jekyll-kw-sri 0.1.0 → 0.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +78 -7
- data/_includes/kw-integrity-js.html +18 -1
- data/lib/version.rb +1 -1
- metadata +7 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 61f76f76ad7fda24e6db6ffb976c81a65761e70c75f1d1d3c926318c609799da
|
|
4
|
+
data.tar.gz: '0292981eefd1ff7556737a7189171c7867672b7869cad745a9907bccb06e8d92'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c2e6f5e3bf9c9a1ff4ea72fa57ba18cd8f72cb5afa0e1d0ba1b86c39d6be626abc2b65c7a2b45b72be149d88e19d9437ea4a7a9869a05f8eb40c89223bf7d2dc
|
|
7
|
+
data.tar.gz: 8950fb940ba4687122272ac2d74baf2d1e4b35829141ed1398cf8e92f911d7b8644a76c570c13117e5e2ec492bbd0101014bb8b1678077084c8142fa3267120b
|
data/README.md
CHANGED
|
@@ -1,19 +1,69 @@
|
|
|
1
1
|
# jekyll-kw-sri
|
|
2
2
|
|
|
3
|
+
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
[](https://codeclimate.com/github/n13org/jekyll-kw-sri/maintainability)
|
|
7
|
+
[](https://codeclimate.com/github/n13org/jekyll-kw-sri/test_coverage)
|
|
8
|
+
|
|
3
9
|
[](https://badge.fury.io/rb/jekyll-kw-sri)
|
|
4
10
|
|
|
5
|
-
A plugin for jekyll to calculate [Subresource Integrity][Wikipedia SRI] (SRI) hashes for CSS (even SCSS and SASS) and JS files during build time.
|
|
11
|
+
A plugin for [jekyll][Jekyll Website] to calculate [Subresource Integrity][Wikipedia SRI] (SRI) hashes for CSS (even SCSS and SASS) and JS files during build time.
|
|
6
12
|
|
|
7
13
|
> **Subresource Integrity** (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched resource must match.
|
|
8
14
|
|
|
9
15
|
from [Mozilla docs][Mozilla Subresource Integrity]
|
|
10
16
|
|
|
17
|
+
## 🔥 Usage
|
|
18
|
+
|
|
19
|
+
### Usage for version `>= v0.1.0`
|
|
20
|
+
|
|
21
|
+
Use the [Jekyll Includes] `kw-integrity-css.html` for css, scss and sass; and the `kw-integrity-js.html` for js.
|
|
22
|
+
|
|
23
|
+
> For static, non-rendered `css` files the hash values have to me calculated and stored in a file. See `Action Items / Shell commands` section about SRI! All the hash-files should be stored in `./_includes/integrity` so they can easy used.
|
|
24
|
+
|
|
25
|
+
The markdown syntax shows the include file with one paramter "the filename".
|
|
26
|
+
|
|
27
|
+
```markdown
|
|
28
|
+
{% include kw-integrity-css.html file='style.scss' %}
|
|
29
|
+
```
|
|
30
|
+
|
|
31
|
+
The rendered html will use the default path, the css file and the calculated hash.
|
|
32
|
+
|
|
33
|
+
```html
|
|
34
|
+
<link rel="stylesheet" href="/assets/css/style.css" integrity="sha384-cl6CK1yzEvoM3Sw3dL8YAm/P2VpQiD+mAFVkkb6Bh+23PP1ow2gXXGw4WnQlzO0B" crossorigin="anonymous">
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
The markdown syntax shows the include file with all paramters. All parameter can be omit. The **default values** are file = "main.scss", path = "assets/css/" and hash = "sha384".
|
|
38
|
+
|
|
39
|
+
```markdown
|
|
40
|
+
{% include kw-integrity-css.html file='style.scss' path='my/folder/to/css/' hash='sha512' %}
|
|
41
|
+
```
|
|
42
|
+
|
|
43
|
+
### Usage for version `< v0.1.0`
|
|
44
|
+
|
|
45
|
+
Use the [custom tag][Jekyll Liquid] `sri_scss_hash`.
|
|
46
|
+
|
|
47
|
+
> This approach was inspired by [vcsjones.dev Blog] and [vcsjones.dev GitHub].
