Merge branch 'main' into rrwo/meeting-minutes-2025-09-17

Author: thibaultduponchelle

CONTRIBUTING.md

@@ -13,7 +13,7 @@ This website runs on GitHub Pages, and uses Ruby's _Jekyll_ gem for generating s
 ## Installing `ruby` and `gem`
 
 ```
-apt install ruby gem
+apt install ruby ruby-dev gem
 ```
 
 ## Installing Jekyll

README.md

@@ -20,6 +20,8 @@ If you care and would like to make a contribution, you can…
 * Join us in our [IRC channel](ircs://ssl.irc.perl.org:7062/#cpan-security), #cpan-security on irc.perl.org
 * Send an e-mail to the CPAN Security Group <[cpan-security@security.metacpan.org](mailto:cpan-security@security.metacpan.org)> 📧
 * Subscribe to [@cpansec@fosstodon.org](https://fosstodon.org/@cpansec) on the Fediverse :elephant:
+* Subscribe to the [CPANSec mailing lists](https://lists.security.metacpan.org/)
+* Browse and read the [CPANSec CVE Announcements](https://lists.security.metacpan.org/cve-announce/) archive
 
 
 ## Resources

_blog/2024-12-31-please-keep-your-information-up-to-date.md

@@ -8,6 +8,11 @@ category: blog
 tags: authors contact cpan maintenance modules security
 author: robrwo
 excerpt: "Some end of year reminders for CPAN Authors: Do all of your modules have up-to-date contact information?"
+header:
+  overlay_image: /assets/images/header/SJN07458.JPG
+  teaser: assets/images/teaser/SJN07458.JPG
+  overlay_filter: 0.6
+  caption: "Photo credit: [@sjn](https://github.com/sjn)"
 ---
 
 Some end of year reminders for CPAN Authors:

_blog/2025-01-03-randomness-guide.md

@@ -8,6 +8,11 @@ collection: blog
 tags: authors guides cpan modules security random randomness urandom cryptography
 author: robrwo
 excerpt: "Any secret token that allows someone to access a resource or perform an action should be generated with a secure random number generator..."
+header:
+  overlay_image: /assets/images/header/SJN07450.JPG
+  teaser: assets/images/teaser/SJN07450.JPG
+  overlay_filter: 0.6
+  caption: "Photo credit: [@sjn](https://github.com/sjn)"
 ---
 
 Any secret token that allows someone to access a resource or perform an action should be generated with a secure random

_blog/2025-01-05-add-a-security-policy.md

@@ -8,6 +8,11 @@ collection: blog
 tags: authors guides cpan modules security
 author: robrwo
 excerpt: "Adding a SECURITY or SECURITY.md file to your Perl distributions will let people know how to contact the maintainers if they find a security issue with your software..."
+header:
+  overlay_image: /assets/images/header/SJN07448.JPG
+  teaser: assets/images/teaser/SJN07448.JPG
+  overlay_filter: 0.6
+  caption: "Photo credit: [@sjn](https://github.com/sjn)"
 ---
 
 Adding a `SECURITY` or `SECURITY.md`  file to your Perl distributions will let people know:

_blog/2025-03-13-CPANSec-Retrospective-2024.md

@@ -7,6 +7,11 @@ toc: true
 tags: cpansec update history
 author: thibaultduponchelle
 excerpt: Here is the CPANSec 2024 Retrospective
+header:
+  overlay_image: /assets/images/header/SJN07858.JPG
+  teaser: assets/images/teaser/SJN07858.JPG
+  overlay_filter: 0.5
+  caption: "Photo credit: [@sjn](https://github.com/sjn)"
 ---
 
 ## A big year for CPANSec

_blog/2025-06-05-two-arg-open.md

@@ -9,6 +9,11 @@ tags: authors guides cpan modules security
 author: robrwo
 author_profile: true
 excerpt: "The 2-argument open function is insecure"
+header:
+  overlay_image: /assets/images/header/SJN08080.JPG
+  teaser: assets/images/teaser/SJN08080.JPG
+  overlay_filter: 0.6
+  caption: "Photo credit: [@sjn](https://github.com/sjn)"
 ---
 
 The 2-argument [open](https://metacpan.org/pod/perlfunc#open) function is insecure, because the filename can include the mode.

