Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

GPG key error in scripted installation of RVM #3110

Closed
chrispomeroy opened this issue Oct 30, 2014 · 76 comments
Closed

GPG key error in scripted installation of RVM #3110

chrispomeroy opened this issue Oct 30, 2014 · 76 comments

Comments

@chrispomeroy
Copy link

I'm having a problem adding the new GPG key. Trying to fix to a scripted installation of RVM which stopped working after this key requirement.

The script fails when I use curl -sSL https://get.rvm.io | sudo bash -s stable

even though I placed gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3 right before it.

I also tried using --batch --exit-on-status-write-error flags with gpg

Any ideas?

gpg exists with a status code of 1

The funny thing is, adding the gpg key works fine when I manually paste the line into the terminal, just not in a shell script.

@chrispomeroy
Copy link
Author

I was able to fix this by adding --homedir /root/.gnupg to the gpg command.

@jhsu802701
Copy link

Shouldn't this fix be integrated into the code?

@chetanagrawal
Copy link

How to fix this issue permanently? Its bad idea to download new keys everytime there is change in signature. Can't we fix this without the need to download new key using gpg?

@mpapis
Copy link
Member

mpapis commented Oct 31, 2014

@sfunk1x are you using as the root user? you know that it is the worst thing you could do to your server?

@mpapis
Copy link
Member

mpapis commented Oct 31, 2014

ah I missed the part for sudo - will need to think about it for documentation

@mpapis mpapis reopened this Oct 31, 2014
@tbagger
Copy link

tbagger commented Oct 31, 2014

I run 'sudo gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3' the key downloads, but I'm still getting this error.

gpg: failed to create temporary file /home/admin/.gnupg/.#lk0x1318050.tjsites.5741': Permission denied gpg: keyblock resource/home/admin/.gnupg/pubring.gpg': general error
gpg: Signature made Thu 30 Oct 2014 03:27:39 PM EDT using RSA key ID BF04FF17
gpg: Can't check signature: public key not found

@AlmogBaku
Copy link

This is new problem.
I just created a new vagrant instance, which worked a few days ago and this error thrown to me.

I running this command from the root user:

curl -sSL https://get.rvm.io | bash -s stable --quiet-curl --ruby=1.9.3

@mpapis
Copy link
Member

mpapis commented Oct 31, 2014

@AlmogBaku what part of the problem is new? did you read the message and follow instructions?

@AlmogBaku
Copy link

@mpapis I read it, but this problem wasn't appeared a few days ago with the same provisioning scripts. so, I guess something changed in the RVM script..

(I have pre-configured vagrant node with puppets recipes that configuring my server)

@AlmogBaku
Copy link

==> default: gpg: directory `/root/.gnupg' created
==> default: gpg: new configuration file `/root/.gnupg/gpg.conf' created
==> default: gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
==> default: gpg: keyring `/root/.gnupg/pubring.gpg' created
==> default: gpg: Signature made Wed 29 Oct 2014 12:52:06 PM UTC using RSA key ID BF04FF17
==> default: gpg: Can't check signature: public key not found
==> default: Warning, RVM 1.26.0 introduces signed releases and automated check of signatures when GPG software found.
==> default: Assuming you trust Michal Papis import the mpapis public key (downloading the signatures).
==> default: 
==> default: GPG signature verification failed for '/usr/local/rvm/archives/rvm-1.26.0.tgz' - 'https://github.com/wayneeseguin/rvm/releases/download/1.26.0/1.26.0.tar.gz.asc'!
==> default: try downloading the signatures:
==> default: 
==> default:     gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
==> default: 
==> default: they can be compared with:
==> default: 
==> default:     https://rvm.io/mpapis.asc
==> default:     https://keybase.io/mpapis
==> default: Downloading https://bitbucket.org/mpapis/rvm/get/1.26.0.tar.gz
==> default: Downloading https://github.com/wayneeseguin/rvm/releases/download/1.26.0/1.26.0.tar.gz.asc
==> default: gpg: Signature made Wed 29 Oct 2014 12:52:06 PM UTC using RSA key ID BF04FF17
==> default: gpg: Can't check signature: public key not found
==> default: Warning, RVM 1.26.0 introduces signed releases and automated check of signatures when GPG software found.
==> default: Assuming you trust Michal Papis import the mpapis public key (downloading the signatures).
==> default: GPG signature verification failed for '/usr/local/rvm/archives/rvm-1.26.0.tgz' - 'https://github.com/wayneeseguin/rvm/releases/download/1.26.0/1.26.0.tar.gz.asc'!
==> default: try downloading the signatures:
==> default:     gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
==> default: they can be compared with:
==> default:     https://rvm.io/mpapis.asc
==> default:     https://keybase.io/mpapis

@mpapis
Copy link
Member

mpapis commented Oct 31, 2014

@AlmogBaku you need to execute the extra step of trusting my public key, this way - you know that the code was provided by me, and I can sleep safer that nobody impersonated me and provided you malicious code, there are multiple ways of importing the public key, please read on the verification of files signed with GPG

@AlmogBaku
Copy link

Hey @mpapis
Thanks, adding the gpg manually by gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3 solved the problem.. but why it's suddenly not add it automatically?

