@networkpro/web 1.18.5 → 1.20.0

package/.github/workflows/build-and-publish.yml

@@ -19,6 +19,7 @@ concurrency:
 permissions:
   actions: read
   contents: read
+  packages: write
 
 jobs:
   check-codeql:
@@ -49,7 +50,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -135,7 +136,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -196,7 +197,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -224,4 +225,4 @@ jobs:
       - name: Publish package to GPR
         run: npm publish
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.NWPRO_GPR }}
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/.github/workflows/lighthouse.yml

@@ -51,7 +51,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Clean previous Lighthouse reports
         run: |

package/.github/workflows/meta-check.yml

@@ -17,7 +17,7 @@ permissions:
 
 jobs:
   meta:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     steps:
       - name: Checkout repo
         uses: actions/checkout@v5

package/.github/workflows/playwright.yml

@@ -41,7 +41,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci

package/.github/workflows/publish-test.yml

@@ -17,6 +17,7 @@ concurrency:
 permissions:
   actions: read
   contents: read
+  packages: write
 
 jobs:
   check-codeql:
@@ -47,7 +48,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -133,7 +134,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -194,7 +195,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -222,4 +223,4 @@ jobs:
       - name: Simulate publish package to GPR
         run: npm publish --dry-run
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.NWPRO_GPR }}
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/.github/workflows/templates/publish.template.yml

@@ -27,6 +27,7 @@ concurrency:
 permissions:
   actions: read
   contents: read
+  packages: write
 
 jobs:
   check-codeql:
@@ -57,7 +58,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -143,7 +144,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -204,7 +205,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.1
+          npm install -g npm@11.6.2
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -232,4 +233,4 @@ jobs:
       - name: Publish package to GPR
         run: npm publish
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.NWPRO_GPR }}
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/CHANGELOG.md

