@networkpro/web 1.25.16 → 1.25.18

package/.github/workflows/build-and-publish.yml

@@ -45,7 +45,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -130,7 +130,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -186,7 +186,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci

package/.github/workflows/check-security-txt-expiry.yml

@@ -10,7 +10,7 @@ permissions:
 
 jobs:
   check-expiry:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     name: Validate .well-known/security.txt expiration
     env:
       ENV_MODE: ci

package/.github/workflows/lighthouse.yml

@@ -51,7 +51,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Clean previous Lighthouse reports
         run: |

package/.github/workflows/playwright.yml

@@ -41,7 +41,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci

package/.github/workflows/publish-test.yml

@@ -48,7 +48,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -134,7 +134,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -195,7 +195,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci

package/.github/workflows/templates/publish.template.yml

@@ -53,7 +53,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -134,7 +134,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci
@@ -190,7 +190,7 @@ jobs:
       - name: Upgrade npm
         run: |
           corepack enable
-          npm install -g npm@11.6.2
+          npm install -g npm@11.7.0
 
       - name: Install Node.js dependencies
         run: npm ci

package/.ncurc.cjs

@@ -31,7 +31,7 @@ This file is part of Network Pro.
 /** @type {import('npm-check-updates').RunOptions} */
 module.exports = {
   // Ignore specific dependencies (prevent upgrades)
-  reject: ['vitest', '@vitest/coverage-v8', 'prettier', 'jsdom'],
+  reject: ['vitest', '@vitest/coverage-v8', 'prettier'],
 
   // Always upgrade devDependencies as well
   dep: 'prod,dev',

package/CHANGELOG.md

@@ -22,6 +22,85 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.25.18] - 2025-12-11
+
+### Changed
+
+- Refreshed timestamp for root route in `sitemap.xml`.
+- Reformatted the following files with Prettier:
+  - `src/lib/README.md`
+  - `src/lib/pages/LicenseContent.svelte`
+  - `src/lib/pages/PrivacyContent.svelte`
+  - `src/lib/pages/TermsUseContent.svelte`
+- Bumped project version to `v1.25.18`.
+- Updated dependencies:
+  - `prettier` `3.6.2` → `3.7.4`
+
+---
+
+## [1.25.17] - 2025-12-11
+
+### Added
+
+- Added SSR boundary protection test (`tests/unit/server/internal/ssrBoundary.test.js`):
+  - Detects Node-only imports (`jsdom`, `fs`, `path`, etc.) in client-visible modules.
+  - Ensures imports are properly gated behind `import.meta.env.SSR`.
+  - Prevents accidental SSR/client boundary violations in future code changes.
+- Added support for detecting SSR-safe code paths by allowing SSR-gated dynamic imports in shared modules.
+
+### Changed
+
+- Refactored `src/service-worker.js` for improved consistency, clarity, and lint compatibility:
+  - Removed unused function parameters (`_err`) and adjusted callback signatures to align with ESLint expectations.
+  - Replaced anonymous no-op parameters with explicitly ignored placeholders using the `_` naming convention.
+  - Improved async iteration patterns in asset caching logic for better readability and maintainability.
+  - Updated JSDoc annotations for accuracy and improved editor support.
+  - Ensured all cache operations conform to structured error-handling patterns consistent with the rest of the codebase.
+
+- Updated `src/lib/utils/purify.js`:
+  - Replaced `typeof window !== 'undefined'` guard with compile-time `import.meta.env.SSR`.
+  - Ensures Vite tree-shakes `jsdom` imports from client bundles.
+  - Fixed build failures caused by jsdom/cssstyle when bundled on the client.
+  - Preserves existing DOMPurify caching and SSR behavior.
+
+- Enhanced ESLint `no-unused-vars` rule in `eslint.config.mjs`:
+  - Added support for ignoring unused catch parameters via `caughtErrors` and `caughtErrorsIgnorePattern`.
+  - Prevented false positives on intentionally unused error variables (e.g., `_err`).
+  - Expanded ignore patterns to match project coding conventions.
+
+- Replaced `src/lib/img/qr/vcard.png` and `src/lib/img/qr/vcard.webp` with revised versions.
+- Updated GitHub workflows to utilize **npm** `11.7.0`.
+- Updated generator metadata in `src/app.html` to reflect **SvelteKit 2.49.2**.
+- Updated `src/lib/README.md` to reflect the newly updated app constant.
+- Updated contact information in `static/bin/contact.vcf`.
+- Updated `CONTACT.PHONE` app constant to reflect our new phone number, (602) 428-5300.
+- Removed `jsdom` from `.ncurc.cjs` `reject` list.
+- Bumped project version to `v1.25.17`.
+- Updated dependencies:
+  - `dompurify` `^3.3.0` → `^3.3.1`
+  - `posthog-js` `^1.295.0` → `^1.305.0`
+  - `svelte` `5.43.12` → `5.45.9`
+  - `@playwright/test` `^1.56.1` → `^1.57.0`
+  - `@sveltejs/adapter-vercel` `^6.1.1` → `^6.2.0`
+  - `@sveltejs/kit` `2.48.5` → `2.49.2`
+  - `browserslist` `^4.28.0` → `^4.28.1`
+  - `eslint-plugin-jsdoc` `^61.2.1` → `^61.5.0`
+  - `eslint-plugin-svelte` `^3.13.0` → `^3.13.1`
+  - `markdownlint` `^0.39.0` → `^0.40.0`
+  - `markdownlint-cli2` `0.19.0` → `0.20.0`
+  - `playwright` `^1.56.1` → `^1.57.0`
+  - `stylelint` `^16.25.0` → `^16.26.1`
+  - `svelte-eslint-parser` `^1.4.0` → `^1.4.1`
+  - `vite` `^7.2.2` → `^7.2.7`
+  - `jsdom` `26.1.0` → `27.3.0`
+
+### Fixed
+
+- Resolved client-side build failures caused by dynamic jsdom imports leaking into the Vite dependency graph.
+- Resolved false positive ESLint errors for unused catch bindings in JS modules.
+
+---
+
 ## [1.25.16] - 2025-11-18
 
