@camcima/nestjs-rfc9457 0.0.2 → 0.1.0

package/README.md

@@ -7,17 +7,35 @@
 <br>
 
 [![CI](https://github.com/camcima/nestjs-rfc9457/actions/workflows/ci.yml/badge.svg)](https://github.com/camcima/nestjs-rfc9457/actions/workflows/ci.yml)
+[![CodeQL](https://github.com/camcima/nestjs-rfc9457/actions/workflows/codeql.yml/badge.svg)](https://github.com/camcima/nestjs-rfc9457/actions/workflows/codeql.yml)
 [![codecov](https://codecov.io/gh/camcima/nestjs-rfc9457/graph/badge.svg)](https://codecov.io/gh/camcima/nestjs-rfc9457)
 [![npm version](https://img.shields.io/npm/v/@camcima/nestjs-rfc9457)](https://www.npmjs.com/package/@camcima/nestjs-rfc9457)
-[![npm downloads](https://img.shields.io/npm/dm/@camcima/nestjs-rfc9457.svg)](https://www.npmjs.com/package/@camcima/nestjs-rfc9457)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-[![TypeScript](https://img.shields.io/badge/TypeScript-5-blue.svg)](https://www.typescriptlang.org/)
+[![TypeScript](https://img.shields.io/badge/TypeScript-6-blue.svg)](https://www.typescriptlang.org/)
 [![Node.js](https://img.shields.io/badge/Node.js-18%20%7C%2020%20%7C%2022-green.svg)](https://nodejs.org/)
 
 </div>
 
 NestJS library for [RFC 9457](https://www.rfc-editor.org/rfc/rfc9457) Problem Details HTTP error responses.
 
+## Table of Contents
+
+- [What is RFC 9457?](#what-is-rfc-9457)
+- [Features](#features)
+- [Installation](#installation)
+- [Quick Start](#quick-start)
+- [Configuration](#configuration)
+- [Async Configuration](#async-configuration)
+- [Custom Exception Types](#custom-exception-types)
+- [Validation Integration](#validation-integration)
+- [Advanced Usage](#advanced-usage)
+- [API Reference](#api-reference)
+- [Example Responses](#example-responses)
+- [Examples](#examples)
+- [Security](#security)
+- [Contributing](#contributing)
+- [License](#license)
+
 ## What is RFC 9457?
 
 [RFC 9457](https://www.rfc-editor.org/rfc/rfc9457) (July 2023) defines a standard JSON format for HTTP API error responses, using the `application/problem+json` media type. It supersedes RFC 7807 and gives APIs a consistent, machine-readable way to communicate errors.
@@ -719,6 +737,47 @@ Internal error messages are never included in the response to avoid leaking sens
 
 ---
 
+## Examples
+
+See the [nestjs-rfc9457-examples](https://github.com/camcima/nestjs-rfc9457-examples) repository for complete working NestJS applications demonstrating all features, including runnable demo scripts.
+
+---
+
+## Security
+
+### CI
+
+| Tool            | Purpose                                                  | Trigger                   |
+| --------------- | -------------------------------------------------------- | ------------------------- |
+| **CodeQL**      | Static analysis for security vulnerabilities             | Push, PR, weekly schedule |
+| **OSV-Scanner** | Dependency vulnerability scanning (production deps only) | Push, PR                  |
+| **Dependabot**  | Automated dependency and GitHub Actions updates          | Weekly PRs                |
+| **Codecov**     | Test coverage tracking                                   | Push, PR                  |
+
+### Local (via Lefthook)
+
+| Hook         | Tool                                             | Purpose                      |
+| ------------ | ------------------------------------------------ | ---------------------------- |
+| `pre-commit` | ESLint + Prettier                                | Code quality on staged files |
+| `pre-push`   | [Gitleaks](https://github.com/gitleaks/gitleaks) | Secret scanning before push  |
+
+Gitleaks must be [installed locally](https://github.com/gitleaks/gitleaks#installing). The pre-push hook will skip if Gitleaks is not available.
+
+### Manual local checks
+
+```bash
+# Dependency audit (production only)
+npm run audit:deps
+
+# Secret scanning
+npm run audit:secrets
+
+# Full npm audit (all dependencies)
+npm audit
+```
+
+---
+
 ## Contributing
 
 Contributions are welcome. Please open an issue before submitting a pull request for significant changes.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@camcima/nestjs-rfc9457",
-  "version": "0.0.2",
+  "version": "0.1.0",
   "description": "NestJS library for RFC 9457 Problem Details responses",
   "author": "Carlos Cima",
   "license": "MIT",
@@ -22,7 +22,9 @@
     "test:e2e": "jest --testPathPattern=test/e2e",
     "test:cov": "jest --coverage",
     "prepublishOnly": "npm run build",
-    "release": "release-it"
+    "release": "release-it",
+    "audit:deps": "npm audit --omit=dev",
+    "audit:secrets": "gitleaks git --no-banner --redact -v"
   },
   "peerDependencies": {
     "@nestjs/common": "^10.0.0 || ^11.0.0",
@@ -36,15 +38,16 @@
     }
   },
   "devDependencies": {
-    "@commitlint/cli": "^19.0.0",
-    "@commitlint/config-conventional": "^19.0.0",
-    "@nestjs/common": "^10.0.0",
-    "@nestjs/core": "^10.0.0",
-    "@nestjs/platform-express": "^10.0.0",
-    "@nestjs/platform-fastify": "^10.0.0",
-    "@nestjs/testing": "^10.0.0",
-    "@types/jest": "^29.0.0",
-    "@types/supertest": "^6.0.0",
+    "@commitlint/cli": "^20.5.0",
+    "@commitlint/config-conventional": "^20.5.0",
+    "@nestjs/common": "^11.1.18",
+    "@nestjs/core": "^11.1.18",
+    "@nestjs/platform-express": "^11.1.18",
+    "@nestjs/platform-fastify": "^11.1.18",
+    "@nestjs/testing": "^11.1.18",
+    "@types/jest": "^30.0.0",
+    "@types/node": "^22.19.17",
+    "@types/supertest": "^7.2.0",
     "@typescript-eslint/eslint-plugin": "^7.0.0",
     "@typescript-eslint/parser": "^7.0.0",
     "class-transformer": "^0.5.0",
@@ -53,7 +56,7 @@
     "eslint-config-prettier": "^9.0.0",
     "eslint-plugin-prettier": "^5.0.0",
     "fastify": "^4.0.0",
-    "jest": "^29.0.0",
+    "jest": "^30.3.0",
     "lefthook": "^1.0.0",
     "prettier": "^3.0.0",
     "reflect-metadata": "^0.2.0",
@@ -62,7 +65,7 @@
     "supertest": "^7.0.0",
     "ts-jest": "^29.0.0",
     "ts-node": "^10.9.2",
-    "typescript": "^5.0.0"
+    "typescript": "^6.0.2"
   },
   "repository": {
     "type": "git",