@networkpro/web 1.15.4 → 1.17.0

package/.github/workflows/build-and-publish.yml

@@ -49,7 +49,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -61,25 +61,32 @@ jobs:
         id: jsdoc_lint
         continue-on-error: true
         run: |
-          set -e
           output=$(npm run lint:jsdoc || true)
           echo "$output" | tee jsdoc-lint-output.txt
 
-          count=$(echo "$output" | wc -l)
+          count=$(echo "$output" | grep -cve '^\s*$')
           echo "jsdoc_count=$count" >> "$GITHUB_OUTPUT"
 
-      - name: ✅ Pass
-        if: steps.jsdoc_lint.outputs.jsdoc_count == '0'
-        run: echo "JSDoc lint passed successfully!"
+      - name: PASS
+        if: ${{ steps.jsdoc_lint.outputs.jsdoc_count == 0 }}
+        run: echo "✅ JSDoc lint passed successfully!"
 
-      - name: ⚠️ JSDoc violations detected (non-blocking)
-        if: steps.jsdoc_lint.outputs.jsdoc_count != '0'
+      - name: JSDoc violations detected (non-blocking)
+        if: ${{ steps.jsdoc_lint.outputs.jsdoc_count != 0 }}
         run: |
           echo "⚠️ JSDoc lint check failed with ${{ steps.jsdoc_lint.outputs.jsdoc_count }} violations (non-blocking)"
           echo "--- JSDoc Violations ---"
           cat jsdoc-lint-output.txt
 
-      # Test to ensure the package is working
+      - name: Upload JSDoc results
+        if: ${{ steps.jsdoc_lint.outputs.jsdoc_count != 0 }}
+        uses: actions/upload-artifact@v4
+        with:
+          name: jsdoc-lint-results
+          path: jsdoc-lint-output.txt
+          if-no-files-found: error
+
+      # Build to ensure the package is functional
       - name: Build Node.js project
         run: npm run build
 
@@ -128,7 +135,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -189,7 +196,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -201,7 +208,7 @@ jobs:
 
       - name: Update package name for GPR
         run: |
-          sed -i 's/"name": ".*"/"name": "@netwk-pro\/web"/' package.json
+          sed -i 's/"name": "[^"]*"/"name": "@netwk-pro\/web"/' package.json
 
       - name: Verify version not already published
         run: |

package/.github/workflows/lighthouse.yml

@@ -51,7 +51,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Clean previous Lighthouse reports
         run: |

package/.github/workflows/meta-check.yml

@@ -0,0 +1,34 @@
+# .github/workflows/meta-check.yml
+#
+# Copyright © 2025 Network Pro Strategies (Network Pro™)
+# SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+# This file is part of Network Pro
+
+name: Metadata Check
+
+on:
+  push:
+    branches: [master]
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  meta:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v5
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v5
+        with:
+          node-version: 24
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run meta tests
+        run: npx vitest run tests/meta/meta.test.js --reporter=verbose

package/.github/workflows/playwright.yml

@@ -12,9 +12,9 @@ on:
     branches: [master]
   workflow_dispatch:
 
-# ✅ Least-privilege access
+# Required for actions/checkout
 permissions:
-  contents: read # Required for actions/checkout
+  contents: read
 
 jobs:
   test:
@@ -41,7 +41,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci

package/.github/workflows/publish-test.yml

@@ -47,7 +47,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -126,7 +126,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -187,7 +187,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci

package/.github/workflows/templates/publish.template.yml

@@ -57,7 +57,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -136,7 +136,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -197,7 +197,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.4.2
+          npm install -g npm@11.6.0
 
       - name: Install Node.js dependencies
         run: npm ci

package/.node-version

@@ -1 +1 @@
-24.4.1
+24.8.0

package/.nvmrc

@@ -1 +1 @@
-24.4.1
+24.8.0

package/.svelte-kit/tsconfig.json

@@ -6,6 +6,9 @@
 			],
 			"$lib/*": [
 				"../src/lib/*"
+			],
+			"$app/types": [
+				"./types/index.d.ts"
 			]
 		},
 		"rootDirs": [