 ### Changed
@@ -1961,7 +2040,9 @@ This enables analytics filtering and CSP hardening for the audit environment.
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.16...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.18...HEAD
+[1.25.18]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.18
+[1.25.17]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.17
 [1.25.16]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.16
 [1.25.15]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.15
 [1.25.14]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.14

package/eslint.config.mjs

@@ -65,14 +65,27 @@ export default [
       ...js.configs.recommended.rules, // ESLint's core recommended rules (scoped)
       ...eslintConfigPrettier.rules, // Prettier config to disable conflicting ESLint rules (scoped)
       ...ESLINT_RULES, // Additional custom rules
-      'no-unused-vars': ['error', { argsIgnorePattern: '^_' }], // Ignore unused variables starting with an underscore
+
+      // Updated unused variable handling:
+      // - Ignore args starting with "_"
+      // - Ignore vars starting with "_"
+      // - Allow unused catch variables named "_err" or any "_*"
+      'no-unused-vars': [
+        'error',
+        {
+          argsIgnorePattern: '^_',
+          varsIgnorePattern: '^_',
+          caughtErrors: 'all',
+          caughtErrorsIgnorePattern: '^_',
+        },
+      ],
+
       'jsdoc/check-alignment': 'warn', // Ensure JSDoc block tags are aligned
       'jsdoc/check-param-names': 'warn', // Checks parameter names in JSDoc
-      // Updated rule to allow the @updated tag
       'jsdoc/check-tag-names': [
         'warn',
         {
-          definedTags: ['updated'],
+          definedTags: ['updated'], // Allow custom @updated tag
         },
       ],
       'jsdoc/check-types': 'warn', // Checks if types in JSDoc are defined correctly

