@bugspotter/sdk 0.3.1 → 1.0.0

package/.husky/pre-commit

@@ -0,0 +1 @@
+pnpm exec lint-staged

package/CHANGELOG.md

@@ -5,6 +5,21 @@ All notable changes to the BugSpotter SDK will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.0] - 2026-01-17
+
+### Changed
+
+- **Stable Release**: First production-ready 1.0.0 release
+- Improved code quality and readability across core modules
+- Enhanced test infrastructure with better Node.js and browser compatibility
+- Optimized transport layer and URL validation logic
+
+### Fixed
+
+- E2E test compatibility issues in Playwright test suite
+- Integration test Node.js Buffer API compatibility
+- ESLint configuration for test environment globals
+
 ## [0.3.1] - 2026-01-13
 
 ### Added

package/CONTRIBUTING.md

@@ -0,0 +1,200 @@
+# Contributing to BugSpotter SDK
+
+Thank you for considering contributing to the BugSpotter SDK! This document outlines the process for contributing to this project.
+
+## Development Setup
+
+### Prerequisites
+- Node.js 18+ (recommended: 18.x or 20.x)
+- pnpm 8+
+- Git
+
+### Getting Started
+
+1. **Fork and Clone**
+   ```bash
+   git clone https://github.com/your-username/bugspotter-sdk.git
+   cd bugspotter-sdk
+   ```
+
+2. **Install Dependencies**
+   ```bash
+   pnpm install
+   ```
+
+3. **Build the Project**
+   ```bash
+   pnpm build
+   ```
+
+4. **Run Tests**
+   ```bash
+   # Unit tests
+   pnpm test
+   
+   # E2E tests (requires browsers)
+   pnpm test:e2e
+   
+   # Watch mode for development
+   pnpm test:watch
+   ```
+
+## Project Structure
+
+```
+bugspotter-sdk/
+├── packages/core/          # Main SDK package
+│   ├── src/               # Source code
+│   ├── tests/             # Unit tests
+│   ├── docs/              # SDK documentation
+│   └── scripts/           # Build scripts
+├── examples/              # Integration examples
+│   ├── react/             # React example
+│   └── vanilla/           # Vanilla JS example
+└── .github/               # GitHub workflows and templates
+```
+
+## Development Workflow
+
+1. **Create a Branch**
+   ```bash
+   git checkout -b feature/your-feature-name
+   ```
+
+2. **Make Changes**
+   - Write code in `packages/core/src/`
+   - Add tests in `packages/core/tests/`
+   - Update documentation as needed
+
+3. **Test Your Changes**
+   ```bash
+   pnpm test           # Unit tests
+   pnpm test:e2e       # E2E tests
+   pnpm lint           # Code linting
+   pnpm format:check   # Code formatting
+   ```
+
+4. **Commit Changes**
+   ```bash
+   git add .
+   git commit -m "feat: add your feature"
+   ```
+
+5. **Push and Create PR**
+   ```bash
+   git push origin feature/your-feature-name
+   ```
+
+## Code Style and Standards
+
+### TypeScript Guidelines
+- Use strict TypeScript settings
+- Provide proper type annotations
+- Avoid `any` types when possible
+- Use interfaces for object shapes
+
+### Code Formatting
+- Use Prettier for formatting (automatic via `pnpm format`)
+- Use ESLint for code quality (check via `pnpm lint`)
+- Follow existing naming conventions
+
+### Testing
+- Write unit tests for all new functionality
+- Maintain test coverage above 80%
+- Add E2E tests for user-facing features
+- Use descriptive test names and organize tests logically
+
+### Commit Messages
+Follow [Conventional Commits](https://conventionalcommits.org/):
+
+- `feat: add new feature`
+- `fix: bug fix`
+- `docs: update documentation`
+- `style: code formatting`
+- `refactor: code refactoring`
+- `test: add or update tests`
+- `chore: maintenance tasks`
+
+## Adding New Features
+
+### Core SDK Features
+1. Create feature in `packages/core/src/`
+2. Add comprehensive tests
+3. Update TypeScript types
+4. Add documentation
+5. Consider browser compatibility (ES2017+)
+
+### Examples
+1. Create new example in `examples/your-framework/`
+2. Include `package.json` with dependencies
+3. Add build configuration (Vite recommended)
+4. Include README with setup instructions
+
+## Testing
+
+### Unit Tests
+- Located in `packages/core/tests/`
+- Use Vitest testing framework
+- Mock external dependencies
+- Test edge cases and error conditions
+
+### E2E Tests
+- Use Playwright for browser testing
+- Test real browser interactions
+- Verify SDK integration works end-to-end
+
+### Test Commands
+```bash
+pnpm test                    # Run unit tests
+pnpm test:watch             # Watch mode
+pnpm test:coverage          # Coverage report
+pnpm test:e2e               # E2E tests
+pnpm test:e2e --headed      # E2E with browser UI
+```
+
+## Building and Publishing
+
+### Local Development
+```bash
+pnpm dev     # Watch mode for development
+pnpm build   # Production build
+```
+
+### Release Process
+1. Update version in `packages/core/package.json`
+2. Update `CHANGELOG.md` with changes
+3. Create git tag: `git tag v0.3.1`
+4. Push tag: `git push origin v0.3.1`
+5. GitHub Actions will automatically publish to npm
+
+## Pull Request Process
+
+1. Fill out the PR template completely
+2. Ensure all CI checks pass:
+   - ✅ Tests pass
+   - ✅ Linting passes
+   - ✅ Build succeeds
+   - ✅ Type checking passes
+3. Request review from maintainers
+4. Address feedback and update PR
+5. Maintainer will merge after approval
+
+## Code Review Criteria
+
+- **Functionality**: Does the code work as intended?
+- **Tests**: Are there adequate tests with good coverage?
+- **Performance**: Does the change impact bundle size or performance?
+- **Compatibility**: Works across supported browsers and Node versions?
+- **Documentation**: Is the change properly documented?
+- **Security**: No security vulnerabilities introduced?
+
+## Getting Help
+
+- **Questions**: Open a [Discussion](https://github.com/apexbridge-tech/bugspotter-sdk/discussions)
+- **Bugs**: Open an [Issue](https://github.com/apexbridge-tech/bugspotter-sdk/issues) with the bug template
+- **Features**: Open an [Issue](https://github.com/apexbridge-tech/bugspotter-sdk/issues) with the feature template
+- **Security**: Email security@apexbridge.tech
+
+## License
+
+By contributing to BugSpotter SDK, you agree that your contributions will be licensed under the MIT License.