@mpapis
Copy link
Member

mpapis commented Oct 31, 2014

because there was no GPG signing before, we trusted the "system", but the truth is you cant trust in system, only adding manually a layer of security like signing with GPG can prove the code you got was the one I intended to provide, that no malicious attempt was made on the way ... before you trusted me and the delivery method with no actual verification who provided the code, right now the verification is there, but it requires you to express the intent of trusting me by importing my public key, this key then is used for the verification and would warn you if the code was tempered with

@AlmogBaku
Copy link

I understand.. thanks for the explanation pal.

I guess this change is breaking a lot of automatic scripts(such as puppet, puphpet, bash etc).. so you have any idea how can we solve it?
is it safe to add the D39DC0E3 key to my bash script? or its something dynamic?

@mpapis
Copy link
Member

mpapis commented Nov 1, 2014

@AlmogBaku there are different levels of security:

  1. lack of security, developers use an open CVS server allowing commits from anyone, users download code using http - nobody uses this any more
  2. assumed security, developers use git/svn with SSL encrypted & authenticated connections, users download code using https - this is the default model, unfortunately this is not bullet proof, more and more bugs in https are found, there are attacks on servers hosting the data - it's good but not enough to ensure our safety
  3. blind security - read 4. with assumption internet is used to acquire the public key, internet is not a safe place, if everybody would be using the same url to get the key an attacker would only need to hack the extra url to get back to security provided by 2.
  4. trust based security, developers use private keys (GPG) to sign their code and artefacts (binaries/packages), users use developers public key to ensure the code they use was indeed created by the developer

any attempt to automate installation of public key would be equal to 3. blind security which is only minimally better then 2. assumed security, as the whole idea is to provide 4. trust based security users need to be aware of the risks and put effort into ensuring the proper public key is installed instead of blindly trusting single url to provide proper key.

@AlmogBaku
Copy link

I understand, thanks for the warning.
Sometimes it just necessary... for instance- if you want to use puppet you
must install ruby first- you can do it without RVM, but where is the fun? :)

I think there are some solutions for the problem you raised, for example
you can see what HHVM did with their GPG.
And again- thank you for your kind answer :)

On Sat, Nov 1, 2014 at 3:32 PM, Michal Papis [email protected]
wrote:

@AlmogBaku https://github.com/AlmogBaku there are different levels of
security:

  1. lack of security, developers use an open CVS server allowing
    commits from anyone, users download code using http - nobody uses this
    any more
  2. assumed security, developers use git/svn with SSL encrypted &
    authenticated connections, users download code using https - this is
    the default model, unfortunately this is not bullet proof, more and more
    bugs in https are found, there are attacks on servers hosting the data
  3. it's good but not enough to ensure our safety
  4. blind security - read 4. with assumption internet is used to
    acquire the public key, internet is not a safe place, if everybody would be
    using the same url to get the key an attacker would only need to hack
    the extra url to get back to security provided by 2.
  5. trust based security, developers use private keys (GPG) to sign
    their code and artefacts (binaries/packages), users use developers public
    key to ensure the code they use was indeed created by the developer

any attempt to automate installation of public key would be equal to 3.
blind security which is only minimally better then 2. assumed security,
as the whole idea is to provide 4. trust based security users need to be
aware of the risks and put effort into ensuring the proper public key is
installed instead of blindly trusting single url to provide proper key.


Reply to this email directly or view it on GitHub
#3110 (comment).

@mpapis
Copy link
Member

mpapis commented Nov 1, 2014

yes indeed I will be increasing security of the key, it still is best for users to manually pick what to do, adding a single command to be ran before RVM installation is usually really easy just copy paste the proposed import command if the 3. blind security is good enough for you

@howardroark
Copy link

@mpapis That was a great breakdown of security levels!

Though I think the recent changes do not properly consider how RVM is being used. I get the need to involve a human, but I don't think it is likely in most cases. It seems likely that the majority of cases where the bootstrap script will be used involve 3. blind security. The reality is that less humans are installing rvm via the shell anymore... they are running things like Salt, Chef or Puppet. This change probably sent a good deal of ops scrambling to figure out what was wrong with their automation code. All of whom likely went ahead and automated the signing process despite the caution. This change probably also broke Vagrant setups for many developers who may not be familiar with things like PGP.

I get the desire for this, but the project should keep in mind how this tool is likely being used today. I feel that the issue of trusting a source is unavoidable and must be considered in a rational way. For instance, it could be safer to hand out the github raw url over get.rvm.io. The current key server is likely to experience a spike in traffic if every automation script now has to hit it as well. In the end all this change likely creates is two endpoints becoming potential "risks" .

It would have been nicer if the changes were something that people could have opted into rather than being surprised by. It would be handy if the script offered the ability to run in an "insecure" mode. This way if you are just going to automate the request to get the key, you may as well skip it.

One small issue I did notice is that key signing only seems to work if you do it before running the bootstrap (on ubuntu at least). After the bootstrap runs they key cmd snippet can't just be pasted in and seems to fail unless run prior to the bootstrap. This is probably very confusing to some people.

I say all of this with the best intentions and don't mean to come across as ungrateful in any way. You likely put in a lot of hard work here. This project is awesome and makes my life easier. Thanks!