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.25.16",
+  "version": "1.25.18",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -85,49 +85,50 @@
     "pre-push": "if [ \"$CI\" = \"true\" ]; then exit 0; else npm run checkout; fi"
   },
   "dependencies": {
-    "dompurify": "^3.3.0",
-    "posthog-js": "^1.295.0",
+    "dompurify": "^3.3.1",
+    "posthog-js": "^1.305.0",
     "semver": "^7.7.3",
-    "svelte": "5.43.12"
+    "svelte": "5.45.9"
   },
   "devDependencies": {
     "@eslint/compat": "^2.0.0",
     "@eslint/js": "^9.39.1",
     "@lhci/cli": "^0.15.1",
-    "@playwright/test": "^1.56.1",
+    "@playwright/test": "^1.57.0",
     "@sveltejs/adapter-netlify": "^5.2.4",
-    "@sveltejs/adapter-vercel": "^6.1.1",
-    "@sveltejs/kit": "2.48.5",
+    "@sveltejs/adapter-vercel": "^6.2.0",
+    "@sveltejs/kit": "2.49.2",
     "@sveltejs/vite-plugin-svelte": "^6.2.1",
     "@testing-library/jest-dom": "^6.9.1",
     "@testing-library/svelte": "^5.2.9",
     "@vitest/coverage-v8": "3.2.4",
     "autoprefixer": "^10.4.22",
-    "browserslist": "^4.28.0",
+    "browserslist": "^4.28.1",
     "eslint": "^9.39.1",
     "eslint-config-prettier": "^10.1.8",
-    "eslint-plugin-jsdoc": "^61.2.1",
-    "eslint-plugin-svelte": "^3.13.0",
+    "eslint-plugin-jsdoc": "^61.5.0",
+    "eslint-plugin-svelte": "^3.13.1",
     "globals": "^16.5.0",
-    "jsdom": "26.1.0",
+    "globby": "^16.0.0",
+    "jsdom": "27.3.0",
     "lightningcss": "^1.30.2",
-    "markdownlint": "^0.39.0",
-    "markdownlint-cli2": "0.19.0",
+    "markdownlint": "^0.40.0",
+    "markdownlint-cli2": "0.20.0",
     "npm-run-all": "^4.1.5",
-    "playwright": "^1.56.1",
+    "playwright": "^1.57.0",
     "postcss": "^8.5.6",
-    "prettier": "3.6.2",
+    "prettier": "3.7.4",
     "prettier-plugin-svelte": "^3.4.0",
     "simple-git-hooks": "^2.13.1",
-    "stylelint": "^16.25.0",
+    "stylelint": "^16.26.1",
     "stylelint-config-html": "^1.1.0",
     "stylelint-config-recommended": "^17.0.0",
     "stylelint-order": "^7.0.0",
     "svelte-check": "^4.3.4",
-    "svelte-eslint-parser": "^1.4.0",
+    "svelte-eslint-parser": "^1.4.1",
     "svelte-preprocess": "^6.0.3",
     "typescript": "^5.9.3",
-    "vite": "^7.2.2",
+    "vite": "^7.2.7",
     "vite-plugin-devtools-json": "^1.0.0",
     "vite-plugin-lightningcss": "^0.0.5",
     "vite-tsconfig-paths": "^5.1.4",

package/src/app.html

@@ -53,7 +53,7 @@
       content="bx4ham0zkpvzztzu213bhpt76m9siq" />
     <!-- cspell:enable -->
 
-    <meta name="generator" content="SvelteKit 2.48.5" />
+    <meta name="generator" content="SvelteKit 2.49.2" />
 
     <script src="/disableSw.js"></script>
 

package/src/lib/README.md

@@ -84,7 +84,7 @@ console.log(CONSTANTS.COMPANY_INFO.APP_NAME); // "Network Pro"
 | Key        | Description                  | Example                  |
 | ---------- | ---------------------------- | ------------------------ |
 | `NAME`     | Full company name            | `Network Pro Strategies` |
-| `APP_NAME` | Application or branding name | `Network Pro™`          |
+| `APP_NAME` | Application or branding name | `Network Pro™`           |
 | `YEAR`     | Copyright / app year         | `2025`                   |
 
 ### 📬 CONTACT
@@ -97,7 +97,7 @@ console.log(CONSTANTS.COMPANY_INFO.APP_NAME); // "Network Pro"
 | `SECURE_LINK`  | Secure contact address (link)  | `contact@s.neteng.pro`      |
 | `PRIVACY`      | Privacy-related contact        | `privacy (at) netwk.pro`    |
 | `PRIVACY_LINK` | Privacy-related contact (link) | `privacy@netwk.pro`         |
-| `PHONE`        | Company phone number           | `(623) 252-4350`            |
+| `PHONE`        | Company phone number           | `(602) 428-5300`            |
 
