baradm100 / gatsby-theme-admonation Goto Github PK

View Code? Open in Web Editor NEW

This project forked from nehalist/gatsby-theme-nehalem

0.0 0.0 0.0 28.91 MB

A Gatsby blog theme.

JavaScript 17.35% TypeScript 80.80% Shell 1.85%

gatsby-theme-admonation's People

Contributors

Watchers

gatsby-theme-admonation's Issues

Change the default logo

We need to change the default logo from nehalist-gatsby to logo

Improve code quality for change log updater

We should improve the scripts/helper/changelogUpdater.js code quality.

Goals

More generic
Less hard coded stuff
Consider to make an Github Action plugin

Update 3rd party packages to fix vulnerabilities

We need to update a few 3rd party packages to fix vulnerabilities.

Audit Report

$ npm audit
                                                                                
                       === npm audit security report ===                        
                                                                                
# Run  npm install --save-dev [email protected]  to resolve 1 vulnerability
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ stylelint [dev]                                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ stylelint > meow > yargs-parser                              │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1500                            │
└───────────────┴──────────────────────────────────────────────────────────────┘


┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gatsby-plugin-robots-txt                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gatsby-plugin-robots-txt > generate-robotstxt > meow >       │
│               │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1500                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gatsby [dev]                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gatsby > gatsby-cli > yargs > yargs-parser                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1500                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ yargs-parser                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=13.1.2 <14.0.0 || >=15.0.1 <16.0.0 || >=18.1.2             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ gatsby [dev]                                                 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ gatsby > webpack-dev-server > yargs > yargs-parser           │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1500                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 4 low severity vulnerabilities in 44565 scanned packages
  1 vulnerability requires semver-major dependency updates.
  3 vulnerabilities require manual review. See the full report for details.

Make the version bump automatic

Currently in order to publish a new version we need to do the following manually:

Update the version property in the package.json file
Change the CHANGELOG.md:
- Update the Unreleased link
- Move all the changes from the Unreleased segment to the new version segment
- Create empty Unreleased segment to the next version

Fix prettier

We need to fix the prettier config across the repo

Add documentation

TBD

Add contributing.md file

Follow this guide: https://help.github.com/en/github/building-a-strong-community/setting-guidelines-for-repository-contributors

Update packages

We should update our packages

Add code of conduct file

Follow: https://help.github.com/en/github/building-a-strong-community/adding-a-code-of-conduct-to-your-project

Adding more details for NPM registry

Currently our theme/package.json is missing some key points like:

Repository URL
Homepage
Description

Stop using personal user in the CD

We should use the GITHUB_ACTOR in the CD

gatsby-image | Stop using sizes and move to fluid

In gatsby-image the sizes prop is deprecated and we should move to the new prop: fluid

Update the CI badge

Now that we merged #1 to master we need to update the CI badge in the readme file.

Create release pipeline

Release the package using GitHub Actions

Make sure we're getting 100 score in Lighthouse

Current Score

Goal

100!

Issues

Performance

A preload <link> was found for "http://localhost:9000/webpack-runtime-7f2b28a7f7f2a49e98e7.js" but was not used by the browser. Check that you are using the `crossorigin` attribute properly.

Best Practices

Does not use HTTP/2 for all of its resources
41 requests not served via HTTP/2

Fail CI if we have packages with vulnerabilities

We should fail CI if we have packages with vulnerabilities.

Severity Level

For now we'll fail for all the severity levels

Add changelog file

Use this template: https://github.com/olivierlacan/keep-a-changelog/blob/master/CHANGELOG.md

Add the ability to select if to show featured tags

We need to add the ability to select if we want to show featured tags in the index page

Create Demo website

TBD

Add Node 14.x to the CI

We should add Node 14.x to the CI to make sure everything is working as expected in all the versions

Fix publish pipeline

Error log:

npm ERR! package.json requires a "name" field

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/runner/.npm/_logs/2020-04-30T07_56_25_105Z-debug.log
##[error]Process completed with exit code 1.

Cache dependencies in the CI

The install process take too much time in the CI, we need to fix that

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Jobs

Jooble