@todd-a-jacobs
Copy link
Contributor

@howardroark @mpapis There's a middle ground with PGP's web of trust: as long as the user isn't automatically signing the key, the retrieved key's fingerprint can be compared with a value at a well-known URI. For example, RVM could:

  • Retrieve the public key. Installing a key requires no trust in the validity of the key.
  • Verify the fingerprint against an out-of-band value (e.g. https://rvm.io/gpg-fingerprint.asc) rather than something coded into the script itself.
  • This still forces the user to trust the installer script, since nothing guarantees that the script is properly comparing fingerprints...but it's at least another layer.

In the end, there's really no substitute for exported trust signatures from multiple trusted sources (e.g. key-signing by other well-known developers), but many users simply use GPG signatures the same way they use MD5 or SHA-1 (e.g. without actually trusting the keys), so one might as well support that use case provided that there's a big neon warning for the people who don't really grok security, the OpenPGP paradigm, or the web of trust.

Just my $0.02.

@mpapis
Copy link
Member

mpapis commented Nov 4, 2014

the solution is to read the message

@arlago
Copy link

arlago commented Nov 4, 2014

Actually, I needed to install gpg2.

@dholdren
Copy link
Contributor

dholdren commented Nov 4, 2014

is there a plan to document the new signed releases strategy on http://rvm.io ? I don’t see any mention on the home page, or on the install guide: http://rvm.io/rvm/install

@mpapis
Copy link
Member

mpapis commented Nov 4, 2014

@dholdren - yes I will document it soon, I have put most of the feedback I got into the message, so for those lazy ones and not carrying much about security it will be enough to copy paste the key command

@sfunk1x I could not find anything in the link that would tell something else then the message already says, please quote it in case I'm to blind to find it

@arlago this is odd, rvm checks for gpg2 and gpg and only tries to validate signatures when one of them is installed, the displayed message contains the name of the command found, so it should be enough to read the message and copy paste the command

@Startouf
Copy link

Startouf commented Dec 12, 2018

I am getting this error on a new install of RVM on Amazon Linux 2, which I did not run into a few months ago with RVM 1.29.4

$ curl -sSL https://get.rvm.io | sudo bash -s stable
...
GPG signature verification failed for '/usr/local/rvm/archives/rvm-1.29.5.tgz'

I have tried to

sudo gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
command curl -sSL https://rvm.io/mpapis.asc | sudo gpg2 --import -

And from the RVM website

gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

But to no avail, is there a bug with rvm 1.29.5 ?

My libs
gpgv (GnuPG) 2.0.22
libgcrypt 1.5.3

I'm still trying to figure out what is the gpg package name on yum to see if an update works

@pkuczynski
Copy link
Member

@Startouf we released this version signed by another dev (me) with the second key on the list. You would need to import it via:

sudo gpg2 --recv-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

@kissu
Copy link

kissu commented Dec 12, 2018

None of the snippets above works. :(

@dangol
Copy link

dangol commented Dec 12, 2018

we are having intermittent success with:
gpg --keyserver hkp://keys.gnupg.net:80 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
(note the :80 on the address)
however it is Intermittent, and I also get key not found.
Perhaps the new key could be added to a file on https://rvm.io/ like the older:
https://rvm.io/mpapis.asc?

@pkuczynski
Copy link
Member

@kissu its all about importing the keys. Try

gpg --keyserver hkp://keys.gnupg.net:80 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

@pkuczynski
Copy link
Member

@dangol I am working on bringing rvm site to live. Haven't noticed the build is failing. Will ping u as soon as it's done

@pkuczynski
Copy link
Member

See also #4457

@pkuczynski
Copy link
Member

@dangol done. Try now!

@ndiesslin
Copy link

I just started running into this error also and this fixed resolved it for me
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

@dangol
Copy link

dangol commented Dec 12, 2018

@pkuczynski Seems to be working, at the moment thanks

@x-yuri
Copy link

x-yuri commented Dec 12, 2018

This might help.

@kissu
Copy link

kissu commented Dec 13, 2018

@pkuczynski Working again, thanks ! 🙏

@MorganaUzhgorod
Copy link

I just started running into this error also and this fixed resolved it for me
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

Works for me! Thanks!

@bumpux
Copy link

bumpux commented Dec 14, 2018

Still stuck. Mac OS Mojave. Tried various permutations here and elsewhere. Any summary of best solution?

@geerlingguy
Copy link

In my case, on Ubuntu 16.04, I ran:

gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

(gpg instead of gpg2). I'm using the rvm.rvm Ansible role for automation, and it seems to be running into this error duing initial server provision: rvm/rvm1-ansible#186

@peterloeffler
Copy link

seems to work when using master:
bash /var/chef/cache/rvm-installer-googlepremiumadapter master
but not with stable or --version ...

@rhizome
Copy link

rhizome commented Dec 20, 2018

Specifying --keyserver... worked for me.

@dominicsayers
Copy link

@mpapis The message when it fails to install/update only mentions the original key. I believe it should also mention the new key you described in #3110 (comment)

Here is the message I'm seeing when I do rvm get stable today:

Warning, RVM 1.26.0 introduces signed releases and automated check of signatures when GPG software found. Assuming you trust Michal Papis import the mpapis public key (downloading the signatures).