|
|
48
|
+
|
|
49
|
+
The `html` inside the post or page markdown file, shows a usage of a `scss` file which will be compiled to a `css`. The hash of the integrity will be generated during the build time.
|
|
50
|
+
|
|
51
|
+
```html
|
|
52
|
+
<link rel="stylesheet" href="{{ '/assets/css/kargware.css' | relative_url }}" integrity="{% sri_scss_hash /assets/css/kargware.scss %}" crossorigin="anonymous">
|
|
53
|
+
```
|
|
54
|
+
|
|
55
|
+
The result of the html inside the markdown is the `href` and the `integrity`.
|
|
56
|
+
|
|
57
|
+
```html
|
|
58
|
+
<link rel="stylesheet" href="/assets/css/kargware.css" integrity="sha384-cl6CK1yzEvoM3Sw3dL8YAm/P2VpQiD+mAFVkkb6Bh+23PP1ow2gXXGw4WnQlzO0B" crossorigin="anonymous">
|
|
59
|
+
```
|
|
60
|
+
|
|
11
61
|
## Changelog
|
|
12
62
|
|
|
63
|
+
* 0.1.0 Add html include files to use them with `{% include kw-integrity-css.html %}` or `{% include kw-integrity-js.html %}`
|
|
13
64
|
* 0.0.x Add the custom tag `{% sri_scss_hash %}`
|
|
14
|
-
* 0.1.0 Add html iclude files to use them with `{% include kw-integrity-css.html %}` or `{% include kw-integrity-js.html %}`
|
|
15
65
|
|
|
16
|
-
## Configuration
|
|
66
|
+
## ⚙️ Configuration
|
|
17
67
|
|
|
18
68
|
Add `kw-sri` section to `_config.yml` configure the plugin globally. If you want to use defauls you can ommit the config-section.
|
|
19
69
|
|
|
@@ -32,7 +82,7 @@ kw-sri:
|
|
|
32
82
|
| hash_type | Which kind of integrity hash | sha256, **sha384**, sha512 |
|
|
33
83
|
| write_source_mapping_url | Add the map-file like to the css | false, **true** |
|
|
34
84
|
|
|
35
|
-
## Action Items / Shell commands
|
|
85
|
+
## 🚀 Action Items / Shell commands
|
|
36
86
|
|
|
37
87
|
Run linting and tests
|
|
38
88
|
|
|
@@ -70,7 +120,7 @@ calc-integrity-files:
|
|
|
70
120
|
done
|
|
71
121
|
```
|
|
72
122
|
|
|
73
|
-
## Notes / Hints
|
|
123
|
+
## 📝 Notes / Hints
|
|
74
124
|
|
|
75
125
|
### Appraisal - Gemfile Generator
|
|
76
126
|
|
|
@@ -123,7 +173,7 @@ converter = if defined? site.find_converter_instance
|
|
|
123
173
|
end
|
|
124
174
|
```
|
|
125
175
|
|
|
126
|
-
|
|
176
|
+
### Setup Steps
|
|
127
177
|
|
|
128
178
|
```sh
|
|
129
179
|
bundle init
|
|
@@ -138,5 +188,26 @@ bundle add redcarpet
|
|
|
138
188
|
bundle add shoulda
|
|
139
189
|
```
|
|
140
190
|
|
|
191
|
+
## 👋 Big Thanks to my inspiration sources
|
|
192
|
+
|
|
193
|
+
* `SRI with Jekyll` [vcsjones.dev Blog] and [vcsjones.dev GitHub]
|
|
194
|
+
* [GitHub Project jekyll/jekyll]
|
|
195
|
+
* [GitHub Project Shopify/liquid]
|
|
196
|
+
* [Medium wrap-your-assets-in-a-gem]
|
|
197
|
+
* `Use jekyll filter scssify` [andreaverlicchi blog scssify]
|
|
198
|
+
* [Blog How to create customizable Liquid tags in Jekyll]
|
|
199
|
+
* [Ruby Module Digest]
|
|
200
|
+
|
|
201
|
+
[Jekyll Website]: https://jekyllrb.com/
|
|
202
|
+
[Jekyll Liquid]: https://jekyllrb.com/docs/liquid/
|
|
203
|
+
[Jekyll Includes]: https://jekyllrb.com/docs/includes/
|
|
141
204
|
[Wikipedia SRI]: https://en.wikipedia.org/wiki/Subresource_Integrity
|
|
142
|
-
