├── .github ├── CODEOWNERS ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── feature_request.md ├── config.yml ├── dependabot.yml ├── funding.yml ├── no-response.yml ├── release-drafter.yml ├── settings.yml ├── stale.yml └── workflows │ ├── ci.yml │ └── codeql-analysis.yml ├── .gitignore ├── .rspec ├── .rubocop.yml ├── Gemfile ├── LICENSE ├── README.md ├── docs ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md └── SECURITY.md ├── jekyll-remote-theme.gemspec ├── lib ├── jekyll-remote-theme.rb └── jekyll-remote-theme │ ├── downloader.rb │ ├── mock_gemspec.rb │ ├── munger.rb │ ├── theme.rb │ └── version.rb ├── script ├── bootstrap ├── cibuild └── console └── spec ├── fixtures ├── gemspecs │ ├── alldeps.gemspec │ ├── braces.gemspec │ ├── nodeps.gemspec │ └── rundev.gemspec ├── site-without-theme │ └── index.md └── site │ ├── _config.yml │ ├── _malicious_config.yml │ └── index.md ├── jekyll-remote-theme ├── downloader_spec.rb ├── integration_spec.rb ├── mock_gemspec_spec.rb ├── munger_spec.rb └── theme_spec.rb ├── jekyll_remote_theme_spec.rb └── spec_helper.rb /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | # Require @benbalter's :+1: for changes to the .github repo-config files 2 | # mainly due to https://github.com/probot/settings privilege escalation 3 | .github/* @benbalter 4 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | 5 | --- 6 | 7 | ### Describe the bug 8 | 9 | A clear and concise description of what the bug is. 10 | 11 | ### Steps to reproduce the behavior 12 | 13 | 1. Go to '...' 14 | 2. Click on '....' 15 | 3. Scroll down to '....' 16 | 4. See error 17 | 18 | ### Expected behavior 19 | 20 | A clear and concise description of what you expected to happen. 21 | 22 | ### Screenshots 23 | 24 | If applicable, add screenshots to help explain your problem. 25 | 26 | ### Additional context 27 | 28 | Add any other context about the problem here. 29 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | 5 | --- 6 | 7 | ### Is your feature request related to a problem? Please describe the problem you're trying to solve. 8 | 9 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 10 | 11 | ### Describe the solution you'd like 12 | 13 | A clear and concise description of what you want to happen. 14 | 15 | ### Describe alternatives you've considered 16 | 17 | A clear and concise description of any alternative solutions or features you've considered. 18 | 19 | ### Additional context 20 | 21 | Add any other context or screenshots about the feature request here. 22 | -------------------------------------------------------------------------------- /.github/config.yml: -------------------------------------------------------------------------------- 1 | # Behaviorbot config. See https://github.com/behaviorbot/ for more information. 2 | # Note: Please Don't edit this file directly. 3 | # Edit https://github.com/benbalter/shared-community-files instead. 4 | 5 | # Configuration for update-docs - https://github.com/behaviorbot/update-docs 6 | updateDocsComment: "Thanks for the pull request! If you are making any changes to the user-facing functionality, please be sure to update the documentation in the `README` or `docs/` folder alongside your change. :heart:" 7 | 8 | # Configuration for request-info - https://github.com/behaviorbot/request-info 9 | requestInfoReplyComment: Thanks for this. Do you mind providing a bit more information about what problem you're trying to solve? 10 | requestInfoLabelToAdd: more-information-needed 11 | 12 | # Configuration for new-issue-welcome - https://github.com/behaviorbot/new-issue-welcome 13 | #newIssueWelcomeComment: > 14 | # Welcome! 15 | 16 | # Configuration for new-pr-welcome - https://github.com/behaviorbot/new-pr-welcome 17 | newPRWelcomeComment: Welcome! Congrats on your first pull request to Jekyll Remote Theme. If you haven't already, please be sure to check out [the contributing guidelines](https://github.com/benbalter/jekyll-remote-theme/blob/master/docs/CONTRIBUTING.md). 18 | 19 | # Configuration for first-pr-merge - https://github.com/behaviorbot/first-pr-merge 20 | firstPRMergeComment: "Congrats on getting your first pull request to Jekyll Remote Theme merged! Without amazing humans like you submitting pull requests, we couldn’t run this project. You rock! :tada:

If you're interested in tackling another bug or feature, take a look at [the open issues](https://github.com/benbalter/jekyll-remote-theme/issues), especially those [labeled `help wanted`](https://github.com/benbalter/jekyll-remote-theme/issues?q=is%3Aopen+is%3Aissue+label%3A%22help+wanted%22)." 21 | 22 | # Bug workaround 23 | contact_links: [] 24 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | updates: 3 | - package-ecosystem: bundler 4 | directory: "/" 5 | schedule: 6 | interval: weekly 7 | - package-ecosystem: "github-actions" 8 | directory: / 9 | schedule: 10 | interval: weekly 11 | -------------------------------------------------------------------------------- /.github/funding.yml: -------------------------------------------------------------------------------- 1 | patreon: benbalter 2 | -------------------------------------------------------------------------------- /.github/no-response.yml: -------------------------------------------------------------------------------- 1 | # Configuration for probot-no-response - https://github.com/probot/no-response 2 | # Note: Please Don't edit this file directly. 3 | # Edit https://github.com/benbalter/shared-community-files instead. 4 | 5 | # Number of days of inactivity before an Issue is closed for lack of response 6 | daysUntilClose: 14 7 | # Label requiring a response 8 | responseRequiredLabel: more-information-needed 9 | # Comment to post when closing an Issue for lack of response. Set to `false` to disable 10 | closeComment: > 11 | This issue has been automatically closed because there has been no response 12 | to our request for more information from the original author. With only the 13 | information that is currently in the issue, we don't have enough information 14 | to take action. Please reach out if you have or find the answers we need so 15 | that we can investigate further. 16 | -------------------------------------------------------------------------------- /.github/release-drafter.yml: -------------------------------------------------------------------------------- 1 | template: | 2 | ## What's Changed 3 | 4 | $CHANGES 5 | -------------------------------------------------------------------------------- /.github/settings.yml: -------------------------------------------------------------------------------- 1 | # Repository settings set via https://github.com/probot/settings 2 | # Note: Please Don't edit this file directly. 3 | # Edit https://github.com/benbalter/shared-community-files instead. 4 | 5 | repository: 6 | has_issues: true 7 | has_wiki: false 8 | has_projects: false 9 | has_downloads: false 10 | 11 | labels: 12 | - name: help wanted 13 | oldname: help-wanted 14 | color: 0e8a16 15 | - name: more-information-needed 16 | color: d93f0b 17 | - name: bug 18 | color: b60205 19 | - name: feature 20 | color: 1d76db 21 | - name: good first issue 22 | color: "5319e7" 23 | 24 | # Not currently implemented by probot/settings, but manually implemented in script/deploy 25 | branch_protection: 26 | restrictions: null 27 | enforce_admins: false 28 | required_status_checks: 29 | strict: true 30 | contexts: 31 | - "continuous-integration/travis-ci" 32 | required_pull_request_reviews: 33 | require_code_owner_reviews: true 34 | -------------------------------------------------------------------------------- /.github/stale.yml: -------------------------------------------------------------------------------- 1 | # Configuration for probot-stale - https://github.com/probot/stale 2 | # Note: Please Don't edit this file directly. 