GPG signature verification failed for '/home/build/.rvm/archives/rvm-installer' - 'https://raw.githubusercontent.com/rvm/rvm/master/binscripts/rvm-installer.asc'! Try to install GPG v2 and then fetch the public key:

    gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3

or if it fails:

    command curl -sSL https://rvm.io/mpapis.asc | gpg2 --import -

the key can be compared with:

    https://rvm.io/mpapis.asc
    https://keybase.io/mpapis

NOTE: GPG version 2.1.17 have a bug which cause failures during fetching keys from remote server. Please downgrade or upgrade to newer version (if available) or use the second method described above.

I think the third line should be

gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

as you implied in #3110 (comment)

@jasonl99
Copy link

I tried the suggestion from @dominicsayers to change the command for gpg2 --recv-keys, and it worked for me.

@pkuczynski
Copy link
Member

@dominicsayers I updated the message in the latest version, which we will release soon. Thanks for pointing out.

@sblackstone
Copy link

I was encountering a problem with Mojave similar to this issue - I think the problem is that if you're upgrading from an old version of RVM the gpg install directions don't include the key thats now required for rvm proper.

Going to the website and using those keys first fixes everything.

gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB

@pkuczynski pkuczynski added this to the rvm-1.27.0-before milestone May 8, 2019
MainShayne233 pushed a commit to MainShayne233/mainshayne233.github.io that referenced this issue May 26, 2019
This problem appeared suddenly. For more info see
rvm/rvm#3110
fkarg pushed a commit to HealthMatrix/healthmatrix.github.io that referenced this issue May 19, 2020
Created: 2020-05-19

Last commit included: 3881cf0

This is a combination of 586 commits.
initial commit

change baseurl towork with project page

change config file to more generic settings

change config name, too long

fix avatar to work in small screens even when title is long

add documentation and restructure to be simpler

add back website title to config

update readme about a bug in GH-pages

refer to all files relative to baseurl to work for project pages

fix main jumbotron on mobile

add more features to document to readme

add support for internal or external css/js/googlefonts

remove unnecessary pages

slight wording change

change config settings to be more general

begin documenting readme

add license

more documentation

add gif to show how to install

add more docs

add more documentation

readme is ready

put GIF tutorial before the steps

add spacing in readme

changes to readme

change order in config file

simplify YAML params and readme

add a getstarted page

Delete getstarted.md

add getstarted page

Delete getstarted.md

Update README.md

Update README.md

update readme to try to make it super foolproof even for people who are complete beginners

Update README.md

Update README.md

Update README.md

Update README.md

Update README.md

add info about disqus and google analytics

add support for comments on any page

update readme for support of comments on any page

better rss feed

add link back to blog post about advanced features

make sure the [Read More] in blog excerpts is not disrupted by new line

add facebook opengraph tags

fix elseif syntax

only include description meta tag when there is a page-specific description

add info about fb-img yaml param

disqus: ensure same discussion is used regardless of query params in URL

Update README.md

Update README.md

Update _config.yml

Update _config.yml

Update _config.yml

Update main.css

Update README.md

Update footer.html

Update _config.yml

update readme with prose.io and a few more comments

Update README.md

Update README.md

Update README.md

Update README.md

add table of featured users

Update README.md

Update README.md

add table of contents to readme

Update README.md

Update README.md

Update README.md

Update README.md

Update README.md

Update README.md

Update README.md

Update footer.html

Update main.js

Update _config.yml

Update README.md

Update README.md

fix broken disqus link in readme

Update README.md

Adding post-specific prose.io configuration

:-)

Update _config.yml

adding post-specific prose.io configuration

Update main.js

Update _config.yml

add clipboard actions to featured users

Update README.md

Update footer.html

change attribution link from linking to github repo to website

Update README.md

update featured users

Update 2015-01-07-test-markdown.md

XML escape post blurbs

Update pygment_highlights.css

Update and rename 2015-01-07-test-markdown.md to 2015-02-20-test-markdown.md

simplify stackoverflow link in footer

simplify stackoverflow link in footer; fixes daattali#15

support external links in navbar; fixes daattali#3

show example in config that external links can be used

Remove the instructions in index.html because users didn't know how to remove it

Vagrant support

Add vagrant support for easy local development

modify local development instructions

Update README.md

remove website from featured users

Delete contact.md

Delete contact.js

Delete contact.css

remove Contact page from default navbar

add an image to a sample post

restrict images to 100% width

Fix GPG key error in scripted installation of RVM

This problem appeared suddenly. For more info see
rvm/rvm#3110

Update README.md

Update README.md

update instructions GIF since the GitHub interface changed

change the word GIF to "video" to be more noob-friendly

make sure not to include jquery twice, fixes daattali#29

update to jekyll3 (syntax highlight only supported in code chunks)

migrate to jekyll3 - layout metadata is accessed via "layout."