 ### 🗂️ PAGE
 

package/src/lib/index.js

@@ -62,7 +62,7 @@ export const CONSTANTS = {
     SECURE_LINK: 'contact@s.neteng.pro',
     PRIVACY: 'privacy (at) netwk.pro',
     PRIVACY_LINK: 'privacy@netwk.pro',
-    PHONE: '(623) 252-4350',
+    PHONE: '(602) 428-5300',
   },
   PAGE: {
     BLANK: '_blank',

package/src/lib/pages/LicenseContent.svelte

@@ -313,8 +313,8 @@ This file is part of Network Pro.
       </p>
 
       <p>
-        {COMPANY_INFO.APP_NAME} is free software: you can redistribute it and/or
-        modify it under the terms of the
+        {COMPANY_INFO.APP_NAME} is free software: you can redistribute it and/or modify
+        it under the terms of the
         <strong>GNU General Public License</strong> (GNU GPL) as published by
         the
         <a rel={PAGE.REL} href="https://fsf.org" target={PAGE.BLANK}

package/src/lib/pages/PrivacyContent.svelte

@@ -163,8 +163,8 @@ This file is part of Network Pro.
         {COMPANY_INFO.NAME} ("Company," "we," "us," or "our") is committed to protecting
         the privacy of clients and website visitors. This Privacy Policy outlines
         how we collect, use, and safeguard your information when you interact with
-        our website or services, consistent with applicable U.S. federal law and
-        Arizona law, including Title 18, Chapter 5, Article 4 of the
+        our website or services, consistent with applicable U.S. federal law and Arizona
+        law, including Title 18, Chapter 5, Article 4 of the
         <strong>
           <a
             rel={PAGE.REL}
@@ -222,8 +222,8 @@ This file is part of Network Pro.
         opt-out and opt-in settings stored as browser cookies. These settings
         override any Do Not Track (DNT) or Global Privacy Control (GPC) signals. <strong
           >If you opt out, analytics tracking via PostHog is disabled entirely
-          until you change your preference.</strong> Your selection will persist
-        until manually updated.
+          until you change your preference.</strong> Your selection will persist until
+        manually updated.
       </p>
       <p class="emphasis">
         For convenient access, you can manage these settings through our <a
@@ -367,10 +367,10 @@ This file is part of Network Pro.
           <strong>Business Transfers</strong>: In the event of a merger,
           acquisition, or sale of assets, personal and business information may
           be transferred
-          <em>only if the receiving party provides written assurances</em> that:
-          (a) the information will not be sold or misused, (b) it will be handled
-          in a manner consistent with our privacy commitments, and (c) appropriate
-          technical and contractual safeguards are in place to protect it.
+          <em>only if the receiving party provides written assurances</em> that: (a)
+          the information will not be sold or misused, (b) it will be handled in a
+          manner consistent with our privacy commitments, and (c) appropriate technical
+          and contractual safeguards are in place to protect it.
         </li>
       </ul>
       <p>
@@ -402,8 +402,8 @@ This file is part of Network Pro.
 
       <ul>
         <li>
-          <strong>Access, correct, or delete</strong> your personal information,
-          subject to legal and contractual limitations;
+          <strong>Access, correct, or delete</strong> your personal information, subject
+          to legal and contractual limitations;
         </li>
         <li>
           <strong
@@ -445,10 +445,10 @@ This file is part of Network Pro.
       </p>
     {:else if link.id === 'disclaimers'}
       <p>
-        {COMPANY_INFO.NAME} offers informational content as a public service. No
-        warranties are made regarding the accuracy or completeness of such content.
-        Consulting services are governed by separate contracts. We disclaim liability
-        for third-party services integrated or referenced.
+        {COMPANY_INFO.NAME} offers informational content as a public service. No warranties
+        are made regarding the accuracy or completeness of such content. Consulting
+        services are governed by separate contracts. We disclaim liability for third-party
+        services integrated or referenced.
       </p>
     {:else if link.id === 'changes'}
       <p>

package/src/lib/pages/TermsUseContent.svelte

@@ -197,8 +197,8 @@ This file is part of Network Pro.
       <p>
         {COMPANY_INFO.NAME} is based in Maricopa County, Arizona. Any legal action
         or dispute arising from these Terms of Use shall be subject to the exclusive
-        jurisdiction of the state and federal courts located in Maricopa County,
-        Arizona. These Terms shall be governed by the
+        jurisdiction of the state and federal courts located in Maricopa County, Arizona.
+        These Terms shall be governed by the
         <strong>Arizona Revised Statutes (A.R.S.)</strong> and applicable
         provisions of the <strong>United States Code (U.S.C.)</strong>.
       </p>

package/src/lib/utils/purify.js

@@ -10,9 +10,9 @@ This file is part of Network Pro.
  * @file purify.js
  * @description Universal DOMPurify instance for SSR + client with safe build support.
  * Secures untrusted HTML before injecting it into the DOM.
- * @module src/lib/utils/
+ * @module src/lib/utils
  * @author Scott Lopez
- * @updated 2025-06-01
+ * @updated 2025-12-11
  */
 
 import createDOMPurify from 'dompurify';
@@ -37,11 +37,11 @@ let jsdomWindow = null;
 export async function getDOMPurify() {
   if (DOMPurifyInstance) return DOMPurifyInstance;
 