3 | # Edit https://github.com/benbalter/shared-community-files instead. 4 | 5 | # Number of days of inactivity before an Issue or Pull Request becomes stale 6 | daysUntilStale: 60 7 | 8 | # Number of days of inactivity before a stale Issue or Pull Request is closed 9 | daysUntilClose: 7 10 | 11 | # Issues or Pull Requests with these labels will never be considered stale 12 | exemptLabels: 13 | - pinned 14 | - security 15 | 16 | # Label to use when marking as stale 17 | staleLabel: wontfix 18 | 19 | # Comment to post when marking as stale. Set to `false` to disable 20 | markComment: > 21 | This issue has been automatically marked as stale because it has not had 22 | recent activity. It will be closed if no further activity occurs. Thank you 23 | for your contributions. 24 | 25 | # Comment to post when closing a stale Issue or Pull Request. Set to `false` to disable 26 | closeComment: false 27 | 28 | # Limit to only `issues` or `pulls` 29 | # only: issues 30 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | name: CI 2 | 3 | on: 4 | push: 5 | branches: 6 | - master 7 | pull_request: 8 | 9 | jobs: 10 | test: 11 | runs-on: ubuntu-latest 12 | strategy: 13 | matrix: 14 | jekyll_version: 15 | - "~> 3.0" 16 | - "~> 4.0" 17 | 18 | steps: 19 | - uses: actions/checkout@v4 20 | 21 | - name: Set up Ruby 22 | uses: ruby/setup-ruby@v1 23 | with: 24 | ruby-version: '3.3' 25 | bundler-cache: true # Runs bundle install and caches installed gems 26 | 27 | - name: Install dependencies 28 | run: script/bootstrap 29 | env: 30 | JEKYLL_VERSION: ${{ matrix.jekyll_version }} 31 | 32 | - name: Run tests 33 | run: script/cibuild 34 | env: 35 | JEKYLL_VERSION: ${{ matrix.jekyll_version }} 36 | -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis.yml: -------------------------------------------------------------------------------- 1 | # For most projects, this workflow file will not need changing; you simply need 2 | # to commit it to your repository. 3 | # 4 | # You may wish to alter this file to override the set of languages analyzed, 5 | # or to provide custom queries or build logic. 6 | # 7 | # ******** NOTE ******** 8 | # We have attempted to detect the languages in your repository. Please check 9 | # the `language` matrix defined below to confirm you have the correct set of 10 | # supported CodeQL languages. 11 | # 12 | name: "CodeQL" 13 | 14 | on: 15 | push: 16 | branches: [ master ] 17 | pull_request: 18 | # The branches below must be a subset of the branches above 19 | branches: [ master ] 20 | schedule: 21 | - cron: '23 17 * * 4' 22 | 23 | jobs: 24 | analyze: 25 | name: Analyze 26 | runs-on: ubuntu-latest 27 | permissions: 28 | actions: read 29 | contents: read 30 | security-events: write 31 | 32 | strategy: 33 | fail-fast: false 34 | matrix: 35 | language: [ 'ruby' ] 36 | # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] 37 | # Learn more about CodeQL language support at https://git.io/codeql-language-support 38 | 39 | steps: 40 | - name: Checkout repository 41 | uses: actions/checkout@v2 42 | 43 | # Initializes the CodeQL tools for scanning. 44 | - name: Initialize CodeQL 45 | uses: github/codeql-action/init@v1 46 | with: 47 | languages: ${{ matrix.language }} 48 | # If you wish to specify custom queries, you can do so here or in a config file. 49 | # By default, queries listed here will override any specified in a config file. 50 | # Prefix the list here with "+" to use these queries and those in the config file. 51 | # queries: ./path/to/local/query, your-org/your-repo/queries@main 52 | 53 | # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). 54 | # If this step fails, then you should remove it and run the build manually (see below) 55 | - name: Autobuild 56 | uses: github/codeql-action/autobuild@v1 57 | 58 | # ℹ️ Command-line programs to run using the OS shell. 59 | # 📚 https://git.io/JvXDl 60 | 61 | # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines 62 | # and modify them (or add more) to build your code if your project 63 | # uses a compiled language 64 | 65 | #- run: | 66 | # make bootstrap 67 | # make release 68 | 69 | - name: Perform CodeQL Analysis 70 | uses: github/codeql-action/analyze@v1 71 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | Gemfile.lock 2 | spec/examples.txt 3 | *.gem 4 | tmp/ 5 | spec/fixtures/site/.jekyll-cache 6 | vendor/ 7 | .bundle/ -------------------------------------------------------------------------------- /.rspec: -------------------------------------------------------------------------------- 1 | --require spec_helper 2 | -------------------------------------------------------------------------------- /.rubocop.yml: -------------------------------------------------------------------------------- 1 | require: rubocop-jekyll 2 | inherit_gem: 3 | rubocop-jekyll: .rubocop.yml 4 | 5 | AllCops: 6 | Exclude: 7 | - vendor/**/* 8 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | source "https://rubygems.org" 4 | 5 | gemspec 6 | 7 | gem "jekyll", ENV["JEKYLL_VERSION"] if ENV["JEKYLL_VERSION"] 8 | gem "jekyll-github-metadata", :github => "jekyll/github-metadata" 9 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2017 Ben Balter 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Jekyll Remote Theme 2 | 3 | Jekyll plugin for building Jekyll sites with any public GitHub-hosted theme 4 | 5 | [![Gem Version](https://badge.fury.io/rb/jekyll-remote-theme.svg)](https://badge.fury.io/rb/jekyll-remote-theme) [![CI](https://github.com/benbalter/jekyll-remote-theme/workflows/CI/badge.svg)](https://github.com/benbalter/jekyll-remote-theme/actions?query=workflow%3ACI) [![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg?style=flat-square)](http://makeapullrequest.com) 6 | 7 | 8 | ## Usage 9 | 10 | 1. Add the following to your Gemfile 11 | 12 | ```ruby 13 | gem "jekyll-remote-theme" 14 | ``` 15 | 16 | and run `bundle install` to install the plugin 17 | 18 | 2. Add the following to your site's `_config.yml` to activate the plugin 19 | 20 | ```yml 21 | plugins: 22 | - jekyll-remote-theme 23 | ``` 24 | Note: If you are using a Jekyll version less than 3.5.0, use the `gems` key instead of `plugins`. 25 | 26 | 3. Add the following to your site's `_config.yml` to choose your theme 27 | 28 | ```yml 29 | remote_theme: benbalter/retlab 30 | ``` 31 | or 1 32 | ```yml 33 | remote_theme: http[s]://github..com/benbalter/retlab 34 | ``` 35 | 1 The codeload subdomain needs to be available on your github enterprise instance for this to work. 36 | 37 | ## Declaring your theme 38 | 39 | Remote themes are specified by the `remote_theme` key in the site's config. 