@@ -22,6 +22,119 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.20.0] - 2025-10-17
+
+### Added
+
+- Implemented new **Services** route at `/services`:
+  - Created `src/routes/services/+page.server.js` and `src/routes/services/+page.svelte`.
+  - Added full Services content in `src/lib/pages/ServicesContent.svelte`.
+  - Introduced **Services Summary Table** component (`src/lib/components/ServiceSummaryTable.svelte`).
+- Added corresponding CSS for Services route in `src/lib/styles/css/default.css`.
+- Added PostHog Cloud proxy rewrites to `vercel.json` for analytics endpoint.
+- Added new terms to `cspell.json`: `hcaptcha`, `serv`, and `tshoot`.
+- Updated CI workflows to use **npm v11.6.2** and added `packages: write` permission with `GITHUB_TOKEN` for GPR publishing:
+  - `.github/workflows/build-and-publish.yml`
+  - `.github/workflows/publish-test.yml`
+  - `.github/workflows/templates/publish.template.yml`
+- Updated `.github/workflows/meta-check.yml` to explicitly use the `ubuntu-24.04` runner.
+
+### Changed
+
+- Bumped project version to `v1.20.0`.
+- Updated generator metadata in `src/app.html` to reflect `SvelteKit 2.47.1`.
+- Updated `HeaderDefault.svelte` and `HeaderHome.svelte` to include a "Services" section in navigation.
+- Rebuilt `src/lib/styles/global.min.css` using **LightningCSS**.
+- Updated content in:
+  - `src/lib/pages/AboutContent.svelte` – added contact info and consultation link.
+  - `src/lib/pages/HomeContent.svelte` – added company contact info.
+  - `src/lib/pages/PrivacyContent.svelte` – added new _Security & Anti-Abuse Measures (hCaptcha)_ section.
+  - `src/lib/pages/LicenseContent.svelte` – relocated internal comment.
+- Modified import handling for `RedirectPage` in `src/routes/consultation/+page.svelte`.
+- Updated `src/hooks.server.js`:
+  - Corrected `isTestEnvironment` constant.
+  - Relaxed CSP rules for development mode to support local PostHog proxy.
+- Updated `static/sitemap.xml` to include the `/services` route and refresh _Last Modified_ timestamps.
+- Updated author metadata (`@author`)
+  from **SunDevil311** → **Scott Lopez** across all relevant JS files, including scripts, libs, and tests.
+- Updated dependencies:
+  - `dompurify` `^3.2.7` → `^3.3.0`
+  - `posthog-js` `^1.271.0` → `^1.276.0`
+  - `semver` `^7.7.2` → `^7.7.3`
+  - `svelte` `^5.39.9` → `^5.40.2`
+  - `@eslint/js` `^9.37.0` → `^9.38.0`
+  - `@playwright/test` `^1.55.1` → `^1.56.1`
+  - `@sveltejs/adapter-vercel` `^5.10.3` → `^6.0.0`
+  - `@sveltejs/kit` `2.44.0` → `2.47.1`
+  - `eslint` `^9.37.0` → `^9.38.0`
+  - `eslint-plugin-jsdoc` `^60.8.2` → `^61.1.4`
+  - `markdownlint` `^0.38.0` → `^0.39.0`
+  - `playwright` `^1.55.1` → `^1.56.1`
+  - `svelte-check` `^4.3.2` → `^4.3.3`
+  - `vite` `^7.1.9` → `^7.1.10`
+
+### Removed
+
+- Deleted redundant comment from `src/routes/layout.svelte`.
+
+### 🧩 Technical Notes
+
+<!-- markdownlint-disable MD036 -->
+
+**PostHog Proxy and CSP Adjustments**
+
+- Introduced `/relay-MSR0` reverse proxy via **Vercel rewrites** to route PostHog analytics traffic through the site origin, improving privacy compliance and avoiding CORS preflight requests.
+- Updated `vercel.json` accordingly to map:
+  - `/relay-MSR0/static/(.*)` → `https://us-assets.i.posthog.com/static/$1`
+  - `/relay-MSR0/(.*)` → `https://us.i.posthog.com/$1`
+- Adjusted Content Security Policy (CSP) in `src/hooks.server.js`:
+  - Removed explicit `/relay-MSR0` source from `connect-src` (invalid in CSP).
+  - `'self'` now implicitly allows `/relay-MSR0` requests on the same origin.
+  - Development CSP remains more permissive (`unsafe-inline`, `unsafe-eval`, `localhost:*`) for compatibility with PostHog local testing.
+
+**Miscellaneous**
+
+- Confirmed `initPostHog()` dynamic import strategy prevents SSR evaluation errors.
+- Verified service worker (`service-worker.js`) continues caching non-PostHog requests correctly.
+- Verified `Strict-Transport-Security` and other headers remain unaffected by proxy rewrite behavior.
+
+<!-- markdownlint-enable MD036 -->
+
+---
+
+## [1.19.0] - 2025-10-06
+
+### Added
+
+- **`src/lib/components/index.js`**, **`src/lib/components/foss/index.js`**, **`src/lib/components/layout/index.js`**
+  - Introduced explicit component export modules to improve import consistency across the library.
+  - Added wildcard exports in `src/lib/index.js` for these component modules, enabling `$lib/components/...` shorthand imports.
+- **`tests/unit/client/lib/PWAInstallButton.test.js`**
+  - Added focused unit tests for `PWAInstallButton.svelte` verifying install-event handling and user-prompt logic using `Vitest` and `@testing-library/svelte`.
+- **`src/lib/README.md`**, **`src/lib/types/README.md`**
+  - Added contextual documentation for the library and type definition directories.
+  - Clarifies module structure, export hierarchy, and intended usage for contributors.
+
+### Changed
+
+- Bumped project version to `v1.19.0`.
+- Updated `src/lib/pages/AboutContent.svelte` with new services
+- Added DOM and animation mocks (`window.matchMedia`, `Element.prototype.animate`) to `vitest-setup-client.js` to stabilize component transition tests.
+- Updated `src/lib/index.js` to export all component and utility submodules explicitly, replacing previous implicit import behavior.
+- Centralized page-level component exports in `src/lib/pages/index.js` for consistent import structure.
+- Updated `src/routes/+layout.svelte` to import objects from submodules, instead of by their explicit alias
+- Minor alignment in `src/routes/+page.svelte` and `src/routes/links/+page.svelte` with updated component imports
+- Moved inline CSS fom `src/lib/components/FullWidthSection.svelte` into `src/lib/styles/css/default.css`
+- Generated an updated `src/lib/styles/global.min.css` file with LightningCSS
+- Updated `.gitignore` to remove duplicate `.vercel` entry
+- Updated last modified dates in `static/sitemap.xml`
+- Updated dependencies:
+  - `eslint-plugin-jsdoc` `^60.8.1` → `^60.8.2`
+  - `posthog-js` `^1.270.1` → `^1.271.0`
+  - `svelte` `5.39.8` → `5.39.9`
+
+---
+
 ## [1.18.5] - 2025-10-05
 