-  if (typeof window !== 'undefined') {
+  if (!import.meta.env.SSR) {
     // ✅ Client-side: use native window
     DOMPurifyInstance = createDOMPurify(window);
   } else {
-    // ✅ SSR: dynamically import jsdom to avoid bundling
+    // ✅ SSR: dynamically import jsdom — gated so Vite will tree-shake it from the client bundle
     const { JSDOM } = await import('jsdom');
     jsdomWindow = jsdomWindow || new JSDOM('').window;
     DOMPurifyInstance = createDOMPurify(jsdomWindow);

package/src/service-worker.js

@@ -6,18 +6,20 @@ SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
 This file is part of Network Pro.
 ========================================================================== */
 
-/** @type {ServiceWorkerGlobalScope} */
+/// <reference lib="webworker" />
+/// <reference types="vite/client" />
+
+/**
+ * @type {ServiceWorkerGlobalScope}
+ */
 const sw = /** @type {ServiceWorkerGlobalScope} */ (
   /** @type {unknown} */ (self)
 );
 
-/// <reference types="vite/client" />
-
 const isDev = location.hostname === 'localhost';
-const disallowedHosts = [
-  'us.i.posthog.com', // Add PostHog to disallowed hosts
-  'posthog.com', // Add PostHog to disallowed hosts
-];
+
+/** @type {string[]} */
+const disallowedHosts = ['us.i.posthog.com', 'posthog.com'];
 
 import { build, files, version } from '$service-worker';
 
@@ -27,6 +29,7 @@ const CACHE = `cache-${version}`;
 /** @type {string[]} */
 const excludedAssets = [];
 
+/** @type {Set<string>} */
 const IGNORE_PATHS = new Set([
   '/.well-known/security.txt.sig',
   '/img/banner-1280x640.png',
@@ -76,6 +79,7 @@ const ASSETS = [
   ),
 ];
 
+/** @type {string[]} */
 const uniqueExcludedAssets = [...new Set(excludedAssets)].sort();
 
 /** @type {string[]} */
@@ -108,12 +112,12 @@ if (isDev) {
 }
 
 /**
- * Safely cache a list of assets, logging or throwing if required assets fail.
+ * Safely cache a list of assets.
  *
  * @param {Cache} cache
  * @param {string[]} assets
- * @param {string[]} required
- * @returns {Promise<string[]>} Cached asset paths
+ * @param {string[]} [required=[]]
+ * @returns {Promise<string[]>}
  */
 async function cacheAssetsSafely(cache, assets, required = []) {
   /** @type {string[]} */
@@ -150,6 +154,9 @@ async function cacheAssetsSafely(cache, assets, required = []) {
 }
 
 // 🔹 Install event
+/**
+ * @param {ExtendableEvent} event
+ */
 sw.addEventListener('install', (event) => {
   if (isDev) console.log('[SW] Install event');
 
@@ -160,9 +167,7 @@ sw.addEventListener('install', (event) => {
 
       try {
         cachedPaths = await cacheAssetsSafely(cache, ASSETS, REQUIRED_ASSETS);
-        if (isDev) {
-          console.log('[SW] Cached assets:', cachedPaths);
-        }
+        if (isDev) console.log('[SW] Cached assets:', cachedPaths);
       } catch (err) {
         if (isDev) throw err;
         console.warn('[SW] Error while precaching (non-fatal in prod):', err);
@@ -175,8 +180,12 @@ sw.addEventListener('install', (event) => {
 });
 
 // 🔹 Activate event
+/**
+ * @param {ExtendableEvent} event
+ */
 sw.addEventListener('activate', (event) => {
   if (isDev) console.log('[SW] Activate event');
+
   event.waitUntil(
     (async () => {
       const tasks = [];
@@ -210,9 +219,7 @@ sw.addEventListener('activate', (event) => {
 });
 