40 | 41 | For public GitHub, remote themes must be in the form of `OWNER/REPOSITORY`, and must represent a public GitHub-hosted Jekyll theme. See [the Jekyll documentation](https://jekyllrb.com/docs/themes/) for more information on authoring a theme. Note that you do not need to upload the gem to RubyGems or include a `.gemspec` file. 42 | 43 | You may also optionally specify a branch, tag, or commit to use by appending an `@` and the Git ref (e.g., `benbalter/retlab@v1.0.0` or `benbalter/retlab@develop`). If you don't specify a Git ref, the `HEAD` ref will be used. 44 | 45 | For Enterprise GitHub, remote themes must be in the form of `http[s]://GITHUBHOST.com/OWNER/REPOSITORY`, and must represent a public (non-private repository) GitHub-hosted Jekyll theme. Other than requiring the fully qualified domain name of the enterprise GitHub instance, this works exactly the same as the public usage. 46 | 47 | ## Debugging 48 | 49 | Adding `--verbose` to the `build` or `serve` command may provide additional information. 50 | -------------------------------------------------------------------------------- /docs/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation. 6 | 7 | ## Our Standards 8 | 9 | Examples of behavior that contributes to creating a positive environment include: 10 | 11 | * Using welcoming and inclusive language 12 | * Being respectful of differing viewpoints and experiences 13 | * Gracefully accepting constructive criticism 14 | * Focusing on what is best for the community 15 | * Showing empathy towards other community members 16 | 17 | Examples of unacceptable behavior by participants include: 18 | 19 | * The use of sexualized language or imagery and unwelcome sexual attention or advances 20 | * Trolling, insulting/derogatory comments, and personal or political attacks 21 | * Public or private harassment 22 | * Publishing others' private information, such as a physical or electronic address, without explicit permission 23 | * Other conduct which could reasonably be considered inappropriate in a professional setting 24 | 25 | ## Our Responsibilities 26 | 27 | Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. 28 | 29 | Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. 30 | 31 | ## Scope 32 | 33 | This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers. 34 | 35 | ## Enforcement 36 | 37 | Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at ben@balter.com. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. 38 | 39 | Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. 40 | 41 | ## Attribution 42 | 43 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version] 44 | 45 | [homepage]: http://contributor-covenant.org 46 | [version]: http://contributor-covenant.org/version/1/4/ 47 | -------------------------------------------------------------------------------- /docs/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing to Jekyll Remote Theme 2 | 3 | Hi there! We're thrilled that you'd like to contribute to Jekyll Remote Theme. Your help is essential for keeping it great. 4 | 5 | Jekyll Remote Theme is an open source project supported by the efforts of an entire community and built one contribution at a time by users like you. We'd love for you to get involved. Whatever your level of skill or however much time you can give, your contribution is greatly appreciated. There are many ways to contribute, from writing tutorials or blog posts, improving the documentation, submitting bug reports and feature requests, helping other users by commenting on issues, or writing code which can be incorporated into Jekyll Remote Theme itself. 6 | 7 | Following these guidelines helps to communicate that you respect the time of the developers managing and developing this open source project. In return, they should reciprocate that respect in addressing your issue, assessing changes, and helping you finalize your pull requests. 8 | 9 | 10 | 11 | ## How to report a bug 12 | 13 | Think you found a bug? Please check [the list of open issues](https://github.com/benbalter/jekyll-remote-theme/issues) to see if your bug has already been reported. If it hasn't please [submit a new issue](https://github.com/benbalter/jekyll-remote-theme/issues/new). 14 | 15 | Here are a few tips for writing *great* bug reports: 16 | 17 | * Describe the specific problem (e.g., "widget doesn't turn clockwise" versus "getting an error") 18 | * Include the steps to reproduce the bug, what you expected to happen, and what happened instead 19 | * Check that you are using the latest version of the project and its dependencies 20 | * Include what version of the project your using, as well as any relevant dependencies 21 | * Only include one bug per issue. If you have discovered two bugs, please file two issues 22 | * Include screenshots or screencasts whenever possible 23 | * Even if you don't know how to fix the bug, including a failing test may help others track it down 24 | 25 | **If you find a security vulnerability, do not open an issue. Please email ben@balter.com instead.** 26 | 27 | ## How to suggest a feature or enhancement 28 | 29 | If you find yourself wishing for a feature that doesn't exist in Jekyll Remote Theme, you are probably not alone. There are bound to be others out there with similar needs. Many of the features that Jekyll Remote Theme has today have been added because our users saw the need. 30 | 31 | Feature requests are welcome. But take a moment to find out whether your idea fits with the scope and goals of the project. It's up to you to make a strong case to convince the project's developers of the merits of this feature. Please provide as much detail and context as possible, including describing the problem you're trying to solve. 32 | 33 | [Open an issue](https://github.com/benbalter/jekyll-remote-theme/issues/new) which describes the feature you would like to see, why you want it, how it should work, etc. 34 | 35 | 36 | 37 | ## Your first contribution 38 | 39 | We'd love for you to contribute to the project. Unsure where to begin contributing to Jekyll Remote Theme? You can start by looking through these "good first issue" and "help wanted" issues: 40 | 41 | * [Good first issues](https://github.com/benbalter/jekyll-remote-theme/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22) - issues which should only require a few lines of code and a test or two 42 | * [Help wanted issues](https://github.com/benbalter/jekyll-remote-theme/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22) - issues which may be a bit more involved, but are specifically seeking community contributions 43 | 44 | *p.s. Feel free to ask for help; everyone is a beginner at first* :smiley_cat: 45 | 46 | ## How to propose changes 47 | 48 | Here's a few general guidelines for proposing changes: 49 | 50 | * If you are changing any user-facing functionality, please be sure to update the documentation 51 | * If you are adding a new behavior or changing an existing behavior, please be sure to update the corresponding test(s) 52 | * Each pull request should implement **one** feature or bug fix. If you want to add or fix more than one thing, submit more than one pull request 53 | * Do not commit changes to files that are irrelevant to your feature or bug fix 54 | * Don't bump the version number in your pull request (it will be bumped prior to release) 55 | * Write [a good commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) 56 | 57 | At a high level, [the process for proposing changes](https://guides.github.com/introduction/flow/) is: 58 | 59 | 1. [Fork](https://github.com/benbalter/jekyll-remote-theme/fork) and clone the project 60 | 2. Configure and install the dependencies: `script/bootstrap` 61 | 3. Make sure the tests pass on your machine: `script/cibuild` 62 | 4. Create a descriptively named branch: `git checkout -b my-branch-name` 63 | 5. Make your change, add tests and documentation, and make sure the tests still pass 64 | 6. Push to your fork and [submit a pull request](https://github.com/benbalter/jekyll-remote-theme/compare) describing your change 65 | 7. Pat your self on the back and wait for your pull request to be reviewed and merged 66 | 67 | **Interesting in submitting your first Pull Request?