@networkpro/web 1.13.7 → 1.14.1

package/.vscode/settings.json

@@ -0,0 +1,80 @@
+{
+  // Editor settings
+  "editor.defaultFoldingRangeProvider": "esbenp.prettier-vscode",
+  "editor.defaultFormatter": "esbenp.prettier-vscode",
+  "[markdown]": {
+    "editor.defaultFoldingRangeProvider": "esbenp.prettier-vscode",
+    "editor.defaultFormatter": "esbenp.prettier-vscode"
+  },
+  "[svelte]": {
+    "editor.defaultFormatter": "svelte.svelte-vscode",
+    "editor.tabSize": 2
+  },
+  "[json]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode"
+  },
+  "[jsonc]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode"
+  },
+  // ESLint configuration
+  "eslint.workingDirectories": ["D:\\Netwk-Pro\\git\\netwk-pro.github.io"],
+  "eslint.validate": ["svelte", "javascript", "javascriptreact"],
+  "eslint.lintTask.enable": true,
+  "eslint.lintTask.options": ". --ext .mjs,.js,.svelte --config eslint.config.mjs",
+  "eslint.useESLintClass": true,
+  "eslint.useFlatConfig": true,
+  "eslint.codeActionsOnSave.mode": "problems",
+  "eslint.probe": [
+    "javascript",
+    "javascriptreact",
+    "html",
+    "markdown",
+    "json",
+    "jsonc",
+    "svelte"
+  ],
+  // Stylelint configuration
+  "stylelint.configBasedir": "D:\\Netwk-Pro\\git\\netwk-pro.github.io",
+  "stylelint.configFile": "stylelint.config.js",
+  "stylelint.validate": ["css", "postcss", "html", "svelte"],
+  // Custom CSS data for FontAwesome classes
+  "css.customData": [
+    ".vscode/customData.json" // Path to your custom data file
+  ],
+  "markdown.validate.enabled": false,
+  "markdown.validate.ignoredLinks": [
+    "#bugs",
+    "#features",
+    "#top",
+    "#ownership",
+    "#trademark",
+    "#branding",
+    "#licensed-material",
+    "#licenses",
+    "#dlnotes",
+    "#cc-by",
+    "#gnu-gpl",
+    "#third-party",
+    "#prohibited-uses",
+    "#disclaimer",
+    "#contact",
+    "#revisions",
+    "#pledge",
+    "#standards",
+    "#response",
+    "#enforce",
+    "#attribute",
+    "#version",
+    "#structure",
+    "#getting-started",
+    "#configuration",
+    "#sw-utilities",
+    "#cspreport",
+    "#testing",
+    "#toolchain",
+    "#toolconfig",
+    "#scripts",
+    "#license",
+    "#questions"
+  ]
+}

package/CHANGELOG.md

@@ -20,11 +20,62 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ## [Unreleased]
 
+---
+
+## [1.14.1] - 2025-06-16
+
+### Changed
+
+- Updated Node.js engine to `24` to match the specified engine constraints in `package.json`.
+- Reordered `npm ci` step to follow Node.js and npm setup to prevent version mismatches during simulation steps.
+- Refactored `build-and-publish.yml` to use `git archive` for artifact preparation and aligned it with a tested publishing flow.
+- Removed `.npmrc` token-based authentication in favor of environment secrets to avoid credential conflicts.
+
+### Added
+
+- Introduced `.github/workflows/publish-test.yml`, a standalone workflow to safely simulate `npm publish` without publishing.
+- Added commands to display Node.js and npm versions for visibility and troubleshooting in all relevant jobs.
+
+---
+
+## [1.14.0] - 2025-06-16
+
+### Changed
+
+- Commented out registry and auth lines in `.npmrc`, retaining only `engine-strict=true` to streamline CI token handling and prevent conflicts
+
+### Reverted
+
+- Temporarily reverted `build-and-publish.yml` to prior, working workflow to confirm publish capability before attempting archive-based improvements
+
+---
+
+## [1.13.8] - 2025-06-16
+
+### Added
+
+- Added `cryptomator.png` and `cryptomator.webp` images for use in the FOSS Spotlight route
+- Imported assets via image utility (`src/lib/images.js`) as `cryptomPng` and `cryptomWbp`
+- Introduced `cryptomator` entry to `fossData.js`
+- Added `COMMIT_GUIDE.md` to help standardize commit message formatting across contributions
+
+### Changed
+
+- Updated `build-and-publish.yml` to use an allowlist-based upload approach, explicitly including root-level files and directories (`.github/`, `.vscode/`, `netlify/`, `scripts/`, `src/`, `static/`, and `tests/`)
+- Updated meta `author` field in `app.html` to `Scott Lopez`
+- Version bumped to **v1.13.8**
+- Upgraded dependencies:
+  - `postcss` updated from `^8.5.5` → `^8.5.6`
+  - `posthog-js` updated from `^1.252.1` → `^1.253.4`
+
+---
+
 ## [1.13.7] - 2025-06-15
 
