feat(site): Substantial site redesign

This redesign is still a draft with pieces unfinished, but it's at the
point where we can probably start to have others contribute to it.

Signed-off-by: Andrew Lilley Brinker <[email protected]>

.github/workflows/website-deploy.yml

@@ -51,6 +51,12 @@ jobs:
           mv tailwindcss "${HOME}/.local/bin/tailwindcss"
           echo "${HOME}/.local/bin" >> $GITHUB_PATH
 
+      # Install the latest major version of Deno.
+      - name: Install Deno
+        uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
       # Setup GitHub Pages
       #
       # Specifically, this sets some variables we can use in later steps that
@@ -70,6 +76,8 @@ jobs:
           cd site
           zola build
           tailwindcss -i styles/main.css -o public/main.css
+          cd scripts
+          deno task bundle
 
       # Upload the output of the build as an Actions artifact so the deploy
       # step can pick it up and use it.

.github/workflows/website-test.yml

@@ -41,9 +41,17 @@ jobs:
           mv tailwindcss "${HOME}/.local/bin/tailwindcss"
           echo "${HOME}/.local/bin" >> $GITHUB_PATH
 
+      # Install the latest major version of Deno.
+      - name: Install Deno
+        uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
       # Build the actual site with Zola and Tailwind.
       - name: Build Hipcheck Website
         run: |
           cd site
           zola build
           tailwindcss -i styles/main.css -o public/main.css
+          cd scripts
+          deno task bundle

.zed/settings.json

@@ -0,0 +1,35 @@
+// Folder-specific settings
+//
+// For a full list of overridable settings, and general information on folder-specific settings,
+// see the documentation: https://zed.dev/docs/configuring-zed#settings-files
+{
+  "lsp": {
+    "deno": {
+      "settings": {
+        "deno": {
+          "enable": true
+        }
+      }
+    }
+  },
+  "languages": {
+    "TypeScript": {
+      "language_servers": [
+        "deno",
+        "!typescript-language-server",
+        "!vtsls",
+        "!eslint"
+      ],
+      "formatter": "language_server"
+    },
+    "TSX": {
+      "language_servers": [
+        "deno",
+        "!typescript-language-server",
+        "!vtsls",
+        "!eslint"
+      ],
+      "formatter": "language_server"
+    }
+  }
+}

site/config.toml

@@ -1,56 +1,66 @@
 # The URL of the side.
 base_url = "https://mitre.github.io/hipcheck"
 
+# Generate an Atom feed for the blog.
+generate_feeds = true
+
 # Don't use Sass
 compile_sass = false
 
-# Build the search engine.
+# Build the search index.
 build_search_index = true
 
+[search]
+
+# Use the elasticlunr format for the search index.
+index_format = "elasticlunr_json"
+
 [markdown]
 
 # Use syntax highlighting.
 highlight_code = true
+highlight_theme = "ayu-light"
 
 [extra]
 
+# Backup title used in meta tags and social sharing cards.
+title = "Hipcheck"
+
+# Backup description used in meta tags and social sharing cards.
+description = "Helping maintainers assess software packages for long-term risk."
+
 # Define the site navigation.
 nav = [
-    { name = "Documentation", url = "@/docs/_index.md" },
-    { name = "Contribute", url = "@/contribute/_index.md" },
-    # TODO: Uncomment this when the blog is ready.
-    # { name = "Blog", url = "@/blog/_index.md" },
-    { sep = true },
+    { name = "Docs", url = "@/docs/_index.md" },
+    { name = "Contribute", url = "@/docs/contributing/_index.md" },
+    { name = "Blog", url = "@/blog/_index.md" },
     { name = "Get Help", url = "https://github.com/mitre/hipcheck/discussions", icon = "life-buoy", external = true },
-    { name = "Install", url = "@/install/_index.md", highlight = true, icon = "arrow-down" },
-    { sep = true },
+    { name = "Install", url = "@/docs/getting-started/install.md", highlight = true, icon = "arrow-down" },
     { url = "https://github.com/mitre/hipcheck", icon = "github", icononly = true },
-    { url = "#", icon = "sun", icononly = true, id = "toggle-darkmode" },
 ]
 