** It's easy! You can learn how from this *free* series [How to Contribute to an Open Source Project on GitHub](https://egghead.io/series/how-to-contribute-to-an-open-source-project-on-github) 68 | 69 | ## Bootstrapping your local development environment 70 | 71 | `script/bootstrap` 72 | 73 | ## Running tests 74 | 75 | `script/cibuild` 76 | 77 | ## Code of conduct 78 | 79 | This project is governed by [the Contributor Covenant Code of Conduct](CODE_OF_CONDUCT.md). By participating, you are expected to uphold this code. 80 | 81 | ## Additional Resources 82 | 83 | * [Contributing to Open Source on GitHub](https://guides.github.com/activities/contributing-to-open-source/) 84 | * [Using Pull Requests](https://help.github.com/articles/using-pull-requests/) 85 | * [GitHub Help](https://help.github.com) 86 | -------------------------------------------------------------------------------- /docs/SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | To report a security vulnerability, please email [ben@balter.com](mailto:ben@balter.com). 4 | -------------------------------------------------------------------------------- /jekyll-remote-theme.gemspec: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | $LOAD_PATH.unshift File.expand_path("lib", __dir__) 4 | require "jekyll-remote-theme/version" 5 | 6 | Gem::Specification.new do |s| 7 | s.name = "jekyll-remote-theme" 8 | s.version = Jekyll::RemoteTheme::VERSION 9 | s.authors = ["Ben Balter"] 10 | s.email = ["ben.balter@github.com"] 11 | s.homepage = "https://github.com/benbalter/jekyll-remote-theme" 12 | s.summary = "Jekyll plugin for building Jekyll sites with any GitHub-hosted theme" 13 | 14 | s.files = `git ls-files app lib`.split("\n") 15 | s.require_paths = ["lib"] 16 | s.license = "MIT" 17 | 18 | s.add_dependency "addressable", "~> 2.0" 19 | s.add_dependency "jekyll", ">= 3.5", "< 5.0" 20 | s.add_dependency "jekyll-sass-converter", ">= 1.0", "<= 3.0.0", "!= 2.0.0" 21 | s.add_dependency "rubyzip", ">= 1.3.0", "< 3.0" 22 | 23 | s.add_development_dependency "jekyll-theme-primer", "~> 0.5" 24 | s.add_development_dependency "jekyll_test_plugin_malicious", "~> 0.2" 25 | s.add_development_dependency "kramdown-parser-gfm", "~> 1.0" 26 | s.add_development_dependency "pry", "~> 0.11" 27 | s.add_development_dependency "rspec", "~> 3.0" 28 | s.add_development_dependency "rubocop", "~> 0.71" 29 | s.add_development_dependency "rubocop-jekyll", "~> 0.10" 30 | s.add_development_dependency "webmock", "~> 3.0" 31 | s.required_ruby_version = ">= 2.3.0" 32 | end 33 | -------------------------------------------------------------------------------- /lib/jekyll-remote-theme.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require "jekyll" 4 | require "fileutils" 5 | require "tempfile" 6 | require "addressable" 7 | require "net/http" 8 | require "zip" 9 | 10 | $LOAD_PATH.unshift(File.dirname(__FILE__)) 11 | 12 | module Jekyll 13 | module RemoteTheme 14 | class DownloadError < StandardError; end 15 | 16 | autoload :Downloader, "jekyll-remote-theme/downloader" 17 | autoload :MockGemspec, "jekyll-remote-theme/mock_gemspec" 18 | autoload :Munger, "jekyll-remote-theme/munger" 19 | autoload :Theme, "jekyll-remote-theme/theme" 20 | autoload :VERSION, "jekyll-remote-theme/version" 21 | 22 | CONFIG_KEY = "remote_theme" 23 | LOG_KEY = "Remote Theme:" 24 | TEMP_PREFIX = "jekyll-remote-theme-" 25 | 26 | def self.init(site) 27 | Munger.new(site).munge! 28 | end 29 | end 30 | end 31 | 32 | Jekyll::Hooks.register :site, :after_reset do |site| 33 | Jekyll::RemoteTheme.init(site) 34 | end 35 | -------------------------------------------------------------------------------- /lib/jekyll-remote-theme/downloader.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | module Jekyll 4 | module RemoteTheme 5 | class Downloader 6 | PROJECT_URL = "https://github.com/benbalter/jekyll-remote-theme" 7 | USER_AGENT = "Jekyll Remote Theme/#{VERSION} (+#{PROJECT_URL})" 8 | MAX_FILE_SIZE = 1 * (1024 * 1024 * 1024) # Size in bytes (1 GB) 9 | NET_HTTP_ERRORS = [ 10 | Timeout::Error, Errno::EINVAL, Errno::ECONNRESET, EOFError, Net::OpenTimeout, 11 | Net::HTTPBadResponse, Net::HTTPHeaderSyntaxError, Net::ProtocolError, 12 | ].freeze 13 | 14 | def initialize(theme) 15 | @theme = theme 16 | end 17 | 18 | def run 19 | if downloaded? 20 | Jekyll.logger.debug LOG_KEY, "Using existing #{theme.name_with_owner}" 21 | return 22 | end 23 | 24 | download 25 | unzip 26 | end 27 | 28 | def downloaded? 29 | @downloaded ||= theme_dir_exists? && !theme_dir_empty? 30 | end 31 | 32 | private 33 | 34 | attr_reader :theme 35 | 36 | def zip_file 37 | @zip_file ||= Tempfile.new([TEMP_PREFIX, ".zip"], :binmode => true) 38 | end 39 | 40 | def download 41 | Jekyll.logger.debug LOG_KEY, "Downloading #{zip_url} to #{zip_file.path}" 42 | Net::HTTP.start(zip_url.host, zip_url.port, :use_ssl => true) do |http| 43 | http.request(request) do |response| 44 | raise_unless_sucess(response) 45 | enforce_max_file_size(response.content_length) 46 | response.read_body do |chunk| 47 | zip_file.write chunk 48 | end 49 | end 50 | end 51 | @downloaded = true 52 | rescue *NET_HTTP_ERRORS => e 53 | raise DownloadError, e.message 54 | end 55 | 56 | def request 57 | return @request if defined? @request 58 | 59 | @request = Net::HTTP::Get.new zip_url.request_uri 60 | @request["User-Agent"] = USER_AGENT 61 | @request 62 | end 63 | 64 | def raise_unless_sucess(response) 65 | return if response.is_a?(Net::HTTPSuccess) 66 | 67 | raise DownloadError, "#{response.code} - #{response.message} - Loading URL: #{zip_url}" 68 | end 69 | 70 | def enforce_max_file_size(size) 71 | return unless size && size > MAX_FILE_SIZE 72 | 73 | raise DownloadError, "Maximum file size of #{MAX_FILE_SIZE} bytes exceeded" 74 | end 75 | 76 | def unzip 77 | Jekyll.logger.debug LOG_KEY, "Unzipping #{zip_file.path} to #{theme.root}" 78 | 79 | # File IO is already open, rewind pointer to start of file to read 80 | zip_file.rewind 81 | 82 | Zip::File.open(zip_file) do |archive| 83 | archive.each { |file| file.extract path_without_name_and_ref(file.name) } 84 | end 85 | ensure 86 | zip_file.close 87 | zip_file.unlink 88 | end 89 | 90 | # Full URL to codeload zip download endpoint for the given theme 91 | def zip_url 92 | @zip_url ||= Addressable::URI.new( 93 | :scheme => theme.scheme, 94 | :host => "codeload.#{theme.host}", 95 | :path => [theme.owner, theme.name, "zip", theme.git_ref].join("/") 96 | ).normalize 97 | end 98 | 99 | def theme_dir_exists? 100 | theme.root && Dir.exist?(theme.root) 101 | end 102 | 103 | def theme_dir_empty? 104 | Dir["#{theme.root}/*"].empty? 105 | end 106 | 107 | # Codeload generated zip files contain a top level folder in the form of 108 | # THEME_NAME-GIT_REF/. While requests for Git repos are case insensitive, 109 | # the zip subfolder will respect the case in the repository's name, thus 110 | # making it impossible to predict the true path to the theme. In case we're 111 | # on a case-sensitive file system, strip the parent folder from all paths. 