@networkpro/web 1.12.5 → 1.12.7

package/CHANGELOG.md

@@ -22,6 +22,69 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.12.7] - 2025-06-10
+
+### Changed
+
+- Permissions in `playwright.yml` reduced to `contents: read` to align with least-privilege practices.
+- Renamed "Upload Playwright Report" step for clarity and naming consistency.
+- Patch version bumped to **v1.12.7** to reflect post-tag changes.
+
+### Security
+
+- Explicit `GITHUB_TOKEN` permissions added to `.github/workflows/build-and-publish.yml` to satisfy GitHub policy while preserving least-privilege.
+- Reviewed and reduced permissions in `playwright.yml` to `contents: read` as no elevated scopes are currently required.
+- Confirmed `auto-assign.yml` uses appropriate scopes for issue/PR auto-assignment (`issues: write`, `pull-requests: write`, `contents: read`).
+- Validated that `dependency-review.yml` and `backup-branch.yml` are properly scoped; no changes required.
+
+---
+
+## [1.12.6] - 2025-06-09
+
+### Added
+
+- Enabled non-blocking Lighthouse CI budget assertions to track performance/resource regressions without blocking the build.
+- Added GitHub Actions step to annotate PRs with budget-related audit failures and post a markdown summary comment.
+- Introduced a dedicated `Authenticate GitHub CLI` step in the Lighthouse workflow to ensure proper auth for comment posting.
+- Added `/legal`, `/legal/`, and `/legal/*` redirects to Netlify `_redirects` file, pointing to `/license`.
+- Added `/privacy-policy/` and `/privacy-policy/*` redirects to match existing `/privacy-policy` route.
+- Created `scripts/openReport.js`, a cross-platform Node.js utility for opening HTML coverage reports for client and server test runs. Executed via `coverage:client` and `coverage:server` scripts in `package.json`.
+- Added `coverage:client`, `coverage:server`, and `coverage:open` scripts to `package.json` to simplify access to generated test coverage reports from the CLI.
+
+### Changed
+
+- Bumped patch version to `v1.12.6`.
+- Updated Lighthouse CI workflow to upload the entire `.lighthouseci/` directory as a single artifact instead of renaming individual files.
+- Updated ESLint config (`eslint.config.mjs`) to ignore `**/playwright-report/**` and `**/test-results/**`.
+- Updated `lint:md` script in `package.json` to exclude `playwright-report/` and `test-results/` from markdownlint.
+- Added `playwright-report/` and `test-results/` to `.stylelintignore` to suppress stylelint noise on generated reports.
+- Upgraded `@lhci/cli` from `v0.14.0` to `v0.15.0`.
+- Upgraded `@vitest/coverage-v8` from `v3.2.2` to `v3.2.3`.
+- Upgraded `posthog-js` from `v1.249.4` to `v1.249.5`.
+- Upgraded `vitest` from `v3.2.2` to `v3.2.3`.
+
+### Fixed
+
+- Updated Lighthouse CI annotation step to explicitly select only valid Lighthouse report files (e.g., `*.report.json`, `lhr-*.json`) and ignore `assertion-results.json`, which caused `jq` parsing errors during CI runs.
+- Scoped Lighthouse assertions in `.lighthouserc.cjs` to `resource-summary` only, preventing unwanted failures from default performance audits.
+- Resolved malformed PR comment formatting in the Lighthouse GitHub Actions workflow by replacing Markdown tables with plain-text bullet lists.
+
+### Docs
+
+- Updated `README.md` with improved context and phrasing around the CHANGELOG reference.
+- Added `CHANGELOG.md` to the documented project structure with a descriptive label:
+
+  ```markdown
+  ├── CHANGELOG.md # Chronological record of notable project changes
+  ```
+
+### Misc
+
+- Confirmed that `Authenticate GitHub CLI` is not needed in `build-and-publish.yml`, as only the `check-codeql` job uses the GitHub CLI and is already authenticated.
+- Verified that `scripts/openReport.js` does not require unit testing, as it performs side-effect-only CLI actions. Linting and manual testing are sufficient.
+
+---
+
 ## [1.12.5] - 2025-06-08
 
 ### Added
@@ -135,7 +198,9 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.12.5...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.12.7...HEAD
+[1.12.7]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.12.7
+[1.12.6]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.12.6
 [1.12.5]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.12.5
 [1.12.4]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.12.4
 [1.12.3]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.12.3

package/README.md

@@ -51,10 +51,14 @@ All infrastructure and data flows are designed with **maximum transparency, self
 
 ## 📝 Changelog
 
-For a history of changes to the Network Pro Web Presence, see the [CHANGELOG](https://github.com/netwk-pro/netwk-pro.github.io/blob/master/CHANGELOG.md).
+For a history of changes to the Network Pro™ Web Presence, see the **[CHANGELOG](https://github.com/netwk-pro/netwk-pro.github.io/blob/master/CHANGELOG.md)**. All notable updates are documented there.
+
+This project follows the principles of [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), though formatting and versioning may occasionally vary.
 