 # Define the site footer.
 footer = [
     [
         { name = "Documentation", title = true },
-        { name = "Quickstart", url = "@/docs/quickstart/_index.md" },
+        { name = "Getting Started", url = "@/docs/getting-started/_index.md" },
         { name = "Complete Guide", url = "@/docs/guide/_index.md" },
-        { name = "Requests for Discussion", url = "@/rfds/_index.md" },
-        # TODO: Uncomment this when the blog is ready.
-        # { name = "Development Blog", url = "@/blog/_index.md" },
+        { name = "Requests for Discussion", url = "@/docs/rfds/_index.md" },
+        { name = "Blog", url = "@/blog/_index.md" },
         { name = "Project", title = true },
-        { name = "Hipcheck Values", url = "@/rfds/0002-hipchecks-values.md" },
+        { name = "Hipcheck Values", url = "@/docs/rfds/0002-hipchecks-values.md" },
         { name = "Open Source License", url = "https://github.com/mitre/hipcheck/blob/main/LICENSE", external = true },
         { name = "Code of Conduct", url = "https://github.com/mitre/hipcheck/blob/main/CODE_OF_CONDUCT.md", external = true },
     ],
     [
         { name = "Install", title = true },
-        { name = "Installer", url = "@/install/_index.md" },
+        { name = "Installer", url = "@/docs/getting-started/install.md" },
         { name = "Container Image", url = "https://hub.docker.com/r/mitre/hipcheck", external = true },
         { name = "Release Notes", url = "https://github.com/mitre/hipcheck/releases", external = true },
         { name = "Changelog", url = "https://github.com/mitre/hipcheck/blob/main/CHANGELOG.md", external = true },
         { name = "Packages", title = true },
-        { name = "GitHub", url = "https://github.com/mitre/hipcheck", external = true },
-        { name = "Crates.io", url = "https://crates.io/crates/hipcheck", external = true },
+        { name = "Hipcheck", url = "https://github.com/mitre/hipcheck/releases/tag/hipcheck-v3.7.0", external = true },
+        { name = "Rust Plugin SDK", url = "https://crates.io/crates/hipcheck-sdk", external = true },
     ],
     [
         { name = "Contribute", title = true },

