bundle exec rake release
104
+ ```
105
+
106
+ Calc a SRI Integrity hash of `./style.css` in format `sha256`
107
+
108
+ ```shell
109
+ openssl dgst -sha256 -binary ./style.css | openssl base64 -A
40
110
  ```
41
111
 
112
+ Calc different **SRI integrity** hash-files from `css-files` (same is valid for `js-files`) in format `sha256`, `sha384` and `sha512` inside a **Makefile**
113
+
114
+ ```plain
115
+ calc-integrity-files:
116
+ for strength in 256 384 512 ; do \
117
+ cat ./assets/css/style.min.css | openssl dgst -sha$$strength -binary | openssl base64 -A > ./_includes/integrity/style.min.css.sha$$strength ; \
118
+ cat ./assets/css/main.css | openssl dgst -sha$$strength -binary | openssl base64 -A > ./_includes/integrity/main.css.sha$$strength ; \
119
+ cat ./assets/js/script.js | openssl dgst -sha$$strength -binary | openssl base64 -A > ./_includes/integrity/script.js.sha$$strength ; \
120
+ done
121
+ ```
122
+
123
+ ## 📝 Notes / Hints
124
+
42
125
  ### Appraisal - Gemfile Generator
43
126
 
44
127
  [GitHub](https://github.com/thoughtbot/appraisal)
@@ -50,8 +133,6 @@ bundle exec rake test
50
133
  bundle exec appraisal generate
51
134
  ```
52
135
 
53
- ## Notes / Hints
54
-
55
136
  ### Site context is empty
56
137
 
57
138
  Inside the `render(context)` function of a `Liquid::Tag` there is a context object. With that context you can get the `site` object, anyhow when you want to cretae your temporry **site** and **context** you need a workaround.
@@ -92,13 +173,7 @@ converter = if defined? site.find_converter_instance
92
173
  end
93
174
  ```
94
175
 
95
- ## SRI Integrity
96
-
97
- ```shell
98
- openssl dgst -sha256 -binary ./style.css | openssl base64 -A
99
- ```
100
-
101
- ## Setup Steps
176
+ ### Setup Steps
102
177
 
103
178
  ```sh
104
179
  bundle init
@@ -113,5 +188,26 @@ bundle add redcarpet
113
188
  bundle add shoulda
114
189
  ```
115
190
 
191
+ ## 👋 Big Thanks to my inspiration sources
192
+
193
+ * `SRI with Jekyll` [vcsjones.dev Blog] and [vcsjones.dev GitHub]
194
+ * [GitHub Project jekyll/jekyll]
195
+ * [GitHub Project Shopify/liquid]
196
+ * [Medium wrap-your-assets-in-a-gem]
197
+ * `Use jekyll filter scssify` [andreaverlicchi blog scssify]
198
+ * [Blog How to create customizable Liquid tags in Jekyll]
199
+ * [Ruby Module Digest]
200
+
201
+ [Jekyll Website]: https://jekyllrb.com/
202
+ [Jekyll Liquid]: https://jekyllrb.com/docs/liquid/
203
+ [Jekyll Includes]: https://jekyllrb.com/docs/includes/
116
204
  [Wikipedia SRI]: https://en.wikipedia.org/wiki/Subresource_Integrity
117
- [Mozilla Subresource Integrity]: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
205
+ [Mozilla Subresource Integrity]: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
206
+ [vcsjones.dev Blog]: https://vcsjones.dev/2016/11/02/sri-with-jekyll/
207
+ [vcsjones.dev GitHub]: https://github.com/vcsjones/vcsjones.dev/tree/main
208
+ [GitHub Project jekyll/jekyll]: https://github.com/jekyll/jekyll
209
+ [GitHub Project Shopify/liquid]: https://github.com/Shopify/liquid
210
+ [andreaverlicchi blog scssify]: https://www.andreaverlicchi.eu/critical-css-jekyll-sass-github-pages/
211
+ [Ruby Module Digest]: https://ruby-doc.com/stdlib/libdoc/digest/rdoc/Digest.html
212
+ [Blog How to create customizable Liquid tags in Jekyll]: https://blog.sverrirs.com/2016/04/custom-jekyll-tags.html
213
