Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
sourcebit-target-jekyll
Advanced tools
A Sourcebit plugin for the Jekyll static site generator
This plugin writes content from any Sourcebit data source into files compatible with the Jekyll static site generator.
To install the plugin and add it to your project, run:
npm install sourcebit-target-jekyll --save
💡 You don't need to run this command if you start Sourcebit using the interactive setup process, as the CLI will install the plugin for you and add it as a dependency to your project.
The plugin accepts the following configuration parameters. They can be supplied in any of the following ways:
options
object of the plugin configuration block inside sourcebit.js
, with the value of the Property column as a key;sourcebit fetch
command;.env
file, with the value of the Env variable column separated by the value with an equals sign (e.g. MY_VARIABLE=my-value
);sourcebit fetch
command, using the value of the Parameter column as the name of the parameter (e.g. sourcebit fetch --my-parameter
).Property | Type | Visibility | Default value | Env variable | Parameter | Description |
---|---|---|---|---|---|---|
writeFile | Function | Public | A function that computes the files to be created, as well as their location, format and contents (see below for more details). |
The writeFile
function is invoked on each entry from the objects
data bucket, with the following parameters:
entry
(Object): An entry from the objects
data bucketutils
(Object): An object containing utility methods:
slugify
(Function): Creates a filename-friendly version of any string (e.g. utils.slugify('Hello, Sourcebit friends!') === 'hello-sourcebit-friends'
)The return value of this function determines whether the entry being evaluated will be written to a file and, if so, defines the path, the format and the contents of the file.
To write a file for an entry, the return value should be an object with a content
, format
and path
properties. The nature of these properties may vary slightly based on the value of format
, as shown in the table below.
format | content | path | Description |
---|---|---|---|
frontmatter-md | Object containing a frontmatter and body properties, which will be written to the file's frontmatter and content body, respectively | The absolute path to the file. Must end with .md . | Writes a Markdown file with a YAML frontmatter. |
yml | Object to be written as YAML | The absolute path to the file. Must end with .yaml or .yml | Writes a YAML file. |
json | Object to be written as JSON | The absolute path to the file. Must end with .json . | Writes a JSON file |
💡 If you wish to create multiple files for an entry, set the return value to an array of objects, each containing a
content
,format
andpath
properties.
sourcebit.js
module.exports = {
plugins: [
{
module: require("sourcebit-target-jekyll"),
options: {
writeFile: function(entry, utils) {
const { __metadata: meta, ...fields } = entry;
if (!meta) return;
const { createdAt = "", modelName, projectId, source } = meta;
if (
modelName === "post" &&
projectId === "123456789" &&
source === "sourcebit-source-contentful"
) {
const { __metadata, content, layout, ...frontmatterFields } = entry;
return {
content: {
body: fields["content"],
frontmatter: { ...frontmatterFields, layout: fields["layout"] }
},
format: "frontmatter-md",
path:
"_posts/" +
createdAt.substring(0, 10) +
"-" +
utils.slugify(fields["title"]) +
".md"
};
}
}
}
}
]
};
This plugin offers an interactive setup process via the npx create-sourcebit
command. It asks users to categorize each of the content models present in the models
data bucket as a page or data object. For each model selected, the user is asked to define the location and the source of different frontmatter values.
This plugin expects the following data buckets to exist:
models
: An array of content modelsobjects
: An array of content entriesThis plugin creates files on disk, in locations and with formats defined by the writeFile
function.
FAQs
A Sourcebit plugin for Jekyll
We found that sourcebit-target-jekyll demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.