hardcode css since github broke jekyll

hardcode js since github broke jekyll

Update _config.yml

update footer scripts to try to fix bug; related to daattali#33

update header to try to fix bug; related to daattali#33

clean up featured users

Update README.md

Update README.md

Update README.md

Add conditional avatar

Add show-avatar: true to the default parameters

Fix show-avatar to work on both pages and layouts

Update the README.md with better show-avatar description

Update README.md

add melyanna to featured users

show how to make markdown tables

make table CSS work on any page, not just blog posts

fix a typo

make it more clear that http:// needs to be used in the config url param

remove bkkkk from features users

remove typo

try adding permalink to 404 page

support menus in navbar

fix tabs -> spaces

Create navbarlink.html

refactor navbar menus code

Added files via upload

support big images; fixes daattali#37

update docs to mention bigimg

add requested user to featured users

use post layout by default for blog posts; use same layouts as my website

make the default layout "page" instead of "default"

some readme simplifications

simplify documentation

Update README.md

remove note about jekyll migration

upgrade fontawesome to 4.5.0; fixes daattali#50

Update LICENSE

Update README.md

Update README.md

Update README.md

add featured user by request

Update README.md

Update main.css

Update main.css

nested menus: ensure title width is wide enough to accommodate children; fixes daattali#54

Update base.html

Upgrade gems including Jekyll

Support triple backticks

Update README.md

Update footer-scripts.html

Update head.html

Update head.html

Update head.html

Update main.css

Update main.css

Fix broken link to Featured Users

Upgrade Gemfile.lock (so Jekyll >= 3.1.4) to avoid bug on page/layout metadata.

Change order of post excerpt processing

README.md: Add personal website sjackman.ca

small readme changes

Update README.md

add support for twitter cards (sharing on Twitter will be better); fixes daattali#70

remove hardcoded image

Integrating Public Custom LinkedIn URL

Issue daattali#71 created to highlight the same.

Update _config.yml

add jagged alliance 2 to featured users

Update README.md

Update head.html

add tags

option for tags

tagging options

Tags will display as plain text if a user adds tags to a post. If user
sets 'link-tags: true' in _config.yml, then Jekyll will make a new page
for each tag which lists all posts with given tag (provided the site is
not deployed through GitHub pages)

whoops, set link-tags to false

minor fixes

update tags css

move tags below a post

update comment in config file about link-tags param

move the tags documentation to the appropriate location in README

add css for code blocks

add styling to code blocks (thanks @epwalsh)

add styling to code blocks with line nums

Kept styling the same for code blocks without line nums, added similar
styling for code blocks with line nums

clean up the css

remove imp

fix gutter background

add @epwalsh to featured users

change code chunk examples in sample post

Update 2015-02-20-test-markdown.md

remove a few featured users and add one

adding instagram to footer

instagram footer-links-active

Add link to Xing profile to footer

(Xing is similar to LinkedIn, popular in Germany)

add main-content class to content on minimal layouts (thanks @lrdodge)

Add social share buttons for posts

some modifications to social media sharing section

add info on social-share param to README

fix typo in readme

add copyright and license text to README

add thanks to @hristoyankov, @jamesonzimmer, @XNerv, @epwalsh, @rtlee9

Add YouTube link to Footer

fix typo in config

add Olcay Bayram website upon request

fix disqus not load

Updated my website URL

:ok_hand:

font-awesome v4.6, with snapchat and updated instagram icons

footer: add google-plus, snapchat, spotify

use post.excerpt instead of post.content

add fb app ID, improve social sharing descriptions (daattali#105)

* add fb app ID, improve social sharing descriptions

* add share-img

* Fix sharing img

* Change for fb app ID and Google Analytics

remove unused image

remove unused image

Add check to only show readme link when there is additional post content not shown on index page. Handles truncate words problems with Chinese and Japanese characters by checking for a manual break using the site excerpt separator. (daattali#110)

do not define an excerpt_separator as it breaks paragraphs from being separators

ignore excerpt_separator in index.html

replace post.content with post.excerpt in index page

Fix show/hide of Read Me link on index page (daattali#111)

add back the installation steps image that is used in README; thanks @vietanhweb

added page title in twitter social share button (daattali#113)

Add Docker (daattali#114)

* added docker

* link to docker install

Delete Vagrantfile

Update README.md

Update README.md

Update README.md

Update README.md

Update README.md

add note about project page vs user page

Update README.md

add anudit.in to featured users

Update README.md

added reddit (daattali#121)

* added reddit

* added reddit to footerlinks/author in _config.yaml

change reddit example username

add aqibsaeed.github.io to readme featured users

quickfix to run blog on localhost without changing _config.yml (daattali#127)

Windows fix for Gemfile, removes execjs and therubyracer from dependencies (daattali#128)

* quickfix to run blog on localhost without changing _config.yml

* windows fix for Gemfile, removes execjs and therubyracer from dependencies

Update README.md

Update README.md

remove undocumented feature that one person used

remove undocumented feature

Update gemfile (daattali#134)

add gem badge

Update README.md

Update README.md

Update README.md

add saythanks badge

change saythanks badge url

add support for phone numbers in footer; fix daattali#136

add sample phone values in config

Update README.md

Update README.md

Update README.md

Update README.md

Update README.md

Support title-img config param to have image in the navbar instead of text

add sample title-img param to config

Update _config.yml

add css for navbar title image

Update main.css

Update README.md

Allow dynamic images on each blog post (daattali#143)

* Allow dynamic images on each blog post

* Adding responsive CSS for blog post images

* Adding image parameter to YAML front matter

Update README.md

Update README.md

Add options to configure HTML document title (daattali#154)

* Add option to use site title as HTML document title

* Add configurable title separator character

* Keep old document title behaviour when not using use-site-title

Update README.md

Add Google Tag Manager Integration (daattali#157)

Add Subresource Integrity (SRI) support (daattali#164)

Update README.md

Added my site on the list of personal sites (daattali#180)

Added my site under Personal Websites section.

add changelog; fixes daattali#190

Icon replacement text for screen-reader/text-only browsing, fixes daattali#176 (daattali#189)

add build excludes (daattali#191)

Update json gem to 2.1.0 (daattali#202)

When building locally, json 1.8.3 fails to install when running bundle install. Version 2.1.0 works.

