Use Chirpy theme

[koppor]

User description

This addresses: #1 (comment)

Today, one can see it rendered at https://jabref.github.io/GSoC/

---

PR Type

Enhancement

---

Description

• Migrate GSoC website from custom setup to Chirpy Jekyll theme

• Add comprehensive development environment configuration with DevContainer support

• Restructure GSoC project ideas into individual blog posts with proper metadata

• Implement GitHub Pages deployment workflow with Jekyll build and HTML validation

• Add development tools configuration for code formatting, linting, and spell-checking

---

Diagram Walkthrough

flowchart LR
  A["Old Setup<br/>Custom Jekyll"] -->|"Migrate"| B["Chirpy Theme<br/>v7.4.1"]
  B -->|"Add"| C["DevContainer<br/>Configuration"]
  B -->|"Add"| D["GitHub Actions<br/>Workflow"]
  B -->|"Restructure"| E["Blog Posts<br/>with Metadata"]
  C -->|"Enable"| F["Local Development<br/>Environment"]
  D -->|"Automate"| G["Build & Deploy<br/>to Pages"]

Loading

File Walkthrough

	Relevant files
Configuration changes	13 files devcontainer.json Add DevContainer configuration for Jekyll development        +33/-0    post-create.sh Setup development environment with dependencies                    +18/-0    .editorconfig Define code style and formatting rules                                      +19/-0    .gitattributes Configure line ending normalization                                            +16/-0    dependabot.yml Enable automated dependency updates                                            +8/-0      pages-deploy.yml Automate Jekyll build and GitHub Pages deployment                +71/-0    .nojekyll Disable Jekyll processing for static assets                            +1/-0      extensions.json Recommend VS Code extensions for development                          +7/-0      settings.json Configure VS Code editor and formatter settings                    +30/-0    tasks.json Define VS Code tasks for Jekyll operations                              +26/-0    _config.yml Configure Jekyll site with Chirpy theme settings                  +226/-0  contact.yml Define social media contact links                                                +31/-0    share.yml Configure social sharing platform options                                +42/-0
Dependencies	3 files .gitmodules Add Chirpy static assets as submodule                                        +3/-0      Gemfile Specify Ruby gem dependencies for Chirpy theme                      +14/-0    lib Add Chirpy static assets as git submodule                                +1/-0
Enhancement	18 files posts-lastmod-hook.rb Track post modification dates from git history                      +14/-0    2025-12-24-about-gsoc.md Convert about page to Jekyll post with frontmatter              +14/-6    2025-12-24-application.md Convert application guide to Jekyll post format                    +7/-1      2025-12-24-own-project.md Add custom project proposal guidelines post                            +18/-0    2025-12-26-abbreviations.md Create journal abbreviations GSoC project post                      +28/-0    2025-12-26-libreoffice.md Create LibreOffice integration GSoC project post                  +47/-0    2025-12-26-native-image.md Create native image compilation GSoC project post                +51/-0    2025-12-26-ocr.md Create OCR and AI document handling project post                  +49/-0    2025-12-26-postgres.md Create PostgreSQL backend GSoC project post                            +32/-0    2025-12-26-slr.md Create systematic literature review project post                  +32/-0    2025-12-26-zotero.md Create Zotero synchronization GSoC project post                    +20/-0    about.md Create about page as Jekyll tab                                                    +11/-0    archives.md Create archives navigation tab                                                      +5/-0      categories.md Create categories navigation tab                                                  +5/-0      tags.md Create tags navigation tab                                                              +5/-0      index.html Create Jekyll home page layout                                                      +4/-0      run.sh Add Jekyll development server launch script                            +54/-0    test.sh Add Jekyll build and HTML validation script                            +89/-0
Miscellaneous	2 files .placeholder Create posts directory placeholder                                              +1/-0      ideas-2026.md Remove consolidated ideas file                                                      +0/-247