 ### Added
@@ -1008,7 +1121,9 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.18.5...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.20.0...HEAD
+[1.20.0]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.20.0
+[1.19.0]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.19.0
 [1.18.5]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.18.5
 [1.18.4]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.18.4
 [1.18.3]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.18.3

package/cspell.json

@@ -23,6 +23,7 @@
     "fontawesome",
     "foss",
     "geolocation",
+    "hcaptcha",
     "heliboard",
     "homescreen",
     "HREFTOP",
@@ -66,6 +67,7 @@
     "prefs",
     "publickey",
     "reconsent",
+    "serv",
     "shizuku",
     "SIEM",
     "SPDY",
@@ -76,6 +78,7 @@
     "subsites",
     "Supercookie",
     "supercookies",
+    "tshoot",
     "unregisters",
     "urlcheck",
     "vcard",

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.18.5",
+  "version": "1.20.0",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -52,7 +52,7 @@
     "verify": "npm run checkout",
     "delete": "rm -rf build .svelte-kit node_modules package-lock.json",
     "clean": "npm run delete && npm cache clean --force && npm install",
-    "upgrade": "npx npm-check-updates -u",
+    "upgrade": "npm-check-updates -u",
     "test": "npm run test:all",
     "test:all": "npm run test:client -- --run && npm run test:server -- --run",
     "test:client": "vitest --config vitest.config.client.js",
@@ -77,34 +77,34 @@
     "postinstall": "npm run check:node"
   },
   "dependencies": {
-    "dompurify": "^3.2.7",
-    "posthog-js": "^1.270.1",
-    "semver": "^7.7.2",
-    "svelte": "5.39.8"
+    "dompurify": "^3.3.0",
+    "posthog-js": "^1.276.0",
+    "semver": "^7.7.3",
+    "svelte": "5.40.2"
   },
   "devDependencies": {
     "@eslint/compat": "^1.4.0",
-    "@eslint/js": "^9.37.0",
+    "@eslint/js": "^9.38.0",
     "@lhci/cli": "^0.15.1",
-    "@playwright/test": "^1.55.1",
-    "@sveltejs/adapter-vercel": "^5.10.3",
-    "@sveltejs/kit": "2.44.0",
+    "@playwright/test": "^1.56.1",
+    "@sveltejs/adapter-vercel": "^6.0.0",
+    "@sveltejs/kit": "2.47.1",
     "@sveltejs/vite-plugin-svelte": "^6.2.1",
     "@testing-library/jest-dom": "^6.9.1",
     "@testing-library/svelte": "^5.2.8",
     "@vitest/coverage-v8": "^3.2.4",
     "autoprefixer": "^10.4.21",
     "browserslist": "^4.26.3",
-    "eslint": "^9.37.0",
+    "eslint": "^9.38.0",
     "eslint-config-prettier": "^10.1.8",
-    "eslint-plugin-jsdoc": "^60.8.1",
+    "eslint-plugin-jsdoc": "^61.1.4",
     "eslint-plugin-svelte": "^3.12.4",
     "globals": "^16.4.0",
     "jsdom": "26.1.0",
     "lightningcss": "^1.30.2",
-    "markdownlint": "^0.38.0",
+    "markdownlint": "^0.39.0",
     "markdownlint-cli2": "^0.18.1",
-    "playwright": "^1.55.1",
+    "playwright": "^1.56.1",
     "postcss": "^8.5.6",
     "prettier": "^3.6.2",
     "prettier-plugin-svelte": "^3.4.0",
@@ -112,11 +112,11 @@
     "stylelint-config-html": "^1.1.0",
     "stylelint-config-recommended": "^17.0.0",
     "stylelint-order": "^7.0.0",
-    "svelte-check": "^4.3.2",
+    "svelte-check": "^4.3.3",
     "svelte-eslint-parser": "^1.3.3",
     "svelte-preprocess": "^6.0.3",
     "typescript": "^5.9.3",
-    "vite": "^7.1.9",
+    "vite": "^7.1.10",
     "vite-plugin-lightningcss": "^0.0.5",
     "vite-tsconfig-paths": "^5.1.4",
     "vitest": "^3.2.4"

package/scripts/auditScripts.js

@@ -11,7 +11,7 @@ This file is part of Network Pro.
  * Looks for any .js/.mjs files without a matching test in tests/
  *
  * @module scripts/
- * @author SunDevil311
+ * @author Scott Lopez
  * @updated 2025-05-21
  */
 

package/scripts/bundleCss.js

@@ -11,7 +11,7 @@ This file is part of Network Pro.
  * Transforms and minifies CSS files using LightningCSS (single file)
  *
  * @module scripts/
- * @author SunDevil311
+ * @author Scott Lopez
  * @updated 2025-05-16
  */
 