Update README.md

Update README.md

Added fallback fonts to footer copyright. (daattali#216)

Added social buttons for twitch, yelp, and steam (daattali#234)

adds boxes (daattali#227)

* update fontawesome to 4.7

* adds remarkup inspired boxes

* adds markdown example as image

* adds draft post with usage examples

* move box definitions in main.css

* Revert "update fontawesome to 4.7"

This reverts commit 9d7c96c.

* moves box examples into showcase post

* fix line endings in test-markdown

* fix line endings

Fixes table borders for gist (daattali#236)

* removes borders in git tables

* adds jekyll-gist plugin

* adds usage example

* fix line ending

* remove jekyll-gist plugin

* remove jekyll-gist gem

* remove gist example

* catch up recent master changes

remove <i> tag from sample posts

change the sample markdown post to be first

Update 2015-02-28-test-markdown.md

add credits for @OCram85 as top contributor

adds background pattern (daattali#242)

* adds YAML section bg image

* adds bgimage

* adds bgimage config

* fixes layout for processed css file

add CSS for separate bg col image for navbar, page, footer

Update README.md

add config options to change colour/image of navbar/footer/body

Update README.md

Update CHANGELOG.md

Update _config.yml

Update main.css

adds site reference (daattali#226)

fix EOL Sequence to LF (daattali#257)

Update README.md

Badge functionality to layout/post.html (daattali#265)

* add badges to default branch

* add instructions in readme for post badges

* update readme

* add instructions for badges to readme yaml

* switch GH badges to iframes and remove comment out cran badges

* remove cran comment and update yaml table in readme file.

* Update README.md

* Update main.css

Update CHANGELOG.md

Update 2015-02-28-test-markdown.md

Update gh-pages to version 163 (daattali#264)

* update to gh-pages 163

* removed "'" in tzinfo-data gem for local build

add small note for docker issue

add faq

make css more efficient

adds gitattributes file (daattali#271)

fix indentation and liquid whitespace (daattali#273)

Avatar now fades with jQuery (daattali#293) (daattali#295)

Fixed avatar img link (contained space) (daattali#290)

Adds simple Social Network Link / Social Networks Data definition (daattali#278)

* adds social-network-links config keys

* adds social networks config data

* simply social network links in footer

* fix typo

* simplify social-network-links template in config file

* add note about _data/SocialNetworks.yml from config file

* update comments in socialnetworks.yml

Update CHANGELOG.md

Remove :focus and :hover rules from .navbar-toggle (daattali#297)

fixes daattali#268
:focus - #ddd color linger on desktop
:hover - #ddd color linger on touchscreen
aria-expanded="true" - set #ddd color when expanded

Set common colours using jekyll config and add more colour customization (daattali#299)

Update CHANGELOG.md

Update _config.yml

Fix navlinks-parent color on small screens (daattali#300)

* Fix navlinks-parent color on small screens

* CSS Color 0.2 alpha

Update main.css

Simplify Docker use 🐳 (daattali#303)

Update README.md

Update README.md

Replaces tag index plugin with native jekyll features (daattali#307)

* remove tag _gen plugin and its folder

* remove deprecated tag index layout

* add tag index page

* link tag index page in nav bar, enable tag links by default

* add button spacer in main css

* fix tag links in post view

* fix tag links on index and pagination

* tag link instuctions removed. it's enabled as default

Update README.md

Update README.md

Update 2015-02-28-test-markdown.md

Update 2015-02-26-flake-it-till-you-make-it.md

Update 2015-02-13-hamlet-monologue.md

Update 2015-02-28-test-markdown.md

Update CHANGELOG.md

Update 2015-01-04-first-post.md

Update 2015-01-15-pirates.md

Update 2015-01-27-dear-diary.md

Update _config.yml

Update main.css

Update tags.html

Update main.css

Update main.css

Update tags.html

Update 2015-02-28-test-markdown.md

Update 2015-02-26-flake-it-till-you-make-it.md

Update 2015-02-13-hamlet-monologue.md

Update tags.html

Adds Matomo (aka Piwik) integration (daattali#310)

* adds Matomo (aka Pwiki) integration

* adds tracking code in header

Update _config.yml

Update footer.html

minor mispelling and missing quotes (daattali#319)

Generate sitemap.xml (daattali#323)

Automatically generate sitemap.xml to use with Google Search Console and improve SEO.

Update CHANGELOG.md

Container now have all proper dependencies (daattali#322)

Container was not working because didn't have all dependencies, and change CMD command for ENTRYPOINT.