_config.yml

@@ -36,7 +36,7 @@ description: "CPAN Security Group"
 domain: security.metacpan.org
 repository: CPAN-Security/security.metacpan.org
 github_username: CPAN-Security
-teaser: "" # path of fallback teaser image, e.g. "/assets/images/500x300.png"
+teaser: "/assets/images/teaser/DEFAULT.JPG" # path of fallback teaser image
 logo: "/media/cpansec-logo-light.png" # path of image to display in the masthead
 breadcrumbs: false # true, false (default)
 words_per_minute: 200
@@ -82,12 +82,13 @@ author:
       url: "https://fosstodon.org/@cpansec"
     - label: "@cpansec.bsky.social"
       icon: "fab fa-fw fa-bluesky"
+
       url: "https://bsky.app/profile/cpansec.bsky.social"
     - label: "GitHub"
       icon: "fab fa-fw fa-github"
       url: "https://github.com/CPAN-Security"
-    - label: "CPANSec Feeds"
-      icon: "fas fa-fw fa-link"
+    - label: "CPANSec RSS feeds"
+      icon: "fas fa-fw fa-rss-square"
       url: "#footer"
 #    - label: "Matrix"
 #      icon: "fab fa-fw fa-matrix-org"
@@ -148,8 +149,9 @@ defaults:
       share: false
       related: false
       show_date: true
-      toc: true
+      toc: false
       toc_sticky: true
+      overlay_filter: 0.6
   - scope:
       path: ""
       type: blog
@@ -163,6 +165,7 @@ defaults:
       show_date: true
       toc: true
       toc_sticky: true
+      overlay_filter: 0.6
 
 #after_footer_scripts:
 

_data/authors.yml

@@ -11,7 +11,7 @@ robrwo:
     Currently based in England.
   github: robrwo
   mastodon: { username: "rrwo", instance: "infosec.exchange" }
-  avatar: "/media/authors/robrwo.png"
+  avatar: "/assets/images/authors/robrwo.png"
   cpan: rrwo
 
 sjn:
@@ -21,12 +21,12 @@ sjn:
     Based in Oslo, Norway.
   github: sjn
   mastodon: { username: "sjn", instance: "chaos.social" }
-  avatar: "/media/authors/sjn.png"
+  avatar: "/assets/images/authors/sjn.png"
 
 thibaultduponchelle:
   name: Thibault Duponchelle
   github: thibaultduponchelle
-  avatar: "/media/authors/thibaultduponchelle.jpeg"
+  avatar: "/assets/images/authors/thibaultduponchelle.jpeg"
 
 stigtsp:
   name: Stig Palmquist
@@ -41,7 +41,7 @@ tux:
   name: H. Merijn Brand ("Tux")
   bio: Data analyst and software developer based in the Netherlands
   github: Tux
-  avatar: "/media/authors/tux.png"
+  avatar: "/assets/images/authors/tux.png"
   mastodon: { username: "Tux", instance: "mastodon.social" }
 
 abraxxa:

_layouts/home.html

@@ -15,13 +15,13 @@
   {% assign posts = site.posts %}
 {% endif %}
 
-<h3 class="archive__subtitle">{{ site.data.ui-text[site.locale].recent_news | default: "News" }}</h3>
+<h2 class="archive__subtitle">{{ site.data.ui-text[site.locale].recent_news | default: "News" }}</h2>
 
 <div class="entries-{{ news_entries_layout }}">
   {% include documents-collection.html entries=posts collection="news" type=page.news_entries_layout sort_order=page.news_sort_order sort_by=page.news_sort_by entries_limit=news_limit %}
 </div>
 
-<h3 class="archive__subtitle">{{ site.data.ui-text[site.locale].recent_blogs | default: "Blog posts" }}</h3>
+<h2 class="archive__subtitle">{{ site.data.ui-text[site.locale].recent_blogs | default: "Blog posts" }}</h2>
 
 <div class="entries-{{ blog_entries_layout }}">
   {% include documents-collection.html entries=posts collection="blog" type=page.blog_entries_layout sort_order=page.blog_sort_order sort_by=page.blog_sort_by entries_limit=blog_limit %}