Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update README.markdown #2953

Merged
merged 1 commit into from
Sep 27, 2014
Merged

Update README.markdown #2953

merged 1 commit into from
Sep 27, 2014

Conversation

vasinov
Copy link
Contributor

@vasinov vasinov commented Sep 26, 2014

Someone added Jekyll to Hakiri for monitoring gems' security. I'm adding a security shield to README.markdown in this commit.

@vasinov
Update README.markdown
aaf8139 
Someone added Jekyll to Hakiri for monitoring gems' security. I'm adding a security shield to README.markdown in this commit.
@parkr
Copy link
Member

parkr commented Sep 26, 2014

I have never heard of Hakiri before. Do you use it? How have you found it?

@vasinov
Copy link
Contributor Author

vasinov commented Sep 26, 2014

I am one of the people who works on it. In the case of Jekyll it scans gems for potential CVE vulnerabilities. You can look how it works for other open source projects here: https://hakiri.io/security-watch

@parkr
Copy link
Member

parkr commented Sep 26, 2014

Interesting! Nifty service. We don't currently disclose security vulnerabilities we find in Jekyll proper (the @jekyll/security team has found a couple bugs which Pages patches internally then we patch in the main repo here) but maybe it's time to start publishing those and sending an email to jekyll.security@librelist.com.

parkr added a commit that referenced this pull request Sep 27, 2014
@parkr
Merge pull request #2953 from vasinov/master
0e6dc41
@parkr parkr merged commit 0e6dc41 into jekyll:master Sep 27, 2014
parkr added a commit that referenced this pull request Sep 27, 2014
@parkr
Update history to reflect merge of #2953 [ci skip]
314f476
@jekyll jekyll locked and limited conversation to collaborators Feb 27, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
frozen-due-to-age
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@vasinov @parkr @jekyllbot