package/CHANGELOG.md

@@ -22,6 +22,123 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.17.0] - 2025-09-16
+
+### Security
+
+- Updated dependencies to address known vulnerabilities (notably `@sveltejs/kit`, `vite`, and related plugins).
+
+### Documentation
+
+- Clarified CSP reporting setup in `README.md`:
+  - Explained relationship with external CSP reporting endpoint (`csp-endpoint` repo).
+  - Documented use of both `report-uri` (legacy) and `report-to` (modern, recommended).
+  - Added example headers including `Report-To` definition.
+
+### Added
+
+- New `meta-check.yml` GitHub Actions workflow to validate `<title>` and `<meta>` descriptions using Vitest.
+  - Runs separately from Playwright to avoid hydration timing issues.
+  - Ensures SEO metadata is tested in CI without blocking other jobs.
+- New `meta.test.js` file in `tests/unit/meta` for testing in CI.
+- New `meta.test.js` file in `tests/unit/server` for local testing.
+
+### Changed
+
+- Cleaned up Playwright E2E tests:
+  - Removed brittle `toHaveTitle` assertions causing CI failures.
+  - Standardized footer checks to use helper function.
+  - Improved test readability and consistency in `app.spec.js` and `mobile.spec.js`.
+- Updated generator metadata in `app.html` to reflect `SvelteKit 2.42.1`.
+- Updated Node.js version in `.node-version` and `.nvmrc` to `24.8.0`.
+- Updated CSP endpoint section and footer in `README.md`.
+- Updated JSDoc linting step and `sed` syntax in `build-and-publish.yml` workflow.
+- Updated `npm` version to `11.6.0` in GitHub Actions workflow files:
+  - `build-and-publish.yml`
+  - `lighthouse.yml`
+  - `playwright.yml`
+  - `publish-test.yml`
+  - `templates/publish.template.yml`
+- Upgraded dependencies:
+  - `@eslint/compat` `^1.3.1` → `^1.3.2`
+  - `@eslint/js` `^9.32.0` → `^9.35.0`
+  - `@playwright/test` `^1.54.1` → `^1.55.0`
+  - `@sveltejs/adapter-netlify` `^5.1.0` → `^5.2.3`
+  - `@sveltejs/kit` `2.27.0` → `2.42.1`
+  - `@sveltejs/vite-plugin-svelte` `^6.1.0` → `^6.2.0`
+  - `@testing-library/jest-dom` `^6.6.4` → `^6.8.0`
+  - `browserslist` `^4.25.1` → `^4.26.2`
+  - `dompurify` `^3.2.6` → `^3.2.7`
+  - `eslint` `^9.32.0` → `^9.35.0`
+  - `eslint-plugin-jsdoc` `^52.0.2` → `^58.1.1`
+  - `eslint-plugin-svelte` `^3.11.0` → `^3.12.3`
+  - `globals` `^16.3.0` → `^16.4.0`
+  - `playwright` `^1.54.1` → `^1.55.0`
+  - `posthog-js` `^1.258.4` → `^1.266.0`
+  - `stylelint` `^16.23.0` → `^16.24.0`
+  - `svelte` `5.37.2` → `5.39.1`
+  - `svelte-check` `^4.3.0` → `^4.3.1`
+  - `svelte-eslint-parser` `^1.3.0` → `^1.3.2`
+  - `vite` `^7.0.6` → `^7.1.5`
+
+### Removed
+
+- Deleted `src/routes/example.svx`, which was unused and unneeded.
+- Removed `mdsvex` from package.json, as it is unlikely to be used.
+
+### Notes
+
+- Pinned `jsdom` to `26.1.0` due to build incompatibility in `27.x` (`cssstyle` parsing error with Vite/Rollup).
+
+---
+
+## [1.16.0] - 2025-07-31
+
+### Added
+
+- Added `CODE_OF_CONDUCT.md` and `CONTRIBUTING.md` to project root to provide instructions for contributing.
+
+### Changed
+
+- Bumped version to `v1.16.0`.
+- Updated generator metadata in `app.html` to reflect `SvelteKit 2.27.0`.
+- Added `vercel.json` to `.gitignore`.
+- Added additional rule overrides to `stylelint.config.js` to suppress unnecessarily strict linting errors
+  - The errors were corrected and the rule overrides are currently commented out
+- Updated `npm` to `11.5.2` in the following files in `.github/workflows`
+  - `build-and-publish.yml`
+  - `lighthouse.yml`
+  - `playwright.yml`
+  - `publish-test.ml`
+  - `templates/publish.template.yml`
+- Upgraded dependencies:
+  - `@eslint/js` `^9.31.0` → `^9.32.0`
+  - `@sveltejs/kit` `2.25.1` → `2.27.0`
+  - `@testing-library/jest-dom` `^6.6.3` → `^6.6.4`
+  - `eslint` `^9.31.0` → `^9.32.0`
+  - `eslint-plugin-jsdoc` `^51.4.1` → `^52.0.2`
+  - `posthog-js` `^1.257.0` → `^1.258.4`
+  - `stylelint` `^16.22.0` → `^16.23.0`
+  - `stylelint-config-recommended` `^16.0.0` → `^17.0.0`
+  - `svelte` `5.36.12` → `5.37.2`
+  - `typescript` `^5.8.3` → `^5.9.2`
+  - `vite` `^7.0.5` → `^7.0.6`
+
+### Fixed
+
+- Corrected deprecated CSS usage throughout the project in the following files:
+  - `src/lib/components/Badges.svelte`
+  - `src/lib/components/Logo.svelte`
+  - `src/lib/components/layout/Footer.svelte`
+  - `src/lib/pages/LicenseContent.svelte`
+  - `src/lib/styles/css/default.css`
+  - `src/lib/styles/css/styles.css`
+  - `src/routes/consultation/+page.svelte`
+- Generated new `global.min.css` stylesheet with LightningCSS.
+- Resolved `svelte-check` type error in `PGP key download endpoint` by replacing Node.js `Buffer` with a standards-compliant `Uint8Array` in the `Response()` constructor.
+
+---
+
 ## [1.15.4] - 2025-07-20
 