112 | def path_without_name_and_ref(path) 113 | Jekyll.sanitized_path theme.root, path.split("/").drop(1).join("/") 114 | end 115 | end 116 | end 117 | end 118 | -------------------------------------------------------------------------------- /lib/jekyll-remote-theme/mock_gemspec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | module Jekyll 4 | module RemoteTheme 5 | # Jekyll::Theme expects the theme's gemspec to tell it things like 6 | # the path to the theme and runtime dependencies. MockGemspec serves as a 7 | # stand in, since remote themes don't need Gemspecs 8 | class MockGemspec 9 | extend Forwardable 10 | def_delegator :theme, :root, :full_gem_path 11 | 12 | DEPENDENCY_PREFIX = %r!^\s*[a-z]+\.add_(?:runtime_)?dependency!.freeze 13 | DEPENDENCY_REGEX = %r!#{DEPENDENCY_PREFIX}\(?\s*["']([a-z_-]+)["']!.freeze 14 | 15 | def initialize(theme) 16 | @theme = theme 17 | end 18 | 19 | def runtime_dependencies 20 | @runtime_dependencies ||= dependency_names.map do |name| 21 | Gem::Dependency.new(name) 22 | end 23 | end 24 | 25 | private 26 | 27 | def contents 28 | @contents ||= File.read(path, :encoding => "utf-8") if path 29 | end 30 | 31 | def path 32 | @path ||= potential_paths.find { |path| File.exist? path } 33 | end 34 | 35 | def potential_paths 36 | [theme.name, "jekyll-theme-#{theme.name}"].map do |filename| 37 | File.expand_path "#{filename}.gemspec", theme.root 38 | end 39 | end 40 | 41 | def dependency_names 42 | @dependency_names ||= if contents 43 | contents.scan(DEPENDENCY_REGEX).flatten 44 | else 45 | [] 46 | end 47 | end 48 | 49 | attr_reader :theme 50 | end 51 | end 52 | end 53 | -------------------------------------------------------------------------------- /lib/jekyll-remote-theme/munger.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | module Jekyll 4 | module RemoteTheme 5 | class Munger 6 | extend Forwardable 7 | def_delegator :site, :config 8 | attr_reader :site 9 | 10 | def initialize(site) 11 | @site = site 12 | end 13 | 14 | def munge! 15 | return unless raw_theme 16 | 17 | unless theme.valid? 18 | Jekyll.logger.error LOG_KEY, "#{raw_theme.inspect} is not a valid remote theme" 19 | return 20 | end 21 | 22 | Jekyll.logger.info LOG_KEY, "Using theme #{theme.name_with_owner}" 23 | unless munged? 24 | downloader.run 25 | configure_theme 26 | end 27 | enqueue_theme_cleanup 28 | 29 | theme 30 | end 31 | 32 | private 33 | 34 | def munged? 35 | site.theme&.is_a?(Jekyll::RemoteTheme::Theme) 36 | end 37 | 38 | def theme 39 | @theme ||= Theme.new(raw_theme) 40 | end 41 | 42 | def raw_theme 43 | config[CONFIG_KEY] 44 | end 45 | 46 | def downloader 47 | @downloader ||= Downloader.new(theme) 48 | end 49 | 50 | def configure_theme 51 | return unless theme 52 | 53 | site.config["theme"] = theme.name 54 | site.theme = theme 55 | site.theme.configure_sass if site.theme.respond_to?(:configure_sass) 56 | site.send(:configure_include_paths) 57 | site.plugin_manager.require_theme_deps 58 | end 59 | 60 | def enqueue_theme_cleanup 61 | at_exit do 62 | Jekyll.logger.debug LOG_KEY, "Cleaning up #{theme.root}" 63 | FileUtils.rm_rf theme.root 64 | end 65 | end 66 | end 67 | end 68 | end 69 | -------------------------------------------------------------------------------- /lib/jekyll-remote-theme/theme.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | module Jekyll 4 | module RemoteTheme 5 | class Theme < Jekyll::Theme 6 | OWNER_REGEX = %r!(?[a-z0-9\-]+)!i.freeze 7 | NAME_REGEX = %r!(?[a-z0-9\._\-]+)!i.freeze 8 | REF_REGEX = %r!@(?[a-z0-9\._\-]+)!i.freeze # May be a branch, tag, or commit 9 | THEME_REGEX = %r!\A#{OWNER_REGEX}/#{NAME_REGEX}(?:#{REF_REGEX})?\z!i.freeze 10 | 11 | # Initializes a new Jekyll::RemoteTheme::Theme 12 | # 13 | # raw_theme can be in the form of: 14 | # 15 | # 1. owner/theme-name - a GitHub owner + theme-name string 16 | # 2. owner/theme-name@git_ref - a GitHub owner + theme-name + Git ref string 17 | # 3. http[s]://github..com/owner/theme-name 18 | # - An enterprise GitHub instance + a GitHub owner + a theme-name string 19 | # 4. http[s]://github..com/owner/theme-name@git_ref 20 | # - An enterprise GitHub instance + a GitHub owner + a theme-name + Git ref string 21 | def initialize(raw_theme) 22 | @raw_theme = raw_theme.to_s.downcase.strip 23 | super(@raw_theme) 24 | end 25 | 26 | def name 27 | theme_parts[:name] 28 | end 29 | 30 | def owner 31 | theme_parts[:owner] 32 | end 33 | 34 | def host 35 | uri&.host 36 | end 37 | 38 | def scheme 39 | uri&.scheme 40 | end 41 | 42 | def name_with_owner 43 | [owner, name].join("/") 44 | end 45 | alias_method :nwo, :name_with_owner 46 | 47 | def valid? 48 | return false unless uri && theme_parts && name && owner 49 | 50 | host && valid_hosts.include?(host) 51 | end 52 | 53 | def git_ref 54 | theme_parts[:ref] || "HEAD" 55 | end 56 | 57 | def root 58 | @root ||= File.realpath Dir.mktmpdir(TEMP_PREFIX) 59 | end 60 | 61 | def inspect 62 | "#" 64 | end 65 | 66 | private 67 | 68 | def uri 69 | return @uri if defined? @uri 70 | 71 | @uri = if THEME_REGEX.match?(@raw_theme) 72 | Addressable::URI.new( 73 | :scheme => "https", 74 | :host => "github.com", 75 | :path => @raw_theme 76 | ) 77 | else 78 | Addressable::URI.parse @raw_theme 79 | end 80 | rescue Addressable::URI::InvalidURIError 81 | @uri = nil 82 | end 83 | 84 | def theme_parts 85 | @theme_parts ||= uri.path[1..-1].match(THEME_REGEX) if uri 86 | end 87 | 88 | def gemspec 89 | @gemspec ||= MockGemspec.new(self) 90 | end 91 | 92 | def valid_hosts 93 | @valid_hosts ||= [ 94 | "github.com", 95 | ENV["PAGES_GITHUB_HOSTNAME"], 96 | ENV["GITHUB_HOSTNAME"], 97 | ].compact.to_set 98 | end 99 | end 100 | end 101 | end 102 | -------------------------------------------------------------------------------- /lib/jekyll-remote-theme/version.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | module Jekyll 4 | module RemoteTheme 5 | VERSION = "0.4.3" 6 | end 7 | end 8 | -------------------------------------------------------------------------------- /script/bootstrap: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | bundle install 4 | -------------------------------------------------------------------------------- /script/cibuild: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | set -e 4 | 5 | bundle exec rspec 6 | bundle exec rubocop 7 | gem build jekyll-remote-theme.gemspec 8 | -------------------------------------------------------------------------------- /script/console: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | bundle exec pry -r './lib/jekyll-remote-theme.rb' 4 | -------------------------------------------------------------------------------- /spec/fixtures/gemspecs/alldeps.gemspec: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | lib = File.expand_path("lib", __dir__) 4 | $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) 5 | require "alldeps/version" 6 | 7 | Gem::Specification.new do |s| 8 | s.name = "alldeps" 9 | s.version = AllDeps::VERSION 10 | s.authors = ["John Doe"] 11 | s.summary = "Dummy gemspec" 12 | 13 | # runtime dependencies 14 | s.add_dependency "jekyll", "~> 3.5" 15 | s.add_dependency "jekyll-feed", "~> 0.6" 16 | s.add_dependency "jekyll-sitemap", "~> 1.5" 17 | 18 | # development dependencies 19 | s.add_dependency "bundler", "~> 1.12" 20 | s.add_dependency "rake", "~> 10.0" 21 | end 22 | -------------------------------------------------------------------------------- /spec/fixtures/gemspecs/braces.gemspec: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | lib = File.expand_path("lib", __dir__) 4 | $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) 5 | require "braces/version" 6 | 7 | Gem::Specification.new do |s| 8 | s.name = "braces" 9 | s.version = Braces::VERSION 10 | s.authors = ["John Doe"] 11 | s.summary = "Dummy gemspec" 12 | 13 | # rubocop:disable Style/StringLiterals 14 | # runtime dependencies 15 | s.add_dependency('jekyll', "~> 3.5") 16 | s.add_dependency('jekyll-feed', "~> 0.6") 17 | s.add_dependency('jekyll-sitemap', "~> 1.5") 18 | 19 | # development dependencies 20 | s.add_dependency('bundler', "~> 1.12") 21 | s.add_dependency('rake', "~> 10.0") 22 | # rubocop:enable Style/StringLiterals 23 | end 24 | -------------------------------------------------------------------------------- /spec/fixtures/gemspecs/nodeps.gemspec: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | lib = File.expand_path("lib", __dir__) 4 | $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) 5 | require "nodeps/version" 6 | 7 | Gem::Specification.new do |s| 8 | s.name = "nodeps" 9 | s.version = Lorem::VERSION 10 | s.authors = ["John Doe"] 11 | s.summary = "Dummy gemspec" 12 | 13 | s.add_development_dependency("bundler", "~> 1.12") 14 | s.add_development_dependency("rake", "~> 10.0") 15 | end 16 | -------------------------------------------------------------------------------- /spec/fixtures/gemspecs/rundev.gemspec: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | lib = File.expand_path("lib", __dir__) 4 | $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) 5 | require "rundev/version" 6 | 7 | Gem::Specification.new do |spec| 8 | spec.name = "rundev" 9 | spec.version = RunDev::VERSION 10 | spec.authors = ["John Doe"] 11 | spec.summary = "Dummy gemspec" 12 | 13 | spec.add_runtime_dependency "jekyll", "~> 3.5" 14 | spec.add_runtime_dependency "jekyll-feed", "~> 0.6" # some "random" comment 15 | spec.add_runtime_dependency "jekyll-sitemap", "~> 1.5" 16 | 17 | spec.add_development_dependency "bundler", "~> 1.12" 18 | spec.add_development_dependency "rake", "~> 10.0" 19 | end 20 | -------------------------------------------------------------------------------- /spec/fixtures/site-without-theme/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | --- 3 | 4 | # Site without theme 5 | -------------------------------------------------------------------------------- /spec/fixtures/site/_config.yml: -------------------------------------------------------------------------------- 1 | plugins: 2 | - jekyll-remote-theme 3 | 4 | remote_theme: pages-themes/PrImeR 5 | 6 | whitelist: 7 | - jekyll-remote-theme 8 | - jekyll-seo-tag 9 | - jekyll-github-metadata 10 | -------------------------------------------------------------------------------- /spec/fixtures/site/_malicious_config.yml: -------------------------------------------------------------------------------- 1 | plugins: 2 | - jekyll-remote-theme 3 | 4 | remote_theme: jekyll/jekyll-test-theme-malicious 5 | 6 | whitelist: 7 | - jekyll-remote-theme 8 | - jekyll-seo-tag 9 | - jekyll-github-metadata 10 | -------------------------------------------------------------------------------- /spec/fixtures/site/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | layout: default 3 | --- 4 | 5 | # Fixture site 6 | -------------------------------------------------------------------------------- /spec/jekyll-remote-theme/downloader_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.describe Jekyll::RemoteTheme::Downloader do 4 | let(:raw_theme) { "pages-themes/primer" } 5 | let(:theme) { Jekyll::RemoteTheme::Theme.new(raw_theme) } 6 | subject { described_class.new(theme) } 7 | 8 | before { reset_tmp_dir } 9 | 10 | it "knows it's not downloaded" do 11 | expect(subject.downloaded?).to be_falsy 12 | end 13 | 14 | it "creates a zip file" do 15 | expect(subject.send(:zip_file)).to be_an_existing_file 16 | end 17 | 18 | context "downloading" do 19 | before { subject.run } 20 | after { FileUtils.rm_rf theme.root if Dir.exist?(theme.root) } 21 | 22 | it "knows it's downloaded" do 23 | expect(subject.downloaded?).to be_truthy 24 | end 25 | 26 | it "extracts the theme" do 27 | expect("#{theme.root}/_layouts/default.html").to be_an_existing_file 28 | end 29 | 30 | it "deletes the zip file" do 31 | expect(subject.send(:zip_file).path).to be_nil 32 | end 33 | 34 | it "knows the theme dir exists" do 35 | expect(subject.send(:theme_dir_exists?)).to be_truthy 36 | end 37 | 38 | it "knows the theme dir isn't empty" do 39 | expect(subject.send(:theme_dir_empty?)).to be_falsy 40 | end 41 | end 42 | 43 | context "zip_url" do 44 | it "builds the zip url" do 45 | expected = "https://codeload.github.com/pages-themes/primer/zip/HEAD" 46 | expect(subject.send(:zip_url).to_s).to eql(expected) 47 | end 48 | 49 | context "a custom host" do 50 | let(:raw_theme) { "http://example.com/pages-themes/primer" } 51 | 52 | it "builds the zip url" do 53 | expected = "http://codeload.example.com/pages-themes/primer/zip/HEAD" 54 | expect(subject.send(:zip_url).to_s).to eql(expected) 55 | end 56 | end 57 | end 58 | 59 | context "with zip_url stubbed" do 60 | before { allow(subject).to receive(:zip_url) { Addressable::URI.parse zip_url } } 61 | 62 | context "with an invalid URL" do 63 | let(:zip_url) { "https://codeload.github.com/benbalter/_invalid_/zip/HEAD" } 64 | before do 65 | WebMock.disable_net_connect! 66 | stub_request(:get, zip_url).to_return(:status => [404, "Not Found"]) 67 | end 68 | 69 | after { WebMock.allow_net_connect! } 70 | 71 | it "raises a DownloadError" do 72 | msg = "404 - Not Found - Loading URL: https://codeload.github.com/benbalter/_invalid_/zip/HEAD" 73 | expect { subject.run }.to raise_error(Jekyll::RemoteTheme::DownloadError, msg) 74 | end 75 | end 76 | 77 | context "with a large file" do 78 | let(:zip_url) { "https://codeload.github.com/benbalter/_invalid_/zip/HEAD" } 79 | let(:content_length) { 10 * 1024 * 1024 * 1024 } 80 | let(:headers) { { "Content-Length" => content_length } } 81 | before do 82 | WebMock.disable_net_connect! 83 | stub_request(:get, zip_url).to_return(:headers => headers) 84 | end 85 | 86 | after { WebMock.allow_net_connect! } 87 | 88 | it "raises a DownloadError" do 89 | msg = "Maximum file size of 1073741824 bytes exceeded" 90 | expect { subject.run }.to raise_error(Jekyll::RemoteTheme::DownloadError, msg) 91 | end 92 | end 93 | end 94 | end 95 | -------------------------------------------------------------------------------- /spec/jekyll-remote-theme/integration_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.describe "Jekyll::RemoteTheme Integration" do 4 | attr_reader :output, :status 5 | 6 | def config_path 7 | File.join source_dir, "_config.yml" 8 | end 9 | 10 | def malicious_config_path 11 | File.join source_dir, "_malicious_config.yml" 12 | end 13 | 14 | def args(config_path) 15 | [ 16 | "bundle", "exec", "jekyll", "build", "--config", config_path, 17 | "--source", source_dir, "--dest", dest_dir, "--verbose", "--safe", 18 | ] 19 | end 20 | 21 | def build_site(config_path) 22 | Dir.chdir tmp_dir do 23 | @output, @status = Open3.capture2e(*args(config_path)) 24 | @output = @output.encode("UTF-8", 25 | :invalid => :replace, :undef => :replace, :replace => "") 26 | end 27 | end 28 | 29 | let(:theme) { "pages-themes/primer" } 30 | let(:index_path) { File.join dest_dir, "index.html" } 31 | let(:index_contents) { File.read(index_path) } 32 | let(:stylesheet_path) { File.join dest_dir, "assets", "css", "style.css" } 33 | 34 | context "the pages-themes/primer theme" do 35 | before(:all) { reset_tmp_dir } 36 | before(:all) { build_site(config_path) } 37 | after(:all) { reset_tmp_dir } 38 | 39 | it "returns a zero exit code" do 40 | expect(status.exitstatus).to eql(0), output 41 | end 42 | 43 | it "outputs that it's using a remote theme" do 44 | expect(output).to match("Remote Theme: Using theme #{theme}") 45 | end 46 | 47 | it "build the index" do 48 | expect(index_path).to be_an_existing_file 49 | end 50 | 51 | it "uses the theme" do 52 | expected = '
' 53 | expect(index_contents).to match(expected) 54 | end 55 | 56 | it "builds stylesheets" do 57 | expect(stylesheet_path).to be_an_existing_file 58 | end 59 | 60 | it "requires dependencies" do 61 | expect(output).to include("Requiring: jekyll-seo-tag") 62 | expect(index_contents).to include("Begin Jekyll SEO tag") 63 | end 64 | end 65 | 66 | context "the jekyll/jekyll-test-theme-malicious theme" do 67 | let(:theme) { "jekyll/jekyll-test-theme-malicious" } 68 | before(:all) { reset_tmp_dir } 69 | before(:all) { build_site(malicious_config_path) } 70 | after(:all) { reset_tmp_dir } 71 | 72 | it "returns a zero exit code" do 73 | expect(status.exitstatus).to eql(0), output 74 | end 75 | 76 | it "outputs that it's using a remote theme" do 77 | expect(output).to match("Remote Theme: Using theme #{theme}") 78 | end 79 | 80 | it "build the index" do 81 | expect(index_path).to be_an_existing_file 82 | end 83 | 84 | it "uses the theme" do 85 | expect(index_contents).to include("Begin Jekyll SEO tag") 86 | end 87 | 88 | it "requires whitelisted dependencies" do 89 | expect(output).to include("Requiring: jekyll-seo-tag") 90 | end 91 | 92 | it "dosn't requires unsafe dependencies" do 93 | expect(output).to_not include("jekyll_test_plugin_malicious"), output 94 | end 95 | end 96 | end 97 | -------------------------------------------------------------------------------- /spec/jekyll-remote-theme/mock_gemspec_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.describe Jekyll::RemoteTheme::MockGemspec do 4 | let(:fixture) { "alldeps" } 5 | let(:contents) { File.read gemspec_dir("#{fixture}.gemspec") } 6 | let(:filename) { "#{theme.name}.gemspec" } 7 | let(:path) { File.expand_path filename, theme.root } 8 | let(:nwo) { "pages-themes/primer" } 9 | let(:theme) { Jekyll::RemoteTheme::Theme.new(nwo) } 10 | subject { described_class.new(theme) } 11 | 12 | before { File.write path, contents } 13 | 14 | it "stores the theme" do 15 | expect(subject.send(:theme)).to eql(theme) 16 | end 17 | 18 | it "determines the path" do 19 | expect(subject.send(:path)).to eql(path) 20 | end 21 | 22 | it "reads the contents" do 23 | expect(subject.send(:contents)).to eql(contents) 24 | end 25 | 26 | it "builds potential_paths" do 27 | expect(subject.send(:potential_paths)).to include(path) 28 | end 29 | 30 | it "returns the theme root" do 31 | expect(subject.full_gem_path).to eql(theme.root) 32 | end 33 | 34 | context "fixtures" do 35 | let(:dependency_names) { subject.send(:dependency_names) } 36 | let(:runtime_dependencies) { subject.runtime_dependencies } 37 | 38 | # Hash in the form of gemspec fixture => expected dependencies 39 | { 40 | "alldeps" => %w(jekyll jekyll-feed jekyll-sitemap bundler rake), 41 | "braces" => %w(jekyll jekyll-feed jekyll-sitemap bundler rake), 42 | "rundev" => %w(jekyll jekyll-feed jekyll-sitemap), 43 | "nodeps" => [], 44 | }.each do |fixture, expected| 45 | context "the #{fixture} gemspec" do 46 | let(:fixture) { fixture } 47 | 48 | it "returns dependency names" do 49 | expect(dependency_names).to eql(expected) 50 | end 51 | 52 | it "returns #{expected.count} runtime dependencies" do 53 | expect(runtime_dependencies.count).to eql(expected.count) 54 | 55 | unless expected.empty? 56 | expect(runtime_dependencies.first).to be_a(Gem::Dependency) 57 | expect(runtime_dependencies.map(&:name)).to eql(expected) 58 | end 59 | end 60 | end 61 | end 62 | end 63 | end 64 | -------------------------------------------------------------------------------- /spec/jekyll-remote-theme/munger_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.describe Jekyll::RemoteTheme::Munger do 4 | let(:source) { source_dir } 5 | let(:overrides) { {} } 6 | let(:config) { { "source" => source, "safe" => true }.merge(overrides) } 7 | let(:site) { make_site(config) } 8 | let(:theme_dir) { theme&.root } 9 | let(:layout_path) { File.expand_path "_layouts/default.html", theme_dir } 10 | let(:sass_dir) { File.expand_path "_sass/", theme_dir } 11 | let(:sass_path) { File.expand_path "jekyll-theme-primer.scss", sass_dir } 12 | let(:includes_dir) { File.expand_path "_includes/", theme_dir } 13 | let(:theme) { subject.send(:theme) } 14 | 15 | subject { described_class.new(site) } 16 | 17 | before { Jekyll.logger.log_level = :error } 18 | before { reset_tmp_dir } 19 | 20 | # Remove :after_reset hook to allow themes to be stubbed prior to munging 21 | before(:each) do 22 | hooks = Jekyll::Hooks.instance_variable_get("@registry") 23 | hooks[:site][:after_reset] = [] 24 | Jekyll::Hooks.instance_variable_set("@registry", hooks) 25 | end 26 | 27 | it "stores the site" do 28 | expect(subject.site).to be_a(Jekyll::Site) 29 | end 30 | 31 | context "without a theme" do 32 | let(:source) { fixture_path("site-without-theme") } 33 | 34 | it "doesn't set a theme" do 35 | expect(site.theme).to_not be_a(Jekyll::RemoteTheme::Theme) 36 | end 37 | 38 | it "doesn't clone" do 39 | expect(layout_path).to_not be_an_existing_file 40 | end 41 | end 42 | 43 | context "with theme as a hash" do 44 | let(:overrides) { { "remote_theme" => { "foo" => "bar" } } } 45 | before { subject.munge! } 46 | 47 | it "doesn't set a theme" do 48 | expect(site.theme).to_not be_a(Jekyll::RemoteTheme::Theme) 49 | end 50 | 51 | it "doesn't clone" do 52 | expect(layout_path).to_not be_an_existing_file 53 | end 54 | end 55 | 56 | context "with a remote theme" do 57 | let(:overrides) { { "remote_theme" => "pages-themes/primer" } } 58 | before do 59 | @old_logger = Jekyll.logger 60 | @stubbed_logger = StringIO.new 61 | Jekyll.logger = Logger.new(@stubbed_logger) 62 | Jekyll.logger.log_level = :debug 63 | end 64 | before { subject.munge! } 65 | after { Jekyll.instance_variable_set("@logger", @old_logger) } 66 | 67 | it "sets the theme" do 68 | expect(site.theme).to be_a(Jekyll::RemoteTheme::Theme) 69 | expect(site.theme.name).to eql("primer") 70 | expect(site.config["theme"]).to eql("primer") 71 | end 72 | 73 | it "downloads" do 74 | expect(layout_path).to be_an_existing_file 75 | end 76 | 77 | it "sets sass paths" do 78 | expect(sass_path).to be_an_existing_file 79 | 80 | if Jekyll::VERSION >= "4.0" 81 | converter = Jekyll::Converters::Scss.new(site.config) 82 | 83 | expect(converter.sass_configs[:load_paths]).to include(sass_dir) 84 | else 85 | expect(Sass.load_paths).to include(sass_dir) 86 | end 87 | end 88 | 89 | it "sets include paths" do 90 | expect(site.includes_load_paths).to include(includes_dir) 91 | end 92 | 93 | it "sets layouts" do 94 | site.read 95 | expect(site.layouts["default"]).to be_truthy 96 | expect(site.layouts["default"].path).to eql(layout_path) 97 | end 98 | 99 | it "requires plugins" do 100 | @stubbed_logger.rewind 101 | expect(@stubbed_logger.read).to include("Requiring: jekyll-seo-tag") 102 | end 103 | end 104 | 105 | context "with a malicious theme" do 106 | let(:overrides) { { "remote_theme" => "jekyll/jekyll-test-theme-malicious" } } 107 | before do 108 | @old_logger = Jekyll.logger 109 | @stubbed_logger = StringIO.new 110 | Jekyll.logger = Logger.new(@stubbed_logger) 111 | Jekyll.logger.log_level = :debug 112 | end 113 | before { subject.munge! } 114 | after { Jekyll.instance_variable_set("@logger", @old_logger) } 115 | 116 | it "sets the theme" do 117 | expect(site.theme).to be_a(Jekyll::RemoteTheme::Theme) 118 | expect(site.theme.name).to eql("jekyll-test-theme-malicious") 119 | expect(site.config["theme"]).to eql("jekyll-test-theme-malicious") 120 | end 121 | 122 | it "requires whitelisted plugins" do 123 | @stubbed_logger.rewind 124 | expect(@stubbed_logger.read).to include("Requiring: jekyll-seo-tag") 125 | end 126 | 127 | it "doesn't require malicious plugins" do 128 | @stubbed_logger.rewind 129 | expect(@stubbed_logger.read).to_not include("jekyll_test_plugin_malicious") 130 | end 131 | end 132 | end 133 | -------------------------------------------------------------------------------- /spec/jekyll-remote-theme/theme_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.describe Jekyll::RemoteTheme::Theme do 4 | let(:scheme) { nil } 5 | let(:host) { nil } 6 | let(:owner) { "foo" } 7 | let(:name) { "bar" } 8 | let(:nwo) { "#{owner}/#{name}" } 9 | let(:git_ref) { nil } 10 | let(:raw_theme) do 11 | raw_theme = +"" 12 | raw_theme << "#{scheme}://#{host}/" if scheme && host 13 | raw_theme << nwo.to_s 14 | raw_theme << "@#{git_ref}" if git_ref 15 | raw_theme 16 | end 17 | subject { described_class.new(raw_theme) } 18 | 19 | it "stores the theme" do 20 | expect(subject.instance_variable_get("@raw_theme")).to eql(nwo) 21 | end 22 | 23 | context "with an abnormal NWO" do 24 | let(:nwo) { " FoO/bAr " } 25 | 26 | it "normalizes the nwo" do 27 | expect(subject.instance_variable_get("@raw_theme")).to eql("foo/bar") 28 | end 29 | end 30 | 31 | it "extracts the name" do 32 | expect(subject.name).to eql(name) 33 | end 34 | 35 | it "extracts the owner" do 36 | expect(subject.owner).to eql(owner) 37 | end 38 | 39 | it "uses the default host" do 40 | expect(subject.host).to eql("github.com") 41 | end 42 | 43 | it "uses the default scheme" do 44 | expect(subject.scheme).to eql("https") 45 | end 46 | 47 | it "builds the name with owner" do 48 | expect(subject.name_with_owner).to eql(nwo) 49 | expect(subject.nwo).to eql(nwo) 50 | end 51 | 52 | it "knows it's valid" do 53 | expect(subject).to be_valid 54 | end 55 | 56 | context "a random string" do 57 | let(:nwo) { "foo" } 58 | 59 | it "isn't valid" do 60 | expect(subject).to_not be_valid 61 | end 62 | end 63 | 64 | context "with a non-string" do 65 | let(:nwo) { [1, 2] } 66 | 67 | it "isn't valid" do 68 | expect(subject).to_not be_valid 69 | end 70 | end 71 | 72 | context "with a non-nwo string" do 73 | let(:nwo) { "foo/javascript: alert(1);" } 74 | 75 | it "isn't valid" do 76 | expect(subject).to_not be_valid 77 | end 78 | end 79 | 80 | it "defaults git_ref to HEAD" do 81 | expect(subject.git_ref).to eql("HEAD") 82 | end 83 | 84 | context "with a git_ref" do 85 | let(:git_ref) { "foo" } 86 | 87 | it "parses the git ref" do 88 | expect(subject.git_ref).to eql(git_ref) 89 | end 90 | end 91 | 92 | it "knows its root" do 93 | expect(Dir.exist?(subject.root)).to be_truthy 94 | end 95 | 96 | it "exposes gemspec" do 97 | expect(subject.send(:gemspec)).to be_a(Jekyll::RemoteTheme::MockGemspec) 98 | end 99 | 100 | context "a full URL" do 101 | let(:host) { "github.com" } 102 | let(:scheme) { "https" } 103 | 104 | it "extracts the name" do 105 | expect(subject.name).to eql(name) 106 | end 107 | 108 | it "extracts the owner" do 109 | expect(subject.owner).to eql(owner) 110 | end 111 | 112 | it "extracts the host" do 113 | expect(subject.host).to eql("github.com") 114 | end 115 | 116 | it "extracts the scheme" do 117 | expect(subject.scheme).to eql("https") 118 | end 119 | 120 | it "is valid" do 121 | with_env "GITHUB_HOSTNAME", "enterprise.github.com" do 122 | expect(subject).to be_valid 123 | end 124 | end 125 | 126 | context "a custom host" do 127 | let(:host) { "example.com" } 128 | let(:scheme) { "http" } 129 | 130 | it "extracts the name" do 131 | expect(subject.name).to eql(name) 132 | end 133 | 134 | it "extracts the owner" do 135 | expect(subject.owner).to eql(owner) 136 | end 137 | 138 | it "extracts the host" do 139 | expect(subject.host).to eql(host) 140 | end 141 | 142 | it "extracts the scheme" do 143 | expect(subject.scheme).to eql(scheme) 144 | end 145 | 146 | it "is valid if a whitelisted host name" do 147 | with_env "GITHUB_HOSTNAME", "example.com" do 148 | expect(subject).to be_valid 149 | end 150 | end 151 | 152 | it "is invalid if not a whitelisted host name" do 153 | with_env "GITHUB_HOSTNAME", "enterprise.github.com" do 154 | expect(subject).to_not be_valid 155 | end 156 | end 157 | 158 | context "with a git ref" do 159 | let(:git_ref) { "foo" } 160 | 161 | it "parses the git ref" do 162 | expect(subject.git_ref).to eql(git_ref) 163 | end 164 | end 165 | end 166 | end 167 | end 168 | -------------------------------------------------------------------------------- /spec/jekyll_remote_theme_spec.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | RSpec.describe Jekyll::RemoteTheme do 4 | let(:source) { source_dir } 5 | let(:config) { { "source" => source } } 6 | let(:site) { make_site(config) } 7 | subject { described_class } 8 | 9 | it "returns the version" do 10 | expect(subject::VERSION).to match(%r!\d+\.\d+\.\d+!) 11 | end 12 | 13 | it "inits" do 14 | expect(subject.init(site)).to be_a(Jekyll::RemoteTheme::Theme) 15 | expect(site.theme).to be_a(Jekyll::RemoteTheme::Theme) 16 | expect(File.join(site.theme.root, "_layouts/default.html")).to be_an_existing_file 17 | end 18 | end 19 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | # frozen_string_literal: true 2 | 3 | require_relative "../lib/jekyll-remote-theme" 4 | require "fileutils" 5 | require "open3" 6 | require "pathname" 7 | require "webmock/rspec" 8 | WebMock.allow_net_connect! 9 | 10 | RSpec.configure do |config| 11 | config.example_status_persistence_file_path = "spec/examples.txt" 12 | config.disable_monkey_patching! 13 | config.warnings = true 14 | config.default_formatter = "doc" if config.files_to_run.one? 15 | config.order = :random 16 | Kernel.srand config.seed 17 | end 18 | 19 | RSpec::Matchers.define :be_an_existing_file do 20 | match { |path| File.exist?(path) } 21 | end 22 | 23 | def tmp_dir 24 | @tmp_dir ||= File.expand_path "../tmp", __dir__ 25 | end 26 | 27 | def source_dir 28 | @source_dir ||= fixture_path "site" 29 | end 30 | 31 | def dest_dir 32 | @dest_dir ||= File.join tmp_dir, "dest" 33 | end 34 | 35 | def gemspec_dir(*contents) 36 | File.join(fixture_path("gemspecs"), *contents) 37 | end 38 | 39 | def reset_tmp_dir 40 | FileUtils.rm_rf tmp_dir 41 | FileUtils.mkdir_p tmp_dir 42 | end 43 | 44 | def fixture_path(fixture) 45 | File.expand_path "fixtures/#{fixture}", __dir__ 46 | end 47 | 48 | def config_defaults 49 | { 50 | "source" => source_dir, 51 | "destination" => dest_dir, 52 | "gems" => ["jekyll-remote-theme"], 53 | } 54 | end 55 | 56 | def make_site(options = {}) 57 | config = Jekyll.configuration config_defaults.merge(options) 58 | Jekyll::Site.new(config) 59 | end 60 | 61 | def with_env(key, value) 62 | old_env = ENV[key] 63 | ENV[key] = value 64 | yield 65 | ENV[key] = old_env 66 | end 67 | --------------------------------------------------------------------------------