Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
This plugin inctroduces a chatgpt
Liquid filter that formats ChatGPT conversations. It mostly uses CSS to navigate in branching conversations (except for links to specific messages inside a conversation, see "Usage" below). A live demo of deploying the demo branch of this repository to Github pages is available (code)
Install the gem and add to the application's Gemfile by executing:
$ bundle add jekyll-chatgpt
If bundler is not being used to manage dependencies, install the gem by executing:
$ gem install jekyll-chatgpt
After installing, don't forget to update your _config.yml
to include the plugin :
plugins: [other-plugins, jekyll-picture-tag-ng]
Optionally, include a stylesheet for code syntax highlighting in ChatGPT output. If you already have a code highlighting theme set up for your site, it should automatically be used.
chat.openapi.com/chat/{some-random-looking-id}
. In the network tab of the developer tools, find the request to {some-random-looking-id}
and right-click on it and pick "Copy > Copy response". You can now paste what you just copied into a JSON file inside your _data
folder (for instance, _data/chatgpt/test_conversation.json
).{{ site.data.chatgpt['test_conversation'] | chatgpt }}
anywhere in your liquid-rendered content to include the conversation in your website. This will render markdown in messages by default. You can disable markdown rendering by passing the false
argument to the filter : {{ site.data.chatgpt['test_conversation'] | chatgpt: false }}
.chatgpt_message_lagel
tag in the following way : {% chatgpt_message_label [MESSAGE_ID] in [CONVERSATION] %}[LABEL_TEXT]{% endchatgpt_message_label %}
where [MESSAGE_ID]
is the start of a message id ; [CONVERSATION]
is the variable representing a conversation ; [LABEL_TEXT]
is the displayed link text. Here is an example from the demo page : {% chatgpt_message_label 55bb5 in site.data.chatgpt["date"] %}a message{% endchatgpt_message_label %}
. This functionality uses Javascript, if you want to use it you must add the following tag to your <head>
: <script defer src="/chatgpt_message_label.js"></script>
(the JS file is automatically written to your website's output directory)The necessary styles will automatically be inlined when using the filter. You can override the default colors by providing the following variables in your _sass/_colors.sass
file : $color1
, $color1-alt
, $color2
, $color2-alt
, $cyan
You can put your custom SASS inside _sass/_chatgpt_custom.sass
. If the file exists, it will be imported and the properties set in your custom stylesheet will take precedence by using CSS layers. The demo uses this to add rounded borders to the controls.
You can browse the code for the live demo which is intended to be a minimal example of using the plugin.
After cloning the repo, you can run the following commands in a local jekyll website's folder to start hacking on the code of jekyll-chatgpt
(you'll need to replace the path in the second command :
$ bundle remove jekyll-chatgpt # if you previously used jekyll-chatgpt from rubygems
$ bundle add --path /absolute/or/relative/path/to/your/local/jekyll-chatgpt/repo jekyll-chatgpt
$ bundle exec jekyll serve # Re-run this when you want to test changes to your local jekyll-chatgpt
To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and the created tag, and push the .gem
file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/pcouy/jekyll-chatgpt.
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that jekyll-chatgpt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.