 ### Changed
 
 - Added pre-publish steps in `build-and-publish.yml` to recursively list all files and top-level directory contents for auditing
+- Version bumped to **v1.13.7**
 
 ---
 
@@ -448,7 +499,10 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.13.7...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.14.1...HEAD
+[1.14.1]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.14.1
+[1.14.0]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.14.0
+[1.13.8]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.13.8
 [1.13.7]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.13.7
 [1.13.6]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.13.6
 [1.13.5]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.13.5
@@ -466,4 +520,4 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 [1.12.3]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.12.3
 [1.12.1]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.12.1
 
-<!-- cspell:ignore qrcode -->
+<!-- cspell:ignore qrcode cryptom -->

package/cspell.json

@@ -13,10 +13,13 @@
     "ccby",
     "CCPA",
     "CPRA",
+    "cryptomator",
+    "dont",
     "elif",
     "Embedder",
     "Ente",
     "esbuild",
+    "fdroid",
     "fontawesome",
     "foss",
     "geolocation",
@@ -61,6 +64,7 @@
     "prefs",
     "publickey",
     "reconsent",
+    "shizuku",
     "SIEM",
     "SPDY",
     "squircle",

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.13.7",
+  "version": "1.14.1",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -80,7 +80,7 @@
   },
   "dependencies": {
     "dompurify": "^3.2.6",
-    "posthog-js": "^1.252.1",
+    "posthog-js": "^1.253.4",
     "semver": "^7.7.2",
     "svelte": "5.34.3"
   },
@@ -108,7 +108,7 @@
     "markdownlint-cli2": "^0.18.1",
     "mdsvex": "^0.12.6",
     "playwright": "^1.53.0",
-    "postcss": "^8.5.5",
+    "postcss": "^8.5.6",
     "prettier": "^3.5.3",
     "prettier-plugin-svelte": "^3.4.0",
     "stylelint": "^16.20.0",

package/src/app.html

@@ -15,7 +15,7 @@
     <meta
       name="robots"
       content="index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1" />
-    <meta name="author" content="Network Pro Strategies" />
+    <meta name="author" content="Scott Lopez" />
 
     <!-- Favicon: Keep only ICO for max compatibility -->
     <link

package/src/lib/data/fossData.js

@@ -7,7 +7,7 @@ This file is part of Network Pro.
 ========================================================================== */
 
 // Import FOSS images
-import { acodePng, acodeWbp, eauthPng, eauthWbp, hboardPng, hboardWbp, lsheetPng, lsheetWbp, pmxPng, pmxWbp, squirclePng, squircleWbp, tosPng, tosWbp, urlPng, urlWbp } from "$lib";
+import { acodePng, acodeWbp, cryptomPng, cryptomWbp, eauthPng, eauthWbp, hboardPng, hboardWbp, lsheetPng, lsheetWbp, pmxPng, pmxWbp, squirclePng, squircleWbp, tosPng, tosWbp, urlPng, urlWbp } from "$lib";
 