site/content/blog/2024-11-04-hipcheck-3.8.0-release.md

@@ -0,0 +1,82 @@
+---
+title: Hipcheck 3.8.0 Release
+authors:
+  - Andrew Lilley Brinker
+extra:
+  author_img: "images/authors/andrew.jpg"
+---
+
+Hipcheck 3.8.0 is out, with a completed transition to our new plugin system,
+and a lot of polish for the plugin user experience.
+
+<!-- more -->
+
+---
+
+## End of a Half-Measure
+
+In 3.6.2, we launched the initial version of Hipcheck's new plugin system!
+This is a new mechanism that enables anyone to add support for new data sources
+and new analyses.
+
+As part of the move to plugins in 3.6.2, we introduced a "policy file"
+format, written with KDL syntax, and began to phase out the older "configuration
+file" written in TOML. You could (and can still in 3.8.0) continue to use
+the TOML file, though you get a warning, and under the hood this TOML file
+is converted to the KDL format.
+
+In the KDL policy file, you specify plugins to run with a "plugin specifier"
+that looks like `mitre/activity`, or more generally `<publisher>/<plugin>`. From
+3.6.2 to 3.7.0, any of the existing analyses which can be built into Hipcheck
+were exposed as `mitre`-namespaced plugins in the policy file.
+
+However, under the hood, these did _not_ actually run those analyses _as
+plugins_, but rather continued to run code that was built in to Hipcheck. Even
+at the time, we knew this was a half measure to get the initial support for
+plugins out into the wild while we continued to work on splitting existing
+data sources and analyses out.
+
+With 3.8.0, that splitting-out is complete! There are no more built in analyses
+or data sources in Hipcheck. This is good news, both for making the `hc` binary
+itself smaller, _and_ because it means we no longer privilege plugins made
+by the Hipcheck team! They run with the same Rust plugin SDK we make available
+to anyone who wants to write a Hipcheck plugin.
+
+This dog-fooding of our own SDK and plugin API also helped us to identify both
+bugfixes and future improvements to make.
+
+## New Plugins
+
+| Plugin Name         | Top-Level? | Download Manifest Location |
+|:--------------------|:-----------|:---------------------------|
+| `mitre/activity`    | Yes        | TODO                       |
+| `mitre/affiliation` | Yes        | TODO                       |
+| `mitre/binary`      | Yes        | TODO                       |
+| `mitre/churn`       | Yes        | TODO                       |
+| `mitre/entropy`     | Yes        | TODO                       |
+| `mitre/fuzz`        | Yes        | TODO                       |
+| `mitre/git`         | -          | TODO                       |
+| `mitre/github`      | -          | TODO                       |
+| `mitre/identity`    | Yes        | TODO                       |
+| `mitre/linguist`    | -          | TODO                       |
+| `mitre/npm`         | -          | TODO                       |
+| `mitre/review`      | Yes        | TODO                       |
+| `mitre/typo`        | Yes        | TODO                       |
+
+TODO: Explain what "top-level" means, what the download link is for, and how
+to use these new plugins.
+
+## Changelogs
+
+### `hc`
+
+- Add `patch` field to policy files
+- Introduce clear schema for `target` for default queries
+- Add support for specifying local plugins
+- Add support for datetimes and spans in policy expressions
+
+### `hipcheck-sdk` Rust Crate
+
+- Add ability to mock query responses for testing.
+- Add concern reporting support for queries.
+- FIX: Ensure the SDK sends error messages over gRPC in addition to logging them.

site/content/blog/_index.md

@@ -2,8 +2,5 @@
 title: Blog
 sort_by: date
 template: blog.html
+page_template: blog_post.html
 ---
-
-# Hipcheck Development Blog
-
-Updates from the people building Hipcheck.

site/content/docs/_index.md

@@ -1,31 +1,30 @@
 ---
 title: Documentation
+template: docs.html
+page_template: docs_page.html
 sort_by: weight
 ---
 
 # Documentation
 
 Welcome to the official Hipcheck documentation!
 
-## Quickstart
+<div class="grid grid-cols-2 gap-8 mt-8">
 
-This is a guide to installing and running Hipcheck for the first time, and
-is our recommended starting point for beginners!
+{% waypoint(title="Getting Started", path="@/docs/getting-started/_index.md", icon="map-pin") %}
+A guide to installing and running Hipcheck for the first time.
+{% end %}
 
-{{ button(link="@/docs/quickstart/_index.md", text="Check out the Quickstart Guide") }}
+{% waypoint(title="Complete Guide", path="@/docs/guide/_index.md", icon="map") %}
+A complete guide to all of Hipcheck's functionality.
+{% end %}
 
-## Complete Guide
+{% waypoint(title="Contribute", path="@/docs/contributing/_index.md", icon="award") %}
+Learn how to make contributions to Hipcheck itself.
+{% end %}
 
-This is a complete guide to all of Hipcheck's functionality, including both
-how to use Hipcheck and how to develop plugins for Hipcheck.
+{% waypoint(title="RFDs", path="@/docs/rfds/_index.md", icon="pen-tool") %}
+Design documents proposing important changes to Hipcheck.
+{% end %}
 
-{{ button(link="@/docs/guide/_index.md", text="Check out the Complete Guide") }}
-
-## RFDs
-
-Hipcheck's evolution is managed by Requests for Discussion (RFDs), documents
-which describe in detail any proposals for improvement or modification of
-Hipcheck's behavior. This list shows all completed RFDs; draft or proposed
-RFDs can be found on the [Hipcheck GitHub repository](https://github.com/mitre/hipcheck).
-
-{{ button(link="@/rfds/_index.md", text="Check out the RFDs") }}
+</div>