npm - @networkpro/web - Versions diffs - 1.25.12 → 1.25.13 - Mend

@networkpro/web 1.25.12 → 1.25.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/.markdownlint.mjs CHANGED Viewed

@@ -16,6 +16,7 @@ export default {
   customRules: [noSmartQuotes],
   // Rule exceptions
+  MD060: false, // Pointless style enforcement — doesn't affect render output
   MD041: false, // First line in file should be a top-level header
   MD033: false, // Allow inline HTML
   MD013: false, // Ignore line length

package/.ncurc.cjs CHANGED Viewed

@@ -31,13 +31,7 @@ This file is part of Network Pro.
 /** @type {import('npm-check-updates').RunOptions} */
 module.exports = {
   // Ignore specific dependencies (prevent upgrades)
-  reject: [
-    'vitest',
-    '@vitest/coverage-v8',
-    'prettier',
-    'jsdom',
-    'markdownlint-cli2',
-  ],
+  reject: ['vitest', '@vitest/coverage-v8', 'prettier', 'jsdom'],
   // Always upgrade devDependencies as well
   dep: 'prod,dev',

package/CHANGELOG.md CHANGED Viewed

@@ -22,6 +22,24 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 ---
+## [1.25.13] - 2025-11-16
+### Changed
+- Updated `.markdownlint.mjs` to ignore rule `MD060`, which is overly strict and unnecessary.
+- Bumped project version to `v1.25.13`.
+- Updated dependencies:
+  - `svelte` `5.43.6` → `5.43.7`
+  - `posthog-js` `^1.292.0` → `^1.293.0`
+  - `@eslint/compat` `^1.4.1` → `^2.0.0`
+  - `markdownlint-cli2` `0.18.1` → `0.19.0`
+### Fixed
+- Resolved prototype pollution vulnerability in transitive `js-yaml` dependency via `overrides`, due to outdated `@lhci/cli` dependency on `@lhci/utils`.
+---
 ## [1.25.12] - 2025-11-14
 ### Added
@@ -1897,7 +1915,8 @@ This enables analytics filtering and CSP hardening for the audit environment.
 <!-- Link references -->
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.12...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.13...HEAD
+[1.25.13]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.13
 [1.25.12]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.12
 [1.25.11]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.11
 [1.25.10]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.10

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.25.12",
+  "version": "1.25.13",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -86,12 +86,12 @@
   },
   "dependencies": {
     "dompurify": "^3.3.0",
-    "posthog-js": "^1.292.0",
+    "posthog-js": "^1.293.0",
     "semver": "^7.7.3",
-    "svelte": "5.43.6"
+    "svelte": "5.43.7"
   },
   "devDependencies": {
-    "@eslint/compat": "^1.4.1",
+    "@eslint/compat": "^2.0.0",
     "@eslint/js": "^9.39.1",
     "@lhci/cli": "^0.15.1",
     "@playwright/test": "^1.56.1",
@@ -112,7 +112,7 @@
     "jsdom": "26.1.0",
     "lightningcss": "^1.30.2",
     "markdownlint": "^0.39.0",
-    "markdownlint-cli2": "0.18.1",
+    "markdownlint-cli2": "0.19.0",
     "npm-run-all": "^4.1.5",
     "playwright": "^1.56.1",
     "postcss": "^8.5.6",
@@ -135,6 +135,7 @@
   },
   "overrides": {
     "cookie": "^1.0.0",
+    "js-yaml": "^4.1.1",
     "tar": ">=7.5.2",
     "tmp": ">=0.2.4"
   }