Minimal Dockerfile (daattali#326)

update featured users

Update README.md

Update README.md

Fix wrong default layout in README.md (daattali#348)

Readme.md: fix instructions for dirs with spaces (daattali#351)

$PWD needs to be surrounded in quotes so that the commands work when any folder in the path has a space in it.

update nokogiri deps (daattali#352)

add guitarlessons to featured users

update link to personal website (daattali#360)

Update README.md

add fb comment (daattali#350)

* add fb comment

* Update README.md for facebook comments

* Update _config.yml

* Update README.md

Update CHANGELOG.md

Fix code fence css bug when published on gh pages (daattali#366)

fixes daattali#365

Update README.md

Notch display (daattali#355)

* Notch display

* Notch display

* Update main.css

mistake

Add gtag support for Google Analytics (daattali#374)

Update README.md

update http to https in readme

update http to https in footer

Use HTTPS as default protocol of site (daattali#414)

add pull request template to try to discourage wrong PRs

Update pull_request_template.md

Create issue_template.md

Moved Google Analytics to the Head (daattali#419)

* Moved Google Analytics to the Head

* Update CHANGELOG

fix security vulnerabilities (daattali#423)

Updates github-pages to v193 (daattali#426)

* update github-pages to v193

* rebuild gemfile.lock with ruby 2.5.3p105 [x64-mingw32]

add missing https in link (daattali#433)

http -> https (daattali#439)

[Feature] Staticman v3 Support (daattali#440)

* Added Staicman support

* Corrected template for staticman.yml

* Edit for coherence with _includes/disqus.html

* Updated documentation for Staticman

* Updated License to give credits to Michale Rose

* Update LICENSE

* add more staticman details to readme

* Clearer instructions about reCAPTCHA in YML

* Nest reCAPTCHA param inside Staticman

* Prepend all css selectors with .staticman-comments

Edit suggested by theme owner to avoid CSS rules overriding.

* Add myself to the change log

* Update _config.yml

Add newline to EOF (daattali#442)

Update head.html

Update README.md

Update _config.yml

Update staticman.yml

Fix Staticman's raw JSON response in daattali#440 (daattali#444)

* Fix redirection error in daattali#440

* Corrected jQuery call URL in Staticman script

Fixed avatar img link on LINE51 (contained space) (daattali#448)

Removed the extra space after {{ site.url }} and before "

Correct typo introduced at fe40d41 (daattali#449)

README.md: add solution of write permission when setup docker env (daattali#450)

* README.md: add solution of write permission when setup docker env

Signed-off-by: Yu-Chen Lin <[email protected]>

* Update README.md

German translation improvement (daattali#456)

Integration with just-comments (daattali#468)

Add support for just-comments

Addes a .box-success class (daattali#469)

* Added a .box-success class

Added a .box-success class

* Update main.css

Rename just-comments to JustComments (daattali#492)

fix issue 491 - header margins disappeared because of css env variable

Add permission for jekyll user on Gemfile (daattali#503)

Remove note about permission issues

R.I.P. Google Plus (daattali#501)

Signed-off-by: Yu-Chen Lin <[email protected]>

Update github-pages plugin (daattali#476)

Update github-pages plugin from version 193 to 197.

Fix daattali#457
Fix daattali#385

Fix showing background img with non-empty baseurl (daattali#497)

* Fix showing background img with non-empty baseurl

Also switch globally to relative_url for all baseurl prepends,
which is more robust than custom URL mangling

* More site.baseurl -> relative_url conversion

Fix post image url too (daattali#504)

Abs link patch (daattali#506)

* Fix absolute URL generation

url and baseurl config for this theme deviates from jekyll standard,
and that results in double inclusion of project path
if this theme is used as project page.

Switching to Jekyll accepted url usage so that
absolute_url filter works.

* Alternate links need to be aboslute

* mention url and baseurl only need to be modified in local dev

* Update readme on new url/baseurl setting changes

update year in readme

add credits to @abelcheung in readme

add a known limitation to readme

Update _config.yml

Update README.md

Update README.md

Obsoletes navbarlink with relative_url filter (daattali#508)

Staticman anti-spam suggestion (daattali#509)

README: add FAQ about mathjax

show how to center an image

Refactor code block styles (daattali#516)

* Refactor code block styles

Code block bg adopts to custom user bg color instead of using
hardcoded color, preserving original design as much as possible.

* Revert to linear-gradient(), exchange strip order

repeating-linear-gradient() doesn't generate necessary stripping near
code block borders

Staticman documentation enhancement (daattali#514)

* Add a link to Staticman: Webhooks

* Clearer README on Staticman reCAPTCHA and endpoint

* Update README after owner's feedback

* Update staticman.yml after owner's feedback

* Further improve Staticman templates

* Corrected Staticman config instructions

* Update staticman.yml

* Update _config.yml

* Update README.md

fixed typo (daattali#524)

Staticman - try to avoid spam by using javascript to write the form action (daattali#521)

Update README.md (daattali#525)

removed double spaces (daattali#526)

Reorder scripts in footer (daattali#522)

Remove fullstop in some Staticman UI text (daattali#529)

Add support for customizable date format (daattali#533)

