Security Policy
Security Policy
Supported Versions
This Jekyll blog is actively maintained. Security updates are applied regularly.
| Component | Version | Status |
|---|---|---|
| Jekyll | 3.9.5 | ✅ Supported (via github-pages) |
| Ruby | 3.4.x | ✅ Supported |
| Nokogiri | >= 1.18.0 | ✅ Supported |
Reporting a Vulnerability
If you discover a security vulnerability in this blog, please report it by:
- Do not open a public issue
- Contact via Twitter DM: @anxiouslytech
- Or via LinkedIn: Jason Rinehart
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
Security Measures
This blog implements the following security practices:
- Regular dependency updates via Dependabot
- Pinned gem versions for reproducible builds
- Security-focused gems (nokogiri, kramdown) kept up to date
- Google Analytics 4 (privacy-focused analytics)
- HTTPS enforced via hosting platform
- No user authentication or data collection beyond analytics
Dependency Updates
Dependencies are reviewed and updated:
- Monthly for security patches
- Quarterly for minor version updates
- As needed for critical security issues
Last updated: November 2025