package/README.md

@@ -23,7 +23,7 @@ pnpm add @bugspotter/sdk
 
 ```html
 <!-- BugSpotter CDN (versioned - recommended for production) -->
-<script src="https://cdn.bugspotter.io/sdk/bugspotter-0.1.0.min.js"></script>
+<script src="https://cdn.bugspotter.io/sdk/bugspotter-1.0.0.min.js"></script>
 
 <!-- Latest version (for development only) -->
 <script src="https://cdn.bugspotter.io/sdk/bugspotter-latest.min.js"></script>
@@ -89,15 +89,17 @@ const bugSpotter = await BugSpotter.init({
 <script src="https://cdn.bugspotter.io/sdk/bugspotter-latest.min.js"></script>
 <script>
   // Initialize with auto-widget
-  const bugSpotter = BugSpotter.init({
-    endpoint: 'https://api.bugspotter.com/api/v1/reports',
-    auth: {
-      type: 'api-key',
-      apiKey: 'bgs_your_api_key',
-      projectId: 'your-project-uuid',
-    },
-    showWidget: true,
-  });
+  (async () => {
+    const bugSpotter = await BugSpotter.init({
+      endpoint: 'https://api.bugspotter.com/api/v1/reports',
+      auth: {
+        type: 'api-key',
+        apiKey: 'bgs_your_api_key',
+        projectId: 'your-project-uuid',
+      },
+      showWidget: true,
+    });
+  })();
 </script>
 ```
 