---

[qodo-free-for-open-source-projects]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🔴	Unverified remote code execution Description: The script downloads and executes code from an external source (webi.sh) without verification, allowing potential code injection if the source is compromised or intercepted. post-create.sh [10-10] Referred Code curl -sS https://webi.sh/shfmt | sh &>/dev/null
⚪	Command injection vulnerability Description: The script uses bash -i -c with user-controlled input from package.json, which could allow command injection if package.json contains malicious commands. post-create.sh [4-4] Referred Code bash -i -c "nvm install --lts && nvm install-latest-npm" npm i
	Unverified submodule checkout Description: Checking out code with submodules enabled without pinning submodule commits could allow malicious code execution if a submodule repository is compromised. pages-deploy.yml [32-34] Referred Code uses: actions/checkout@v6 with: submodules: true
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Unvalidated External Downloads: The script downloads and executes external content from webi.sh without validation or integrity checks, which could pose a security risk if the source is compromised. Referred Code curl -sS https://webi.sh/shfmt | sh &>/dev/null Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-free-for-open-source-projects]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Test the same directory that is deployed Correct the htmlproofer command to test the same directory that is built and uploaded as an artifact, ensuring the tests are actually validating the deployed content. .github/workflows/pages-deploy.yml [51-60] - name: Test site run: | - bundle exec htmlproofer _site \ - \-\-disable-external \ - \-\-ignore-urls "/^http:\/\/127.0.0.1/,/^http:\/\/0.0.0.0/,/^http:\/\/localhost/" + bundle exec htmlproofer "_site${{ steps.pages.outputs.base_path }}" \ + --disable-external \ + --ignore-urls "/^http:\/\/127.0.0.1/,/^http:\/\/0.0.0.0/,/^http:\/\/localhost/" - name: Upload site artifact uses: actions/upload-pages-artifact@v3 with: path: "_site${{ steps.pages.outputs.base_path }}" Apply / Chat Suggestion importance[1-10]: 9 __ Why: This suggestion identifies a critical bug in the CI workflow where the tests are not running on the actual built site, rendering them ineffective. Applying this fix is crucial for ensuring the deployed site is correctly validated.	High
Security	Avoid insecure curl to shell pipe Replace the insecure curl | sh command with a safer method of downloading a specific shfmt binary from its official release to mitigate security risks. .devcontainer/post-create.sh [9-10] # Install dependencies for shfmt extension -curl -sS https://webi.sh/shfmt | sh &>/dev/null +# Using a fixed version for shfmt for reproducibility and security. +# See https://github.com/mvdan/sh/releases +SHFMT_VERSION="v3.8.0" +curl -sSLo /usr/local/bin/shfmt "https://github.com/mvdan/sh/releases/download/${SHFMT_VERSION}/shfmt_${SHFMT_VERSION}_linux_amd64" +chmod +x /usr/local/bin/shfmt Apply / Chat Suggestion importance[1-10]: 8 __ Why: The suggestion correctly identifies a significant security vulnerability (piping curl to sh) and provides a more secure and reproducible alternative by downloading a specific binary version.	Medium
General	Pin plugin versions for reproducibility Pin the Zsh plugin versions by cloning specific tags instead of the default branch to ensure a consistent and reproducible development environment. .devcontainer/post-create.sh [12-14] # Add OMZ plugins -git clone https://github.com/zsh-users/zsh-syntax-highlighting.git ~/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting -git clone https://github.com/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions +git clone --depth 1 --branch v0.8.0 https://github.com/zsh-users/zsh-syntax-highlighting.git ~/.oh-my-zsh/custom/plugins/zsh-syntax-highlighting +git clone --depth 1 --branch v0.7.0 https://github.com/zsh-users/zsh-autosuggestions ~/.oh-my-zsh/custom/plugins/zsh-autosuggestions Apply / Chat Suggestion importance[1-10]: 5 __ Why: The suggestion improves the reproducibility and stability of the development environment by pinning plugin versions, which is a recognized best practice.	Low
Update

[subhramit]

Can we use light theme for this one for the sake of variety?

Suggested change

	theme_mode: # [light | dark]
	theme_mode: light

[subhramit]

Okay just realized from Ruslan's screenshots that it is by default, system-dependent

[InAnYan]

Hmm... it's interesting, but I don't like that it's "blog styled"

E.g. on https://jabref.github.io/GSoC/posts/postgres/:

Is it possible to remove "Further reading" and "Newer" and "Older"?

On home page:

Remove this?

Also, I don't like the idea of the home page. Is it possible to change it whatsoever?

Is it possible to change categories?

UPD: It is possible

[koppor]

Short sync: We go ahead.

We still have some weeks to "tune".

Options to go forward:

• Go back to non-chirpy - and keep the different files (effort: 1 hour)
• Search for another theme (effort >= 5 hours)
• Tune Chirpy (effort: 1 hour)
• Keep as is (effort: 0 hours)

[koppor]

I squash merge - for an update we will need to do magic-merge-commit.