Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
To use the Cayman theme:
Add the following to your site's _config.yml
:
remote_theme: observability-lab-cse/lab-theme
Optionally, if you'd like to preview your site on your computer, add the following to your site's Gemfile
:
gem "github-pages", group: :jekyll_plugins
Cayman will respect the following variables, if set in your site's _config.yml
:
title: [The title of your site]
description: [A short description of your site's purpose]
Additionally, you may choose to set the following optional variables:
show_downloads: ["true" or "false" (unquoted) to indicate whether to provide a download URL]
google_analytics: [Your Google Analytics tracking ID]
If you'd like to add your own custom styles:
/assets/css/style.scss
in your site---
---
@import "{{ site.theme }}";
@import
lineNote: If you'd like to change the theme's Sass variables, you must set new values before the @import
line in your stylesheet.
If you'd like to change the theme's HTML layout:
favicon
, you can add custom files in your local _includes
folder. The files provided with the theme provide a starting point and are included by the original layout template./_layouts/default.html
in your siteGoogle has released several iterations to their Google Analytics code over the years since this theme was first created. If you would like to take advantage of the latest code, paste it into _includes/head-custom-google-analytics.html
in your Jekyll site.
Templates often rely on URLs supplied by GitHub such as links to your repository or links to download your project. If you'd like to override one or more default URLs:
{{ site.github.zip_url }}
._config.yml
. For example, if the variable was site.github.url
, you'd add the following:
github:
zip_url: http://example.com/download.zip
another_url: another value
Note: You must remove the site.
prefix, and each variable name (after the github.
) should be indent with two space below github:
.
For more information, see the Jekyll variables documentation.
See the open issues for a list of proposed features (and known issues).
The Cayman theme is intended to make it quick and easy for GitHub Pages users to create their first (or 100th) website. The theme should meet the vast majority of users' needs out of the box, erring on the side of simplicity rather than flexibility, and provide users the opportunity to opt-in to additional complexity if they have specific needs or wish to further customize their experience (such as adding custom CSS or modifying the default layout). It should also look great, but that goes without saying.
Interested in contributing to Cayman? We'd love your help. Cayman is an open source project, built one contribution at a time by users like you. See the CONTRIBUTING file for instructions on how to contribute.
If you'd like to preview the theme locally (for example, in the process of proposing a change):
git clone https://github.com/pages-themes/cayman
)cd
into the theme's directoryscript/bootstrap
to install the necessary dependenciesbundle exec jekyll serve
to start the preview serverlocalhost:4000
in your browser to preview the themeThe theme contains a minimal test suite, to ensure a site with the theme would build successfully. To run the tests, simply run script/cibuild
. You'll need to run script/bootstrap
once before the test script will work.
FAQs
Unknown package
We found that obs-lab-theme demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.