mirror of https://github.com/jekyll/jekyll.git synced 2026-01-30 17:28:29 -05:00

Go to file

Christian Vuerings ec90210ed4 Security fix: OSVDB-120415 - Upgrade redcarpet to 3.2

*Note*: Please release a new gem version of jekyll after merging this.

More information at:
http://osvdb.org/show/osvdb/120415

`redcarpet Gem for Ruby contains a flaw that allows a cross-site scripting (XSS) attack. This flaw exists because the parse_inline() function in markdown.c does not validate input before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server.`

9fc00d0814
8e707ebb94
http://social.schiessle.org/display/b38b1460c2b201329b1f4860008dbc6c
https://gemnasium.com/gems/redcarpet/versions/3.2.3

/cc @parkr @envygeeks

2015-04-13 08:01:16 -07:00

benchmark

Add benchmark for end_with? vs regexp

2015-02-25 11:57:49 -08:00

bin

bin/jekyll: with no args, exit with exit code 1

2015-03-25 19:03:14 -07:00

features

Use rspec-mock instead of rr

2015-03-06 20:13:07 -05:00

lib

Convertible#read_yaml should return self.data.

2015-04-11 15:42:58 -04:00

script

added the --profile flag to make use of the minitest-profile tool

2015-03-30 17:53:40 +02:00

site

Merge branch 'davidsilvasmith-origin/patch-3'

2015-04-10 17:23:43 -04:00

test

Merge pull request #3608 from nickburlett/patch/incremental-build

2015-04-10 16:51:56 -04:00

.gitignore

DRY up the StaticFile tests a bit. #3633 .

2015-04-10 16:24:45 -04:00

.travis.yml

Fix bad tabbing.

2015-01-14 05:45:49 -06:00

circle.yml

Don't duplicate work.

2015-02-07 23:52:00 -08:00

CONTRIBUTING.markdown

Point to the right path for the docs folder.

2015-03-20 10:14:59 -05:00

Gemfile

Security fix: OSVDB-120415 - Upgrade redcarpet to 3.2

2015-04-13 08:01:16 -07:00

History.markdown

Update history to reflect merge of #3468 [ci skip]

2015-04-10 17:29:39 -04:00

jekyll.gemspec

Move previous runtime dependencies to development dependencies.

2015-01-31 13:53:17 -08:00

LICENSE

Update LICENSE to 2015.

2015-02-17 22:17:25 +01:00

Rakefile

Release jekyllrb.com as a locally-compiled site.

2015-02-07 22:09:43 -08:00

README.markdown

Removed inconsistency with period

2015-04-04 14:08:28 -07:00

README.markdown

Jekyll

By Tom Preston-Werner, Nick Quaranto, Parker Moore, and many awesome contributors!

Jekyll is a simple, blog-aware, static site generator perfect for personal, project, or organization sites. Think of it like a file-based CMS, without all the complexity. Jekyll takes your content, renders Markdown and Liquid templates, and spits out a complete, static website ready to be served by Apache, Nginx or another web server. Jekyll is the engine behind GitHub Pages, which you can use to host sites right from your GitHub repositories.

Philosophy

Jekyll does what you tell it to do — no more, no less. It doesn't try to outsmart users by making bold assumptions, nor does it burden them with needless complexity and configuration. Put simply, Jekyll gets out of your way and allows you to concentrate on what truly matters: your content.

Getting Started

Install the gem
Read up about its Usage and Configuration
Take a gander at some existing Sites
Fork and Contribute your own modifications
Have questions? Check out #jekyll on irc.freenode.net

Diving In

Migrate from your previous system
Learn how the YAML Front Matter works
Put information on your site with Variables
Customize the Permalinks your posts are generated with
Use the built-in Liquid Extensions to make your life easier
Use custom Plugins to generate content specific to your site

License

See LICENSE.

Languages

Ruby 70.6%

Gherkin 23.2%

JavaScript 3.7%

HTML 1.2%

Shell 0.8%

Other 0.4%