@networkpro/web 1.25.12 → 1.25.14

package/.markdownlint.mjs

@@ -16,6 +16,7 @@ export default {
   customRules: [noSmartQuotes],
 
   // Rule exceptions
+  MD060: false, // Pointless style enforcement — doesn't affect render output
   MD041: false, // First line in file should be a top-level header
   MD033: false, // Allow inline HTML
   MD013: false, // Ignore line length

package/.ncurc.cjs

@@ -31,13 +31,7 @@ This file is part of Network Pro.
 /** @type {import('npm-check-updates').RunOptions} */
 module.exports = {
   // Ignore specific dependencies (prevent upgrades)
-  reject: [
-    'vitest',
-    '@vitest/coverage-v8',
-    'prettier',
-    'jsdom',
-    'markdownlint-cli2',
-  ],
+  reject: ['vitest', '@vitest/coverage-v8', 'prettier', 'jsdom'],
 
   // Always upgrade devDependencies as well
   dep: 'prod,dev',

package/CHANGELOG.md

@@ -22,6 +22,39 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.25.14] - 2025-11-18
+
+### Changed
+
+- Bumped project version to `v1.25.14`.
+- Updated dependencies:
+  - `svelte` `5.43.7` → `5.43.10`
+  - `posthog-js` `^1.293.0` → `^1.295.0`
+
+### Security
+
+- Added transitive dependency override for `glob` to `^11.1.0`, in order to address CVE-2025-64756.
+
+---
+
+## [1.25.13] - 2025-11-16
+
+### Changed
+
+- Updated `.markdownlint.mjs` to ignore rule `MD060`, which is overly strict and unnecessary.
+- Bumped project version to `v1.25.13`.
+- Updated dependencies:
+  - `svelte` `5.43.6` → `5.43.7`
+  - `posthog-js` `^1.292.0` → `^1.293.0`
+  - `@eslint/compat` `^1.4.1` → `^2.0.0`
+  - `markdownlint-cli2` `0.18.1` → `0.19.0`
+
+### Fixed
+
+- Resolved prototype pollution vulnerability in transitive `js-yaml` dependency via `overrides`, due to outdated `@lhci/cli` dependency on `@lhci/utils`.
+
+---
+
 ## [1.25.12] - 2025-11-14
 
 ### Added
@@ -1897,7 +1930,9 @@ This enables analytics filtering and CSP hardening for the audit environment.
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.12...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.14...HEAD
+[1.25.14]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.14
+[1.25.13]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.13
 [1.25.12]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.12
 [1.25.11]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.11
 [1.25.10]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.10

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.25.12",
+  "version": "1.25.14",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -86,12 +86,12 @@
   },
   "dependencies": {
     "dompurify": "^3.3.0",
-    "posthog-js": "^1.292.0",
+    "posthog-js": "^1.295.0",
     "semver": "^7.7.3",
-    "svelte": "5.43.6"
+    "svelte": "5.43.10"
   },
   "devDependencies": {
-    "@eslint/compat": "^1.4.1",
+    "@eslint/compat": "^2.0.0",
     "@eslint/js": "^9.39.1",
     "@lhci/cli": "^0.15.1",
     "@playwright/test": "^1.56.1",
@@ -112,7 +112,7 @@
     "jsdom": "26.1.0",
     "lightningcss": "^1.30.2",
     "markdownlint": "^0.39.0",
-    "markdownlint-cli2": "0.18.1",
+    "markdownlint-cli2": "0.19.0",
     "npm-run-all": "^4.1.5",
     "playwright": "^1.56.1",
     "postcss": "^8.5.6",
@@ -135,6 +135,8 @@
   },
   "overrides": {
     "cookie": "^1.0.0",
+    "glob": "^11.1.0",
+    "js-yaml": "^4.1.1",
     "tar": ">=7.5.2",
     "tmp": ">=0.2.4"
   }