@@ -109,7 +111,7 @@ The SDK automatically uses an **optimized presigned URL upload flow** (40% fewer
 import BugSpotter from '@bugspotter/sdk';
 
 // 1. Initialize SDK with required auth
-const bugSpotter = BugSpotter.init({
+const bugSpotter = await BugSpotter.init({
   endpoint: 'https://api.bugspotter.com/api/v1/reports',
   auth: {
     type: 'api-key',
@@ -139,7 +141,7 @@ const bugSpotter = BugSpotter.init({
 
 ```javascript
 // Initialize without widget
-const bugSpotter = BugSpotter.init({
+const bugSpotter = await BugSpotter.init({
   endpoint: 'https://api.bugspotter.com/api/v1/reports',
   auth: {
     type: 'api-key',
@@ -174,7 +176,7 @@ await bugSpotter.submit({
 
 ```javascript
 // Widget appears automatically with showWidget: true
-const bugSpotter = BugSpotter.init({
+const bugSpotter = await BugSpotter.init({
   endpoint: 'https://api.bugspotter.com/api/v1/reports',
   auth: {
     type: 'api-key',
@@ -257,7 +259,7 @@ Automatic detection and masking of sensitive data before submission.
 **Built-in patterns:** Email, phone, credit card, SSN, Kazakhstan IIN, IP address
 
 ```javascript
-BugSpotter.init({
+await BugSpotter.init({
   sanitize: {
     enabled: true, // Default
     patterns: ['email', 'phone', 'creditcard'],
@@ -269,7 +271,7 @@ BugSpotter.init({
 
 **Performance:** <10ms overhead, supports Cyrillic text
 
-## �📋 API Reference
+## 📋 API Reference
 
 ### BugSpotter Class
 
@@ -680,7 +682,7 @@ pnpm test --coverage   # Coverage report
 
 **345 tests** passing (unit + E2E + Playwright)
 
-## �️ Building
+## 🛠️ Building
 
 ```bash
 pnpm run dev    # Development with watch

package/SECURITY.md

@@ -0,0 +1,65 @@
+# Security Policy
+
+## Supported Versions
+
+We provide security updates for the following versions of BugSpotter SDK:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 1.0.x   | :white_check_mark: |
+| < 1.0   | :x:                |
+
+## Reporting a Vulnerability
+
+We take security seriously. If you discover a security vulnerability in the BugSpotter SDK, please report it to us privately.
+
+### How to Report
+
+1. **Do not** open a public GitHub issue for security vulnerabilities
+2. Send an email to security@apexbridge.tech with:
+   - A description of the vulnerability
+   - Steps to reproduce the issue
+   - Potential impact assessment
+   - Any suggested fixes (optional)
+
+### Response Timeline
+
+- **Acknowledgment**: We'll acknowledge your report within 48 hours
+- **Assessment**: We'll provide an initial assessment within 1 week
+- **Fix Timeline**: Critical vulnerabilities will be patched within 2 weeks
+- **Disclosure**: We'll coordinate responsible disclosure with you
+
+### Security Best Practices
+
+When using the BugSpotter SDK:
+
+1. **API Key Security**:
+   - Never expose API keys in client-side code
+   - Use environment variables for configuration
+   - Rotate API keys regularly
+
+2. **Data Privacy**:
+   - Configure PII detection appropriately
+   - Review captured data for sensitive information
+   - Implement proper data retention policies
+
+3. **Content Security Policy**:
+   - Include appropriate CSP headers
+   - Whitelist necessary domains for the SDK
+
+4. **Dependencies**:
+   - Keep the SDK updated to the latest version
+   - Monitor security advisories for dependencies
+
+## Security Features
+
+The BugSpotter SDK includes several security features:
+
+- **PII Detection**: Automatic detection and sanitization of personally identifiable information
+- **Content Sanitization**: XSS protection in captured content
+- **Secure Uploads**: Encrypted transmission of screenshots and session data
+- **Input Validation**: Strict validation of all user inputs
+
+## Bug Bounty
+
+We currently do not have a formal bug bounty program, but we appreciate responsible disclosure and will acknowledge security researchers who help improve our security.