 // cspell:disable
 /**
@@ -26,6 +26,86 @@ const lsheetLink = "obtainium://app/%7B%22id%22%3A%22fe.linksheet.nightly%22%2C%
 //cspell:enable
 
 export const fossData = [
+  {
+    id: "cryptomator",
+    images: {
+      webp: cryptomWbp,
+      png: cryptomPng,
+    },
+    imgAlt: "Cryptomator",
+    title: "Cryptomator",
+    headline: "Vault Up Your Cloud Privacy",
+    headlineDescription: `
+      <p>
+        Tired of feeling like your cloud files are just floating out there, unprotected? Say hello to <strong>Cryptomator</strong>—your personal vault for keeping sensitive data safe in the cloud, <em>without giving up open-source freedom</em>.
+      </p>
+      <p>
+        🛡️ <strong>Cryptomator</strong> provides transparent client-side encryption for your cloud storage. Whether you're using Nextcloud, Google Drive, OneDrive or another service, Cryptomator keeps your files <strong>encrypted and private</strong>—before they even leave your device.
+      </p>
+    `,
+    features: [
+      {
+        emoji: "📋",
+        label: "Why Cryptomator stands out:",
+        isIntro: true
+      },
+      {
+        emoji: "🔐",
+        label: "Zero-knowledge encryption",
+        description: "not even Cryptomator can access your data",
+      },
+      {
+        emoji: "🆓",
+        label: "Completely free and open-source",
+        description: "GPLv3",
+      },
+      {
+        emoji: "💻",
+        label: "Cross-platform",
+        description: "Windows, macOS, Linux, iOS & Android"
+      },
+      {
+        emoji: "📂",
+        label: "Folder-level encryption",
+        description: "integrated with your file system",
+      },
+      {
+        emoji: "💬",
+        label: "No account needed",
+        description: "no tracking, no ads"
+      }
+    ],
+    detailsDescription: `
+      <p>
+        📈 Why privacy-conscious users are switching:<br />
+        ✅ <strong>User-friendly interface</strong><br />
+        ✅ <strong>End-to-end encryption</strong> without needing to trust any cloud provider<br />
+        ✅ <strong>Community-driven</strong> with regular updates<br />
+        ✅ <strong>Works with any cloud provider</strong><br />
+        ✅ <strong>100% local key management</strong>
+      </p>
+      <p>
+        Your cloud deserves more than blind trust. Cryptomator empowers you to <em>own your data</em> with ease and elegance.
+      </p>
+    `,
+    links: [
+      {
+        label: "Website",
+        href: "https://cryptomator.org",
+      },
+      {
+        label: "GitHub",
+        href: "https://github.com/cryptomator/cryptomator",
+      },
+      {
+        label: "F-Droid",
+        href: "https://f-droid.org/en/packages/org.cryptomator.lite/",
+      }
+    ],
+    notes: [
+      "Cryptomator is available from several sources, including <strong>Google Play, F-Droid, and GitHub/Obtainium</strong>. While we generally recommend using only open-source versions, <strong>you may opt for the Google Play version if Google Drive integration is important to you</strong>. Note that the F-Droid and GitHub versions exclude third-party libraries, which means <strong>they cannot interface with Google Drive</strong>."
+    ],
+  },
   {
     id: "squircle",
     images: {
@@ -591,4 +671,4 @@ export const fossData = [
   },
 ];
 
-// cspell:ignore hboard gboard lsheet eauth tosdr
+// cspell:ignore hboard gboard lsheet eauth tosdr cryptom

package/src/lib/images.js

@@ -6,8 +6,6 @@ SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
 This file is part of Network Pro.
 ========================================================================== */
 
-// cspell:ignore lsheet tosdr
-
 /**
  * Image import utility
  *
@@ -15,7 +13,7 @@ This file is part of Network Pro.
  * @description Provides convenient access to images in the src/lib/img directory
  * @module src/lib
  * @author SunDevil311
- * @updated 2025-06-09
+ * @updated 2025-06-16
  */
 
 // Import favicon images
@@ -39,6 +37,8 @@ import obtainiumWbp from '$lib/img/obtainium.webp';
 // Import images for posts
 import acodePng from '$lib/img/posts/acode.png';
 import acodeWbp from '$lib/img/posts/acode.webp';
+import cryptomPng from "$lib/img/posts/cryptomator.png";
+import cryptomWbp from "$lib/img/posts/cryptomator.webp";
 import eauthPng from '$lib/img/posts/eauth.png';
 import eauthWbp from '$lib/img/posts/eauth.webp';
 import hboardPng from '$lib/img/posts/hboard.png';
@@ -72,6 +72,8 @@ export {
   bySvg,
   ccBadge,
   ccSvg,
+  cryptomPng,
+  cryptomWbp,
   eauthPng,
   eauthWbp,
   faviconSvg,
@@ -99,4 +101,4 @@ export {
   vcfWbp
 };
 