* Add support for customizable date format

* Add support for customizable date format

Add support for customizable date format (daattali#536)

Use v2 for JustComments (daattali#538)

Create FUNDING.yml

Use URI templates for social network links (daattali#586)

Update to Font Awesome 5 (daattali#587)

Update CHANGELOG.md

Remvoe justcomments because it's being killed end of year

Update CHANGELOG.md

add utterances comments support (daattali#596)

Update CHANGELOG.md

small refactor and cleanup to comments system

Update utterances-comment.html

Update utterances-comment.html

change paypal to github sponsor

Update README.md

Allow to disable the round avatar (daattali#612)

fix broken if statements in css

remove gemfile lock as suggested by @gpotter2

Add GHCI (daattali#613)

Add CI badge (daattali#615)

Allow configuring lang attribute on <html> tag (daattali#608)

Add a page/site configuration variable named "language", which can be
set either in _config.yml or in a front matter in order to customize
value of "lang" attribute on <html> element.  Previously, it was
hardcoded to "en".

Update README.md

Add default values for config variables (daattali#621)

rearrange and improve config file

simplify author name config variable

rearrange and better document config file

remove socialnetworks data file, in preparation for remote_theme that doesn't support data folders; fixes daattali#614

Update .gitignore

add readtime for posts (daattali#622)

add readtime to reademe

Misplaced css attribute (daattali#623)

add 'home' layout and use it in index file

readme updates

simplify readme

Update README.md

Update README.md

Update CHANGELOG.md

Make theme compatible with remote_theme (daattali#590); fixes daattali#339

mention remote_theme in changelog

Update _config.yml

Update README.md

move demo site to docs/ folder

fix problems in demo site

Update README.md

Update README.md

reset url and baseurl in config

Update README.md

Update README.md

Update README.md

remove url and baseurl from config

simplifications to readme

remove project vs user page section and simplify instructions for project pages

Update README.md

Update README.md

remove prose for the sake of simplifying

Update _config.yml

dont include docs/ in built site

dont include docs/ in built site

add instructions for remote_theme

Update README.md

Update README.md

Update README.md

Update _config.yml

Update _config.yml

Update README.md

Update README.md

Update README.md

remove docker for simplification

attempt to add all gem requirements to master

test if package.json causes "Used By" button to appear at top

Delete package.json

Update README.md

better organization of readme

Update README.md

try to make demo site from docs/ folder be built with reomte_theme

Update _config.yml

Update _config.yml

add documentation about all the ways to use beautifuljekyll as a gem and a remote theme

remote duplicated remote_theme section

Update CHANGELOG.md

Update README.md

Update README.md

Update README.md

Update README.md

Update CHANGELOG.md

Update README.md

Add Telegram to social links (daattali#625)

Update CHANGELOG.md

Update README.md

upgrade gem to 2.0.1

Update LICENSE

fix staticman to use correct js files

fix staticman css

Delete featured-users.md

Update _config.yml

shorten the Features section in readme

move features to be the first section in readme

remove comment platform details from readme and move it all to config

Update README.md

add advanced (gem) instructions in demo site

Update getstarted.md

move advanced install instructions (gem) to the demo site

Update getstarted.md

Update getstarted.md

Update README.md

Update getstarted.md

Update README.md

Update getstarted.md

Update demo.css

Update getstarted.md

upgrade gem to 2.1.0

remove all files from docs/ and redirect to standalone website

Delete _config.yml

Update index.html

move all beautifuljekyll links to dedicated site and replace http with https

upgrade gem to 2.2.0; all work is now complete

social network links: move email to be first

social network links: fix bug where RSS was showing up even if turned off

social network links: add calendly support

fix calendly href

add calendly to config

Update CHANGELOG.md

add option nav-short to have navbar permanently collapsed

when linking to an intra-document point, don't scroll too much

add YAML option footer-extra

update font in custom footer

upgrade gem to 2.3.0

remove old website from featured users

Update README.md

upgrade to bootstrap 4, complete rewrite of template (daattali#629)

Update README.md

Update README.md

remove googlefonts and use plain CSS instead

simplify sample post

rename blog posts

remove unused css

add alt to images in navbar

Update README.md

Update CHANGELOG.md

Update CHANGELOG.md

Update CHANGELOG.md

Update README.md

Update README.md

Delete 2020-01-04-first-post.md

Delete 2020-01-15-pirates.md

Delete 2020-01-19-soccer.md

Delete 2020-01-27-dear-diary.md

Delete 2020-02-13-hamlet-monologue.md

Update CHANGELOG.md

make navbar title same size as pre bootstrap 4

make menu toggler on mobile same height as pre bootstrap migration

upgrade changelog for v3.0.0

Update CHANGELOG.md

update gem to 3.0.0

fix issue where a menu item with a dropdown as the last menu item did not have proper margin

Update issue_template.md

remove CI badge
gniuk pushed a commit to gniuk/gniuk.github.io that referenced this issue Dec 30, 2020
This problem appeared suddenly. For more info see
rvm/rvm#3110
Avonae pushed a commit to Avonae/Eng-blog that referenced this issue Apr 30, 2024
This problem appeared suddenly. For more info see
rvm/rvm#3110
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests