Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
empress-blog
Advanced tools
Fully-functional, SEO friendly static site implementation of a blog system built on Ember.
Note: if you have come here wanting to use empress-blog for your own blog then skip down to the quick-start. You do not need to clone this repo to get started, you only need to clone this repo if you want to develop empress-blog 🎉
This project is designed to be a fully-functional, static site implementation of a blog system that is mostly compatible with Ghost and is built on EmberJS with fully working out of the box SEO friendly output. It supports being hosted on AWS S3 or any other static site hosting solution.
This system supports the use of shallow forks of Ghost themes and currently supports
If you are interested in writing your own theme for empress-blog please check out create-empress-blog-template which allows you to run npm init empress-blog-template <name>
right now to get started (without the need to install anything). Check out the readme for more information.
If you want an example of the this "in production" then check out the Chris Manson's Blog.
You do not need to be a web developer to be able to use this system. You just write markdown files and the rest of the work is performed by EmberJS' build system.
If you want to get your new empress-blog blog deployed on Netlify in less than a minute then you can just click this button:
If you want to instead work with your blog locally before deploying then you can continue reading
npx ember-cli@latest new super-blog
cd super-blog
# you can replace the template with the one you want to use
npx ember install empress-blog empress-blog-casper-template
It will ask you if you want to update the index.html
file and you should say yes 👍
If you want to see the blog system running on your local machine just run npm start
and you will
be able to navigate to http://localhost:4200 to see the blog in action.
Note: you need npm@6.1
or later run this quick start. You can update with npm install -g npm@latest
or check the official docs
To build the static output directory, run the standard build process for a production Ember application:
npm run build -- -prod
This will generate a fully static output of your site in the dist
folder.
This addon comes with helpful blueprints to generate posts and authors for you in the structure it expects. The first thing you should do is generate an author as follows:
npx ember g author your-name
Then you should be able to edit the file author/your-name.md
to update the details.
Next you will want to generate some posts. If you only have one author generated (in a single user blog) you can generate a post as simply as running:
npx ember g post "this is a post I want to write"
If you have already generated some content (see above) you will know that you are able to configure
certain details about your posts. If you want to edit the global configuration you will need to
provide a section in the Environment config file for your host Ember app (located in
config/environment.js
). You will see a let ENV = {
declaration near the top of the file, you
will need to add a blog
key to that object with your configuration. Here is an example of that blog
config object:
let ENV = {
// leave all the other config intact and add the following key
blog: {
title: "The Write Blog",
description: "Here is where I lay my words",
logo: "/images/logo-white.png",
rssLogo: '/images/logo.png',
coverImage: "/images/cover-image.jpg",
twitter: "emberjs",
navigation: [
{ label: 'Ember Consulting', link: 'https://simplabs.com' },
{ label: 'Blog Home', route: 'index' },
]
},
}
This example config shows you how to set a title and general description for your blog, have a logo and a cover image, a link to your twitter account and how to add some navigation to your blog.
Note: the images like /images/logo.png
will need to be in your public
folder in your host app.
The above configuration allows you to make your blog look a lot better but there is one piece of configuration that will enable some awesome features like automatically creating an RSS feed for you 🎉
Although because of the nature of some RSS aggregators you need to be very careful with this because it can mess up a cache that you have no control over, this is why it's dealt with differently than the above.
If you're not familiar with Ember configuration, you are able to specific some environment config depending on what environment you are targeting. This allows you to have some config only available in production (like Google Analytics for example).
If you go to the end of your config/environment.js
file you will see something that is checking if the environment is production
. You can add your host config to the blog config object as follows:
if (environment === 'production') {
// ... any other production config you might have ...
ENV.blog.host = 'https://chris.manson.ie';
}
when ember-casper-template sees that you have host defined it will start generating the rss feed.
If you are interested in writing your own theme for empress-blog you can get started using
npm init empress-blog-template <template-name>
This will create a brand new template addon in the folder
empress-blog-template-name-template
! This directory will contain a blank theme
based on the official Ghost Starter Theme
and is intended to be setup in such a way that anyone with HTML and CSS skills
can start developing their own themes without needing much knowledge of Ember 🎉
If you are new to ember and you feel like there is anything we can do to help you get started please reach out to me on Twitter and I'd be happy to help you. You can check out the documentation for create-empress-blog-template here.
If you do end up writing an empress-blog template please let us know so I can include your template in a list of existing templates.
If you would like to import your blog content from another platform into empress-blog we have a beta import function that we would love for people to try out and give feedback. It requires that you create an export file from your respective blog platform and then run the following command from the command line:
npx ember empress-blog:import --type=[import_type] [dump_file]
Currently available import_type
s are:
Note: When exporting a Tumblr blog you will be downloading a zip file which
you need to unpack. Once you unpack your export zip file you will find a
posts.zip
file which also needs to be unpacked. Your dump_file
will be the
resulting posts.xml
file.
If you are upgrading from empress-blog@1.x and you start to get some errors along the lines of:
cannot find helper xyz
you will probably need to update your template if you're using one of the "official" empress-blog templates.
If you have a custom template and you get this error you might need to install empress-blog-ghost-helpers as a dependency.
This is because empress-blog originally started as a "shallow fork" of Ghost, and therefore it supported all the helpers that Ghost provided for templates by default. Now you can optionally add support for these helpers which is particularly useful if you are porting a template from Ghost.
See the Contributing guide for details.
This project is licensed under the MIT License.
FAQs
Fully-functional, SEO friendly static site implementation of a blog system built on Ember.
The npm package empress-blog receives a total of 40 weekly downloads. As such, empress-blog popularity was classified as not popular.
We found that empress-blog demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.