 ### Changed
@@ -705,7 +822,9 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.15.4...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.17.0...HEAD
+[1.17.0]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.17.0
+[1.16.0]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.16.0
 [1.15.4]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.15.4
 [1.15.3]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.15.3
 [1.15.2]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.15.2

package/CODE_OF_CONDUCT.md

@@ -0,0 +1,173 @@
+<!-- =========================================================================
+CODE_OF_CONDUCT.md
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== -->
+
+<a name="top"></a>
+
+[SPDX-License-Identifier](https://spdx.dev/learn/handling-license-info/):
+`CC-BY-4.0 OR GPL-3.0-or-later`
+
+# Contributor Covenant Code of Conduct
+
+**Network Pro Strategies**  
+**Effective Date:** March 21, 2025
+
+&nbsp;
+
+## Contents
+
+- [Our Pledge](#pledge)
+- [Our Standards](#standards)
+- [Responsibilities](#response)
+- [Scope](#scope)
+- [Enforcement](#enforce)
+- [Attribution](#attribute)
+
+---
+
+<section id="pledge">
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+</section>
+
+<section id="standards">
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+- Demonstrating empathy and kindness toward other people
+- Being respectful of differing opinions, viewpoints, and experiences
+- Giving and gracefully accepting constructive feedback
+- Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+- Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+- The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+- Trolling, insulting or derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+- Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+<sub>[Back to top](#top)</sub>
+
+</section>
+
+<section id="response">
+
+## Responsibilities
+
+Company and community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Company and community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+Network Pro Strategies reserves the right, at its sole discretion, to remove, edit, or reject any contributions that are contrary to or detrimental to its business interests.
+
+<sub>[Back to top](#top)</sub>
+
+</section>
+
+<section id="scope">
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the company or community in public spaces.
+Examples of representing our company or community include using an official email address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+<sub>[Back to top](#top)</sub>
+
+</section>
+
+<section id="enforce">
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the abuse team at [abuse@neteng.pro](mailto:abuse@neteng.pro). All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances.
+
+The abuse team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project’s leadership.
+
+<sub>[Back to top](#top)</sub>
+
+</section>
+
+<section id="attribute">
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+The **Enforcement** section is adapted from the
+[Contributor Covenant][homepage],
+version 1.4, available at
+[https://www.contributor-covenant.org/version/1/4/code-of-conduct/][v1.4].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[v1.4]: https://www.contributor-covenant.org/version/1/4/code-of-conduct/
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations
+
+<sub>[Back to top](#top)</sub>
+
+</section>
+
+---
+
+<div style="font-size: 12px; font-weight: bold; text-align: center;">
+
+[Home](https://netwk.pro) &nbsp; | &nbsp; [Terms of Use](https://netwk.pro/terms-of-use)  
+[Privacy Policy](https://netwk.pro/privacy) &nbsp; | &nbsp; [Legal](https://netwk.pro/license)
+
+</div>
+
+&nbsp;
+
+<span style="font-size: 12px; text-align: center;">
+
+Copyright &copy; 2025  
+**[Network Pro Strategies](https://netwk.pro/)** (Network Pro&trade;)
+
+Network Pro&trade;, the shield logo, and the "Locking Down Networks...&trade;" slogan are [trademarks](https://netwk.pro/license#trademark) of Network Pro Strategies.
+
+Licensed under **[CC BY 4.0](https://netwk.pro/license#cc-by)** and the **[GNU GPL](https://netwk.pro/license#gnu-gpl)**, as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+
+</span>