-// cspell:ignore eauth hboard
+// cspell:ignore eauth hboard cryptom tosdr

package/src/routes/...404/+page.svelte

@@ -0,0 +1,26 @@
+<!-- ==========================================================================
+src/routes/...404/+page.svelte
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== -->
+
+<script>
+  /**
+   * @type {string}
+   * Style class for the h1 and p elements.
+   */
+  const centerText = 'center-text';
+
+  /** @type {{ pathname: string } | undefined} */
+  export let url;
+
+  // Use a fallback pathname if `url` is undefined
+  const pathname = url?.pathname ?? '/';
+</script>
+
+<main>
+  <h1 class={centerText}>404 - Page Not Found</h1>
+  <p class={centerText}>The page "{pathname}" does not exist.</p>
+</main>

package/static/.well-known/dnt-policy.txt

@@ -0,0 +1,218 @@
+Do Not Track Compliance Policy 
+
+Version 1.0
+
+This domain complies with user opt-outs from tracking via the "Do Not Track"
+or "DNT" header  [http://www.w3.org/TR/tracking-dnt/].  This file will always
+be posted via HTTPS at https://example-domain.com/.well-known/dnt-policy.txt
+to indicate this fact.
+
+SCOPE
+
+This policy document allows an operator of a Fully Qualified Domain Name
+("domain") to declare that it respects Do Not Track as a meaningful privacy
+opt-out of tracking, so that privacy-protecting software can better determine
+whether to block or anonymize communications with this domain.  This policy is
+intended first and foremost to be posted on domains that publish ads, widgets,
+images, scripts and other third-party embedded hypertext (for instance on
+widgets.example.com), but it can be posted on any domain, including those users
+visit directly (such as www.example.com). The policy may be applied to some
+domains used by a company, site, or service, and not to others.  Do Not Track
+may be sent by any client that uses the HTTP protocol, including websites,
+mobile apps, and smart devices like TVs. Do Not Track also works with all
+protocols able to read HTTP headers, including SPDY.
+
+NOTE: This policy contains both Requirements and Exceptions. Where possible
+terms are defined in the text, but a few additional definitions are included
+at the end.
+
+REQUIREMENTS
+
+When this domain receives Web requests from a user who enables DNT by actively
+choosing an opt-out setting in their browser or by installing software that is
+primarily designed to protect privacy ("DNT User"), we will take the following
+measures with respect to those users' data, subject to the Exceptions, also
+listed below:  
+
+1. END USER IDENTIFIERS:         
+
+  a. If a DNT User has logged in to our service, all user identifiers, such as
+     unique or nearly unique cookies, "supercookies" and fingerprints are 
+     discarded as soon as the HTTP(S) response is issued.                                    
+
+     Data structures which associate user identifiers with accounts may be
+     employed to recognize logged in users per Exception 4 below, but may not
+     be associated with records of the user's activities unless otherwise
+     excepted.
+
+  b. If a DNT User is not logged in to our service, we will take steps to ensure 
+     that no user identifiers are transmitted to us at all.         
+
+2. LOG RETENTION: 
+
+  a. Logs with DNT Users' identifiers removed (but including IP addresses and
+     User Agent strings) may be retained for a period of 10 days or less,
+     unless an Exception (below) applies. This period of time balances privacy
+     concerns with the need to ensure that log processing systems have time to
+     operate; that operations engineers have time to monitor and fix technical
+     and performance problems; and that security and data aggregation systems
+     have time to operate.
+
+  b. These logs will not be used for any other purposes.         
+
+3. OTHER DOMAINS: 
+
+  a. If this domain transfers identifiable user data about DNT Users to
+     contractors, affiliates or other parties, or embeds from or posts data to
+     other domains, we will either:         
+
+  b. ensure that the operators of those domains abide by this policy overall
+     by posting it at /.well-known/dnt-policy.txt via HTTPS on the domains in
+     question,
+
+    OR
+
+     ensure that the recipient's policies and practices require the recipient
+     to respect the policy for our DNT Users' data.
+
+    OR  
+
+     obtain a contractual commitment from the recipient to respect this policy
+     for our DNT Users' data.
+
+    NOTE: if an “Other Domain” does not receive identifiable user information
+    from the domain because such information has been removed, because the
+    Other Domain does not log that information, or for some other reason, these
+    requirements do not apply.
+
+  c. "Identifiable" means any records which are not Anonymized or otherwise
+     covered by the Exceptions below.
+
+4. PERIODIC REASSERTION OF COMPLIANCE: 
+
+  At least once every 12 months, we will take reasonable steps commensurate
+  with the size of our organization and the nature of our service to confirm
+  our ongoing compliance with this document, and we will publicly reassert our
+  compliance.
+
+5. USER NOTIFICATION: 
+
+  a. If we are required by law to retain or disclose user identifiers, we will
+     attempt to provide the users with notice (unless we are prohibited or it
+     would be futile) that a request for their information has been made in
+     order to give the users an opportunity to object to the retention or
+     disclosure.
+
+  b. We will attempt to provide this notice by email, if the users have given
+     us an email address, and by postal mail if the users have provided a
+     postal address.                                   
+
+  c. If the users do not challenge the disclosure request, we may be legally
+     required to turn over their information.
+
+  d. We may delay notice if we, in good faith, believe that an emergency
+     involving danger of death or serious physical injury to any person
+     requires disclosure without delay of information relating to the
+     emergency.
+
+EXCEPTIONS
+
+Data from DNT Users collected by this domain may be logged or retained only in
+the following specific situations:
+
+1. CONSENT / "OPT BACK IN"         
+
+  a. DNT Users are opting out from tracking across the Web.  It is possible
+     that for some feature or functionality, we will need to ask a DNT User to
+     "opt back in" to be tracked by us across the entire Web.                                    
+
+  b. If we do that, we will take reasonable steps to verify that the users who
+     select this option have genuinely intended to opt back in to tracking.
+     One way to do this is by performing scientifically reasonable user
+     studies with a representative sample of our users, but smaller
+     organizations can satisfy this requirement by other means.         
+
+  c. Where we believe that we have opt back in consent, our server will
+     send a tracking value status header "Tk: C" as described in section 6.2
+     of the W3C Tracking Preference Expression draft:
+
+     http://www.w3.org/TR/tracking-dnt/#tracking-status-value
+
+2. TRANSACTIONS         
+
+   If a DNT User actively and knowingly enters a transaction with our
+   services (for instance, clicking on a clearly-labeled advertisement,
+   posting content to a widget, or purchasing an item), we will retain
+   necessary data for as long as required to perform the transaction. This
+   may for example include keeping auditing information for clicks on
+   advertising links; keeping a copy of posted content and the name of the
+   posting user; keeping server-side session IDs to recognize logged in
+   users; or keeping a copy of the physical address to which a purchased
+   item will be shipped.  By their nature, some transactions will require data
+   to be retained indefinitely.
+
+3. TECHNICAL AND SECURITY LOGGING:                   
+
+  a. If, during the processing of the initial request (for unique identifiers)
+     or during the subsequent 10 days (for IP addresses and User Agent strings),
+     we obtain specific information that causes our employees or systems to
+     believe that a request is, or is likely to be, part of a security attack,
+     spam submission, or fraudulent transaction, then logs of those requests 
+     are not subject to this policy.                                   
+
+  b. If we encounter technical problems with our site, then, in rare
+     circumstances, we may retain logs for longer than 10 days, if that is
+     necessary to diagnose and fix those problems, but this practice will not be
+     routinized and we will strive to delete such logs as soon as possible.         
+
+4. AGGREGATION:
+
+  a. We may retain and share anonymized datasets, such as aggregate records of
+     readership patterns; statistical models of user behavior; graphs of system
+     variables; data structures to count active users on monthly or yearly
+     bases; database tables mapping authentication cookies to logged in
+     accounts; non-unique data structures constructed within browsers for tasks
+     such as ad frequency capping or conversion tracking; or logs with truncated
+     and/or encrypted IP addresses and simplified User Agent strings.
+
+  b. "Anonymized" means we have conducted risk mitigation to ensure
+     that the dataset, plus any additional information that is in our
+     possession or likely to be available to us, does not allow the
+     reconstruction of reading habits, online or offline activity of groups of
+     fewer than 5000 individuals or devices. 
+
+  c. If we generate anonymized datasets under this exception we will publicly
+     document our anonymization methods in sufficient detail to allow outside
+     experts to evaluate the effectiveness of those methods.
+
+5. ERRORS: 
+
+From time to time, there may be errors by which user data is temporarily
+logged or retained in violation of this policy.  If such errors are
+inadvertent, rare, and made in good faith, they do not constitute a breach
+of this policy.  We will delete such data as soon as practicable after we
+become aware of any error and take steps to ensure that it is deleted by any
+third-party who may have had access to the data.
+
+ADDITIONAL DEFINITIONS
+
+"Fully Qualified Domain Name" means a domain name that addresses a computer
+connected to the Internet.  For instance, example1.com; www.example1.com;
+ads.example1.com; and widgets.example2.com are all distinct FQDNs.
+
+"Supercookie" means any technology other than an HTTP Cookie which can be used
+by a server to associate identifiers with the clients that visit it.  Examples
+of supercookies include Flash LSO cookies, DOM storage, HTML5 storage, or
+tricks to store information in caches or etags.
+
+"Risk mitigation" means an engineering process that evaluates the possibility
+and likelihood of various adverse outcomes, considers the available methods of
+making those adverse outcomes less likely, and deploys sufficient mitigations
+to bring the probability and harm from adverse outcomes below an acceptable
+threshold.
+
+"Reading habits" includes amongst other things lists of visited DNS names, if
+those domains pertain to specific topics or activities, but records of visited
+DNS names are not reading habits if those domain names serve content of a very
+diverse and general nature, thereby revealing minimal information about the
+opinions, interests or activities of the user.

package/static/.well-known/gpc.json

@@ -0,0 +1,4 @@
+{
+  "gpc": true,
+  "lastUpdate": "2025-06-02"
+}

package/static/.well-known/humans.txt

@@ -0,0 +1,21 @@
+/* TEAM */
+Organization: Network Pro Strategies (Network Pro™)
+URL: https://netwk.pro
+Contact: SunDevil311 (Scott Lopez)
+GitHub: https://github.com/netwk-pro
+Email: support@neteng.pro
+
+/* PGP */
+PGP Fingerprint: 6590 B992 E2E3 EFF1 2738 7BCE 2AF0 93E9 DEC6 1BA0
+PGP Key: https://netwk.pro/pgp/support@neteng.pro.asc
+
+/* SITE */
+Standards: HTML5, CSS3, SvelteKit, Markdown
+Tools: GitHub, Material for MkDocs, Proton Mail
+Hosting: Decentralized / CDN-backed static infrastructure
+
+/* MOTTO */
+"Designed for professionals. Hardened for privacy. Built with intent."
+
+/* LAST UPDATED */
+2025-06-11

package/static/.well-known/security.txt

@@ -0,0 +1,12 @@
+# Addresses under the s.neteng.pro domain are powered by Proton Mail.
+# These accounts support built-in encryption and default end-to-end protection.
+Contact: mailto:security@s.neteng.pro
+Encryption: https://raw.githubusercontent.com/netwk-pro/.github/master/PGP-KEY.asc
+Acknowledgments: https://github.com/netwk-pro/netwk-pro.github.io/security/policy
+Policy: https://github.com/netwk-pro/netwk-pro.github.io/security/policy
+Preferred-Languages: en
+Canonical: https://netwk.pro/.well-known/security.txt
+Signature: https://netwk.pro/.well-known/security.txt.sig
+# This file is authenticated using a detached GPG signature:
+# https://netwk.pro/.well-known/security.txt.sig
+Expires: 2025-12-31T23:59:59Z

package/static/.well-known/security.txt.sig

@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+
+iIwEABYKADQWIQS3/h1ObKs+cUqf325Iy3KQwA0NpQUCaEyxUhYcc2VjdXJpdHlA
+cy5uZXRlbmcucHJvAAoJEEjLcpDADQ2lPAgA/0rNLm+HpBmlYn2ETD0jyX7jDdPB
+YSX2AifNCEV+AW63AQDTyKq0E0sw45eOjqZnLCxByuRWcNwj8wazWR1p+2ptDw==
+=ybGE
+-----END PGP SIGNATURE-----