 </section>
 
+---
+
 <section id="structure">
 
 ## 📁 Repository Structure
@@ -93,6 +97,7 @@ For a history of changes to the Network Pro Web Presence, see the [CHANGELOG](ht
   │   │   └── auditCoverage.test.js # Warns about untested source modules
   │   └── unit/                     # Vitest unit tests
   ├── _redirects                    # Netlify redirect rules
+  ├── CHANGELOG.md                  # Chronological record of notable project changes
   ├── netlify.toml                  # Netlify configuration
   ├── package.json                  # Project manifest (scripts, deps, etc.)
   └── ...

package/_redirects

@@ -1,5 +1,15 @@
-https://www.netwk.pro/*  https://netwk.pro/:splat  301
-/privacy-policy          /privacy                  301
+# Redirect all www.netwk.pro traffic to bare domain
+https://www.netwk.pro/*     https://netwk.pro/:splat         301
 
-# New redirect for Netlify function proxy
-/api/*                   /.netlify/functions/:splat  200
+# Redirect /privacy-policy (and variants) to /privacy
+/privacy-policy             /privacy                         301
+/privacy-policy/            /privacy                         301
+/privacy-policy/*           /privacy/:splat                  301
+
+# Redirect /legal (and variants) to /license
+/legal                      /license                         301
+/legal/                     /license                         301
+/legal/*                    /license/:splat                  301
+
+# Redirect for Netlify function proxy
+/api/*                      /.netlify/functions/:splat       200

package/eslint.config.mjs

@@ -41,7 +41,9 @@ export default [
       "**/build/**", // Distribution files
       "package.json", // NPM package manifest
       "package-lock.json", // NPM lockfile
+      "**/playwright-report/**", // Playwright report files
       "node_modules/", // Node.js dependencies
+      "**/test-results/**", // Test results
       ".vite/", // Vite-specific cache directory
       "*.lock", // Lock files
       ".env*", // Environment files

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.12.5",
+  "version": "1.12.7",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -60,11 +60,14 @@
     "test:watch": "vitest --config vitest.config.client.js --watch",
     "test:coverage": "npm run test:client -- --run --coverage && npm run test:server -- --run --coverage",
     "test:e2e": "npx playwright test --retries=1",
+    "coverage:client": "node scripts/openReport.js client",
+    "coverage:server": "node scripts/openReport.js server",
+    "coverage:open": "npm run coverage:client && npm run coverage:server",
     "lint": "eslint . --ext .mjs,.js,.svelte",
     "lint:fix": "eslint . --ext .mjs,.js,.svelte --fix",
     "lint:jsdoc": "eslint . --ext .js,.mjs,.svelte --max-warnings=0",
     "lint:css": "stylelint \"**/*.{css,svelte}\" --ignore-path .stylelintignore",
-    "lint:md": "npx markdownlint-cli2 \"**/*.{md,markdown}\" \"#node_modules/**\" \"#build/**\" \"#.netlify/**\"",
+    "lint:md": "npx markdownlint-cli2 \"**/*.{md,markdown}\" \"#node_modules/**\" \"#build/**\" \"#.netlify/**\" \"#playwright-report/**\" \"#test-results/**\"",
     "lint:all": "npm run lint && npm run lint:md && npm run lint:css && npm run format",
     "format": "prettier --check .",
     "format:fix": "prettier --write .",
@@ -77,21 +80,21 @@
   },
   "dependencies": {
     "dompurify": "^3.2.6",
-    "posthog-js": "^1.249.4",
+    "posthog-js": "^1.249.5",
     "semver": "^7.7.2",
     "svelte": "5.33.18"
   },
   "devDependencies": {
     "@eslint/compat": "^1.2.9",
     "@eslint/js": "^9.28.0",
-    "@lhci/cli": "^0.14.0",
+    "@lhci/cli": "^0.15.0",
     "@playwright/test": "^1.52.0",
     "@sveltejs/adapter-netlify": "^5.0.2",
     "@sveltejs/kit": "2.21.3",
     "@sveltejs/vite-plugin-svelte": "5.1.0",
     "@testing-library/jest-dom": "^6.6.3",
     "@testing-library/svelte": "^5.2.8",
-    "@vitest/coverage-v8": "^3.2.2",
+    "@vitest/coverage-v8": "^3.2.3",
     "autoprefixer": "^10.4.21",
     "browserslist": "^4.25.0",
     "eslint": "^9.28.0",
@@ -119,7 +122,7 @@
     "vite": "^6.3.5",
     "vite-plugin-lightningcss": "^0.0.5",
     "vite-tsconfig-paths": "^5.1.4",
-    "vitest": "^3.2.2"
+    "vitest": "^3.2.3"
   },
   "overrides": {
     "@sveltejs/kit": {

package/scripts/openReport.js

@@ -0,0 +1,65 @@
+/* ==========================================================================
+scripts/openReport.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * @file openReport.js
+ * @description Opens the HTML code coverage report for a specified target (client or server).
+ * Handles platform-specific commands to launch the report in the default browser.
+ *
+ * @module scripts/
+ * @author SunDevil311
+ * @updated 2025-06-09
+ */
+
+import { exec } from "child_process";
+import { dirname, join } from "path";
+import { fileURLToPath } from "url";
+
+// ESM replacement for __dirname
+const __dirname = dirname(fileURLToPath(import.meta.url));
+
+// Read the CLI argument: "client" or "server"
+const target = process.argv[2];
+
+if (!target) {
+  console.error("❌ Please specify 'client' or 'server'");
+  process.exit(1);
+}
+
+// Resolve the full path to the HTML report
+const filePath = join(__dirname, `../reports/${target}/coverage/index.html`);
+
+/**
+ * Platform-specific shell commands to open the report in the default browser.
+ * - Windows: uses `start`
+ * - macOS: uses `open`
+ * - Linux: uses `xdg-open`
+ */
+const open = {
+  win32: `start "" "${filePath}"`,
+  darwin: `open "${filePath}"`,
+  linux: `xdg-open "${filePath}"`,
+};
+
+const platform = process.platform;
+const command = open[platform];
+
+if (!command) {
+  console.error(`❌ Unsupported platform: ${platform}`);
+  process.exit(1);
+}
+
+// Execute the shell command to open the report
+exec(command, (err) => {
+  if (err) {
+    console.error(`❌ Failed to open coverage report: ${err.message}`);
+    process.exit(1);
+  } else {
+    console.log(`✅ Opened coverage report for "${target}"`);
+  }
+});