package/scripts/checkEnv.js

@@ -11,7 +11,7 @@ This file is part of Network Pro.
  * Ensures `ENV_MODE` is defined and matches allowed environments
  *
  * @module scripts/
- * @author SunDevil311
+ * @author Scott Lopez
  * @updated 2025-05-21
  */
 

package/scripts/checkNode.js

@@ -15,7 +15,7 @@ This file is part of Network Pro.
  * - In all other cases (manual run, CI, verify): fails on mismatch
  *
  * @module scripts/
- * @author SunDevil311
+ * @author Scott Lopez
  * @updated 2025-05-23
  */
 

package/scripts/checkVersions.js

@@ -12,7 +12,7 @@ This file is part of Network Pro.
  * test runs
  *
  * @module scripts/
- * @author SunDevil311
+ * @author Scott Lopez
  * @updated 2025-05-20
  */
 

package/scripts/generateTest.js

@@ -13,7 +13,7 @@ This file is part of Network Pro.
  * @description Auto-generates a *.test.js scaffold for utilities and
  * components.
  * @module scripts
- * @author SunDevil311
+ * @author Scott Lopez
  * @updated 2025-06-01
  */
 

package/scripts/openReport.js

@@ -12,7 +12,7 @@ This file is part of Network Pro.
  * Handles platform-specific commands to launch the report in the default browser.
  *
  * @module scripts/
- * @author SunDevil311
+ * @author Scott Lopez
  * @updated 2025-06-09
  */
 

package/src/app.html

@@ -24,7 +24,7 @@
       sizes="any"
       type="image/x-icon" />
 
-    <!-- Preconnect to PostHog domains -->
+    <!-- Preconnect to PostHog domains
     <link
       rel="preconnect"
       href="https://us.i.posthog.com"
@@ -33,6 +33,7 @@
       rel="preconnect"
       href="https://us-assets.i.posthog.com"
       crossorigin="anonymous" />
+    -->
 
     <!-- Preload FontAwesome webfonts -->
     <link
@@ -63,7 +64,7 @@
       content="bx4ham0zkpvzztzu213bhpt76m9siq" />
     <!-- cspell:enable -->
 
-    <meta name="generator" content="SvelteKit 2.44.0" />
+    <meta name="generator" content="SvelteKit 2.47.1" />
 
     <script src="/disableSw.js"></script>
 
@@ -71,9 +72,5 @@
   </head>
   <body>
     <div id="svelte">%sveltekit.body%</div>
-
-    <!-- LinkedIn Insight Tag removed 2025-05-26 -->
-
-    <!-- cspell:ignore preconnects webfonts lintrk -->
   </body>
 </html>

package/src/hooks.server.js

@@ -17,7 +17,9 @@ export async function handle({ event, resolve }) {
   // Determine environment flags
   // Default to development policy if neither test nor prod
   const isTestEnvironment =
-    process.env.NODE_ENV === 'test' || process.env.ENV_MODE === 'ci';
+    process.env.NODE_ENV === 'development' ||
+    process.env.ENV_MODE === 'dev' ||
+    process.env.ENV_MODE === 'ci';
   const isProdEnvironment =
     process.env.NODE_ENV === 'production' || process.env.ENV_MODE === 'prod';
 
@@ -48,15 +50,16 @@ export async function handle({ event, resolve }) {
     'report-to csp-endpoint;',
   ];
 
-  // Loosen up CSP for test environments
+  // Loosen up CSP for test environments (and allow local PostHog proxy)
   if (isTestEnvironment) {
     cspDirectives[1] =
-      "script-src 'self' 'unsafe-inline' 'unsafe-eval' ws://localhost:*;";
+      "script-src 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:* ws://localhost:*;";
     cspDirectives[2] =
-      "script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ws://localhost:*;";
-    cspDirectives[3] = "style-src 'self' 'unsafe-inline';";
-    cspDirectives[4] = "img-src 'self' data:;";
-    cspDirectives[5] = "connect-src 'self';";
+      "script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' http://localhost:* ws://localhost:*;";
+    cspDirectives[3] = "style-src 'self' 'unsafe-inline' http://localhost:*;";
+    cspDirectives[4] = "img-src 'self' data: http://localhost:*;";
+    cspDirectives[5] =
+      "connect-src 'self' http://localhost:* ws://localhost:* https://us.i.posthog.com https://us-assets.i.posthog.com;";
   }
 
   response.headers.set(