[Mozilla Subresource Integrity]: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
|
|
205
|
+
[Mozilla Subresource Integrity]: https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
|
|
206
|
+
[vcsjones.dev Blog]: https://vcsjones.dev/2016/11/02/sri-with-jekyll/
|
|
207
|
+
[vcsjones.dev GitHub]: https://github.com/vcsjones/vcsjones.dev/tree/main
|
|
208
|
+
[GitHub Project jekyll/jekyll]: https://github.com/jekyll/jekyll
|
|
209
|
+
[GitHub Project Shopify/liquid]: https://github.com/Shopify/liquid
|
|
210
|
+
[andreaverlicchi blog scssify]: https://www.andreaverlicchi.eu/critical-css-jekyll-sass-github-pages/
|
|
211
|
+
[Ruby Module Digest]: https://ruby-doc.com/stdlib/libdoc/digest/rdoc/Digest.html
|
|
212
|
+
[Blog How to create customizable Liquid tags in Jekyll]: https://blog.sverrirs.com/2016/04/custom-jekyll-tags.html
|
|
213
|
+
[Medium wrap-your-assets-in-a-gem]: https://medium.com/@paulfarino/wrap-your-assets-in-a-gem-3ad7ecf5b075
|
|
@@ -1 +1,18 @@
|
|
|
1
|
-
|
|
1
|
+
{% assign para_file = include.file | default: "script.js" %}
|
|
2
|
+
{% assign para_path = include.path | default: "assets/js/" %}
|
|
3
|
+
{% assign para_hash = include.hash | default: "sha384" %}
|
|
4
|
+
|
|
5
|
+
{% assign target_file = para_path | append: para_file %}
|
|
6
|
+
{% assign integrity_file = "/integrity/" | append: para_file | append: "." | append: para_hash %}
|
|
7
|
+
|
|
8
|
+
{% comment %}{% raw %}
|
|
9
|
+
<!-- DEBUG BEGINN
|
|
10
|
+
{{ para_file }}
|
|
11
|
+
{{ para_path }}
|
|
12
|
+
{{ para_hash }}
|
|
13
|
+
{{ target_file }}
|
|
14
|
+
{{ integrity_file }}
|
|
15
|
+
DEBUG END -->
|
|
16
|
+
{% endraw %}{% endcomment %}
|
|
17
|
+
|
|
18
|
+
<script src="{{ target_file }}" integrity="{{ para_hash }}-{% include {{ integrity_file }} %}" crossorigin="anonymous"></script>
|
data/lib/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: jekyll-kw-sri
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Nicolas Karg
|
|
@@ -9,22 +9,22 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2020-11-
|
|
12
|
+
date: 2020-11-13 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: jekyll
|
|
16
16
|
requirement: !ruby/object:Gem::Requirement
|
|
17
17
|
requirements:
|
|
18
|
-
- - "
|
|
18
|
+
- - ">="
|
|
19
19
|
- !ruby/object:Gem::Version
|
|
20
|
-
version: '
|
|
20
|
+
version: '3.8'
|
|
21
21
|
type: :runtime
|
|
22
22
|
prerelease: false
|
|
23
23
|
version_requirements: !ruby/object:Gem::Requirement
|
|
24
24
|
requirements:
|
|
25
|
-
- - "
|
|
25
|
+
- - ">="
|
|
26
26
|
- !ruby/object:Gem::Version
|
|
27
|
-
version: '
|
|
27
|
+
version: '3.8'
|
|
28
28
|
description: Jekyll plugin which calculate the integrity hash of CSS (SCSS, SASS)
|
|
29
29
|
and JS.
|
|
30
30
|
email: rubygems.org@n13.org
|
|
@@ -52,7 +52,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
52
52
|
requirements:
|
|
53
53
|
- - ">="
|
|
54
54
|
- !ruby/object:Gem::Version
|
|
55
|
-
version: '2.
|
|
55
|
+
version: '2.4'
|
|
56
56
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
57
57
|
requirements:
|
|
58
58
|
- - ">="
|