@networkpro/web 1.25.11 → 1.25.13

package/.env.template

@@ -7,10 +7,11 @@
 # Custom environment mode for scripts and tooling
 # One of: dev, test, ci, audit, production
 ENV_MODE=dev
+PUBLIC_ENV_MODE=dev
 
 # Optional: API keys or tokens for local dev (never commit real values)
-#VITE_PUBLIC_API_URL=https://api.example.com
-#VITE_PUBLIC_SITE_NAME=Network Pro
+#PUBLIC_API_URL=https://api.example.com
+#PUBLIC_SITE_NAME=Network Pro
 
-# ⚠️ DO NOT include sensitive credentials in VITE_ variables
+# ⚠️ DO NOT include sensitive credentials in PUBLIC_ variables
 # These are exposed to client-side code at build time

package/.markdownlint.mjs

@@ -16,6 +16,7 @@ export default {
   customRules: [noSmartQuotes],
 
   // Rule exceptions
+  MD060: false, // Pointless style enforcement — doesn't affect render output
   MD041: false, // First line in file should be a top-level header
   MD033: false, // Allow inline HTML
   MD013: false, // Ignore line length

package/.node-version

@@ -1 +1 @@
-24.11.0
+24.11.1

package/.nvmrc

@@ -1 +1 @@
-24.11.0
+24.11.1

package/CHANGELOG.md

@@ -22,6 +22,45 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.25.13] - 2025-11-16
+
+### Changed
+
+- Updated `.markdownlint.mjs` to ignore rule `MD060`, which is overly strict and unnecessary.
+- Bumped project version to `v1.25.13`.
+- Updated dependencies:
+  - `svelte` `5.43.6` → `5.43.7`
+  - `posthog-js` `^1.292.0` → `^1.293.0`
+  - `@eslint/compat` `^1.4.1` → `^2.0.0`
+  - `markdownlint-cli2` `0.18.1` → `0.19.0`
+
+### Fixed
+
+- Resolved prototype pollution vulnerability in transitive `js-yaml` dependency via `overrides`, due to outdated `@lhci/cli` dependency on `@lhci/utils`.
+
+---
+
+## [1.25.12] - 2025-11-14
+
+### Added
+
+- Added revised **QR code** image assets for **Vcard** information:
+  - `src/lib/img/qr/vcard.png`
+  - `src/lib/img/qr/vcard.webp`
+
+### Changed
+
+- Modified `.node-version` and `.nvmrc` to utilize **Node.js** `24.11.1` (LTS).
+- Updated `.ncurc.cjs` to reject updates to `markdownlint-cli2`, due to discrepancies between in-editor and CLI linting errors.
+- Updated environment template (`.env.template`) to include `PUBLIC_ENV_MODE`, which is now required to build the proper environment (e.g., `dev`, `audit`, `production`).
+- Updated generator metadata in `src/app.html` to reflect **SvelteKit 2.48.5**.
+- Bumped project version to `v1.25.12`.
+- Updated dependencies:
+  - `@sveltejs/kit` `2.48.4` → `2.48.5`
+  - `eslint-plugin-jsdoc` `^61.2.0` → `^61.2.1`
+
+---
+
 ## [1.25.11] - 2025-11-12
 
 ### Added
@@ -1876,7 +1915,9 @@ This enables analytics filtering and CSP hardening for the audit environment.
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.11...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.13...HEAD
+[1.25.13]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.13
+[1.25.12]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.12
 [1.25.11]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.11
 [1.25.10]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.10
 [1.25.9]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.9

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.25.11",
+  "version": "1.25.13",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -86,18 +86,18 @@
   },
   "dependencies": {
     "dompurify": "^3.3.0",
-    "posthog-js": "^1.292.0",
+    "posthog-js": "^1.293.0",
     "semver": "^7.7.3",
-    "svelte": "5.43.6"
+    "svelte": "5.43.7"
   },
   "devDependencies": {
-    "@eslint/compat": "^1.4.1",
+    "@eslint/compat": "^2.0.0",
     "@eslint/js": "^9.39.1",
     "@lhci/cli": "^0.15.1",
     "@playwright/test": "^1.56.1",
     "@sveltejs/adapter-netlify": "^5.2.4",
     "@sveltejs/adapter-vercel": "^6.1.1",
-    "@sveltejs/kit": "2.48.4",
+    "@sveltejs/kit": "2.48.5",
     "@sveltejs/vite-plugin-svelte": "^6.2.1",
     "@testing-library/jest-dom": "^6.9.1",
     "@testing-library/svelte": "^5.2.9",
@@ -106,13 +106,13 @@
     "browserslist": "^4.28.0",
     "eslint": "^9.39.1",
     "eslint-config-prettier": "^10.1.8",
-    "eslint-plugin-jsdoc": "^61.2.0",
+    "eslint-plugin-jsdoc": "^61.2.1",
     "eslint-plugin-svelte": "^3.13.0",
     "globals": "^16.5.0",
     "jsdom": "26.1.0",
     "lightningcss": "^1.30.2",
     "markdownlint": "^0.39.0",
-    "markdownlint-cli2": "^0.18.1",
+    "markdownlint-cli2": "0.19.0",
     "npm-run-all": "^4.1.5",
     "playwright": "^1.56.1",
     "postcss": "^8.5.6",
@@ -135,6 +135,7 @@
   },
   "overrides": {
     "cookie": "^1.0.0",
+    "js-yaml": "^4.1.1",
     "tar": ">=7.5.2",
     "tmp": ">=0.2.4"
   }

package/src/app.html

@@ -53,7 +53,7 @@
       content="bx4ham0zkpvzztzu213bhpt76m9siq" />
     <!-- cspell:enable -->
 
-    <meta name="generator" content="SvelteKit 2.48.4" />
+    <meta name="generator" content="SvelteKit 2.48.5" />
 
     <script src="/disableSw.js"></script>
 

package/vite.config.js

@@ -12,7 +12,7 @@ import { fileURLToPath } from 'node:url';
 import { defineConfig } from 'vite';
 import devtoolsJson from 'vite-plugin-devtools-json';
 import lightningcssPlugin from 'vite-plugin-lightningcss';
-import tsconfigPaths from 'vite-tsconfig-paths'; // NEW: tsconfig/jsconfig alias support
+import tsconfigPaths from 'vite-tsconfig-paths'; // tsconfig/jsconfig alias support
 
 // Compute absolute project root
 const projectRoot = fileURLToPath(new URL('.', import.meta.url));