Hello! You may have noticed that my blog got a whole lot uglier recently! That’s because I have migrated my blog from Jekyll to Hakyll. I’m not entirely done with the migration (I have to fix images still), but I just wanted to give my thoughts on the change and what I want to do with the blog now.
Why migrate?
Recently, I received an e-mail from GitHub saying that my blog had a security vulnerability in one of its dependencies. It turns out that the Ruby gem, Kramdown, had a vulnerability allowing unintended read access or unintended Ruby code execution. Naturally, this was somewhat concerning. I checked out the Jekyll site and found that if I updated to the newest version of Jekyll, I would avoid using the affected version of Kramdown. I thought this would be the easy way out, since all I had to do was update Ruby and then update Jekyll. Unfortunately, that didn’t work. I ran into some errors and my Jekyll version wouldn’t update. After a bit more thought, I looked into the history of Jekyll and found that similar security vulnerabilities have been found before in various Ruby gems that Jekyll depends on. At this point, I decided that I wanted to use something I could trust to be more stable and looked into alternatives. Hakyll was the first one that came up and it had no history of vulnerabilities, so I decided to give it a try. Hakyll is also written in Haskell, which is a fairly mature language at this point, so I feel comfortable making this change.
Migration
Migrating was kind of interesting. Installing Stack and setting up the site to begin with took a fair amount of time (>30 minutes). I can’t say that this left a great first impression on me, but after I got it all installed and setup, building the site was very quick. I had to go through all of my old blog posts and update them, since the markdown parser Hakyll uses by default behaves a bit differently. Going through my old posts was a fun trip down memory lane, although I have to say, I’m not fond of some of the older posts I’ve written. Some of the posts were being read in binary format, apparently, and I had to copy them in order to get Hakyll to stop complaining about them. Kind of strange. Otherwise, this was a very smooth process.
Deploying the site to GitHub Pages was more tricky. There is a tutorial for this on the Hakyll site, but when I was reading it, it wasn’t clear which files went where. So if you look at my blog’s commit history, you’ll notice that I fought with the file locations a bit before I eventually figured out where they all belong. Now that I understand the structure a bit better, the tutorial makes a lot more sense, but it’s definitely one of those pieces of documentation that is easier to read when you already understand its contents. I find that this happens with a lot of documentation, usually because it’s written by someone who is already familiar with how something works and has forgotten how someone new to the problem would approach things.
Future plans
Currently, I’m using Hakyll’s default theme, which is kind of ugly. I want to change this and pretty up the site a bit. I also want to fix the images in previous blog posts. However, since I am still very busy, I don’t really know when I will next be able to do this. To be completely honest, I did not want to mess with my blog this month, but because of the vulnerability, I felt obligated to fix the issue. Now that I have switched to Hakyll, I hope that I won’t have to deal with these kinds of issues again in the future.