+ [Medium wrap-your-assets-in-a-gem]: https://medium.com/@paulfarino/wrap-your-assets-in-a-gem-3ad7ecf5b075
@@ -0,0 +1,42 @@
1
+ {% assign para_file = include.file | default: "main.scss" %}
2
+ {% assign para_path = include.path | default: "assets/css/" %}
3
+ {% assign para_hash = include.hash | default: "sha384" %}
4
+
5
+ {% assign filename_no_path = para_file | split: "/" | last %}
6
+ {% assign source_file = "/" | append: para_path | append: para_file %}
7
+ {% assign source_file_ex = para_file | split: "." | last %}
8
+ {% assign path_no_filename = para_file | remove: filename_no_path %}
9
+ {% assign target_file_ex = para_file | replace: ".scss", ".css" %}
10
+ {% assign target_file = para_path | append: target_file_ex %}
11
+ {% assign integrity_file = "/integrity/" | append: para_file | append: "." | append: para_hash %}
12
+
13
+ {% comment %}{% raw %}
14
+ <!-- DEBUG BEGINN
15
+ {{ para_file }}
16
+ {{ para_path }}
17
+ {{ para_hash }}
18
+ {{ filename_no_path }}
19
+ {{ source_file }}
20
+ {{ source_file_ex }}
21
+ {{ path_no_filename }}
22
+ {{ target_file }}
23
+ {{ integrity_file }}
24
+ DEBUG END -->
25
+ {% endraw %}{% endcomment %}
26
+
27
+ {% case source_file_ex %}
28
+ {% when "css" %}
29
+ <link rel="stylesheet" href="{{ target_file }}" integrity="{{ para_hash }}-{% include {{ integrity_file }} %}" crossorigin="anonymous">
30
+ {% when "scss" %}
31
+ <link rel="stylesheet" href="{{ target_file }}" integrity="{% sri_scss_hash {{ source_file }} %}" crossorigin="anonymous">
32
+ {% else %}
33
+ <link rel="stylesheet" href="{{ target_file }}">
34
+ {% endcase %}
35
+
36
+ {% comment %}{% raw %}
37
+
38
+ <!-- Trailing Slash Handling ? -->
39
+ {% assign trainling_slash = para_path | slice: -1, 1 %}
40
+ {% if trainling_slash = "/" %}
41
+
42
+ {% endraw %}{% endcomment %}
@@ -0,0 +1,18 @@
1
+ {% assign para_file = include.file | default: "script.js" %}
2
+ {% assign para_path = include.path | default: "assets/js/" %}
3
+ {% assign para_hash = include.hash | default: "sha384" %}
4
+
5
+ {% assign target_file = para_path | append: para_file %}
6
+ {% assign integrity_file = "/integrity/" | append: para_file | append: "." | append: para_hash %}
7
+
8
+ {% comment %}{% raw %}
9
+ <!-- DEBUG BEGINN
10
+ {{ para_file }}
11
+ {{ para_path }}
12
+ {{ para_hash }}
13
+ {{ target_file }}
14
+ {{ integrity_file }}
15
+ DEBUG END -->
16
+ {% endraw %}{% endcomment %}
17
+
18
+ <script src="{{ target_file }}" integrity="{{ para_hash }}-{% include {{ integrity_file }} %}" crossorigin="anonymous"></script>
@@ -9,30 +9,14 @@ module Jekyll
9
9
  module KargWare
10
10
  # jekyll-kw-sri custom tag
11
11
  class SriScssHashTag < Jekyll::Tags::IncludeRelativeTag
12
- # class SriScssHashTag < Liquid::Tag
13
-
14
- alias super_render render
15
-
16
12
  def initialize(tag_name, input, tokens)
17
13
  super
18
14
 
19
15
  raise 'Please enter a file path' if input.length <= 0
20
-
21
- @scss_file = strip_or_self(input)
22
16
  # File.exists? is file?
23
-
24
- @tag_name = tag_name
25
-
26
- # puts syntax_example
27
17
  end
28
18
 
29
- # def syntax_example
30
- # "{% #{@tag_name} css/main.scss %}"
31
- # end
32
-
33
19
  def render(context)
34
- # return '' unless context.registers[:page]['sri']
35
-
36
20
  cache_compiled_scss(@file, context, lambda {
37
21
  if context.nil? || context.registers[:site].nil?
38
22
  puts 'WARNING: There was no context, generate default site and context'
@@ -44,25 +28,25 @@ module Jekyll
44
28
  @sri_config = context.registers[:site].config['kw-sri'] || {}
45
29
  end
46
30
 
31
+ # Render the context with the base-class
47
32
  converter = site.find_converter_instance(Jekyll::Converters::Scss)
48
-
49
- # var scss = render(context)
50
- result = super_render(context) # super(context)
33
+ result = super(context) # super_render(context)
51
34
  scss = result.gsub(/^---.*---/m, '')
52
35
  data = converter.convert(scss)
53
36
 
54
- Integrity::Parser.new(@sri_config).calc_integrity(@scss_file, data)
37
+ # Get path out of the file object
38
+ file = render_variable(context) || @file
39
+ validate_file_name(file)
40
+ path = locate_include_file(context, file, site.safe)
41
+
42
+ # Use default config for kw-sri if it is nil
43
+ @sri_config ||= Jekyll::KargWare::Integrity::Configuration::DEFAULT_CONFIG
44
+
45
+ Integrity::Parser.new(@sri_config).calc_integrity(path, data)
55
46
  })
56
47
  end
57
48
 
58
49
  def cache_compiled_scss(path, _context, compute)
59
- # @@cached_scss ||= {}
60
- # if @@cached_scss.key?(path)
61
- # @@cached_scss[path]
62
- # else
63
- # @@cached_scss[path] = compute.call
64
- # end
65
-
66
50
  @cached_scss ||= {}
67
51
  if @cached_scss.key?(path)
68
52
  @cached_scss[path]
@@ -71,11 +55,7 @@ module Jekyll
71
55
  end
72
56
  end
73
57
 
74
- # https://stackoverflow.com/a/1000975
75
- def strip_or_self(str)
76
- str.strip! || str
77
- end
78
-
58
+ # Register the sccs file as include folder
79
59
  def tag_includes_dirs(context)
80
60
  [context.registers[:site].source].freeze
81
61
  end
@@ -19,7 +19,7 @@ module Jekyll
19
19
  data_modified = add_source_mapping_url(filename, data)
20
20
 
21
21
  # Debuging, save rendered css file as tmp file
22
- File.open(".#{filename}.tmp", 'w') { |file| file.write(data_modified) } if @configuration.create_tmpfile
22
+ File.open("#{filename}.tmp", 'w') { |file| file.write(data_modified) } if @configuration.create_tmpfile
23
23
 
24
24
  case hash_type
25
25
  when 'sha256'
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module JekyllKwSri
4
- VERSION = '0.0.3'
4
+ VERSION = '0.1.1'
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: jekyll-kw-sri
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Nicolas Karg
@@ -9,22 +9,22 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2020-11-12 00:00:00.000000000 Z
12
+ date: 2020-11-13 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: jekyll
16
16
  requirement: !ruby/object:Gem::Requirement
17
17
  requirements:
18
- - - "~>"
18
+ - - ">="
19
19
  - !ruby/object:Gem::Version
20
- version: '4.0'
20
+ version: '3.8'
21
21
  type: :runtime
22
22
  prerelease: false
23
23
  version_requirements: !ruby/object:Gem::Requirement
24
24
  requirements:
25
- - - "~>"
25
+ - - ">="
26
26
  - !ruby/object:Gem::Version
27
- version: '4.0'
27
+ version: '3.8'
28
28
  description: Jekyll plugin which calculate the integrity hash of CSS (SCSS, SASS)
29
29
  and JS.
30
30
  email: rubygems.org@n13.org
@@ -32,7 +32,10 @@ executables: []
32
32
  extensions: []
33
33
  extra_rdoc_files: []
34
34
  files:
35
+ - LICENSE
35
36
  - README.md
37
+ - _includes/kw-integrity-css.html
38
+ - _includes/kw-integrity-js.html
36
39
  - lib/jekyll-kw-sri.rb
37
40
  - lib/jekyll-kw-sri/configuration.rb
38
41
  - lib/jekyll-kw-sri/parser.rb
@@ -49,7 +52,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
49
52
  requirements:
50
53
  - - ">="
51
54
  - !ruby/object:Gem::Version
52
- version: '2.7'
55
+ version: '2.4'
53
56
  required_rubygems_version: !ruby/object:Gem::Requirement
54
57
  requirements:
55
58
  - - ">="