 /**
- * Determine if a request should be skipped by the service worker.
- * Specifically filters out dev/build files, module imports, and source files.
- * Only active in development mode.
+ * Determine if a request should be ignored during development.
  *
  * @param {URL} url
  * @returns {boolean}
@@ -230,13 +237,13 @@ function shouldSkipDevModule(url) {
 }
 
 // 🔹 Fetch event
+/**
+ * @param {FetchEvent} event
+ */
 sw.addEventListener('fetch', (event) => {
   const requestUrl = new URL(event.request.url);
 
-  // ✅ Skip cross-origin requests
   if (requestUrl.origin !== location.origin) return;
-
-  // ✅ Skip internal dev/module files (only in dev)
   if (shouldSkipDevModule(requestUrl)) return;
 
   if (isDev) console.log('[SW] Fetch intercepted:', event.request.url);
@@ -253,12 +260,8 @@ sw.addEventListener('fetch', (event) => {
         if (event.request.mode === 'navigate') {
           const preloadResponse = await event.preloadResponse;
           if (preloadResponse) {
-            if (isDev) {
-              console.log(
-                '[SW] Using preload response for:',
-                event.request.url,
-              );
-            }
+            if (isDev)
+              console.log('[SW] Using preload response:', event.request.url);
             return preloadResponse;
           }
         }
@@ -267,18 +270,17 @@ sw.addEventListener('fetch', (event) => {
           console.log('[SW] Fetching from network:', event.request.url);
 
         return await fetch(event.request);
-      } catch (err) {
-        if (isDev) {
+      } catch (_err) {
+        if (isDev)
           console.warn(
-            '[SW] Fetch failed; offline fallback used:',
+            '[SW] Fetch failed; offline fallback:',
             event.request.url,
-            err,
           );
-        }
 
         if (event.request.mode === 'navigate') {
           const offline = await caches.match('/offline.html');
           if (offline) return offline;
+
           return new Response('<h1>Offline</h1>', {
             headers: { 'Content-Type': 'text/html' },
           });
@@ -289,5 +291,3 @@ sw.addEventListener('fetch', (event) => {
     })(),
   );
 });
-
-// @cspell:ignore precaching

package/static/bin/contact.vcf

@@ -2,11 +2,11 @@ BEGIN:VCARD
 VERSION:3.0
 FN:Scott Lopez
 N:Lopez;Scott
-TEL;TYPE=WORK,PREF=1:(623) 252-4350
+TEL;TYPE=WORK,PREF=1:(602) 428-5300
 EMAIL;TYPE=WORK:support@netwk.pro
 EMAIL;TYPE=Secure:business@s.neteng.pro
 ADR;TYPE=WORK:;;Peoria\, AZ 85382\nUS
 ORG:Network Pro Strategies
-TITLE:Network Engineer
+TITLE:Network Engineer and Consultant
 URL:https://netwk.pro
 END:VCARD

package/static/sitemap.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!-- Sitemap last updated 2025-11-09 -->
+<!-- Sitemap last updated 2025-12-11 -->
 
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
 
@@ -7,7 +7,7 @@
 
     <loc>https://netwk.pro</loc>
 
-    <lastmod>2025-11-09</lastmod>
+    <lastmod>2025-12-11</lastmod>
 
     <changefreq>weekly</changefreq>
 

package/tests/unit/server/internal/ssrBoundary.test.js

@@ -0,0 +1,107 @@
+/* ==========================================================================
+tests/unit/server/ssrBoundary.test.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * @file ssrBoundary.test.js
+ * @description Checks for improper usage of Node
+ * @module tests/unit/server/internal
+ * @author Scott Lopez
+ * @updated 2025-12-11
+ */
+
+// @vitest-environment node
+
+import fs from 'fs/promises';
+import { globby } from 'globby';
+
+// Node-only modules that cannot appear in client-visible code
+const NODE_ONLY_IMPORTS = [
+  'fs',
+  'path',
+  'url',
+  'crypto',
+  'os',
+  'child_process',
+  'module',
+  'jsdom',
+];
+
+// Files in these locations are ALWAYS allowed to use Node-only modules
+const SERVER_ONLY_ALLOWLIST = [
+  'src/lib/server/',
+  '/server/',
+  '+server.js',
+  '+server.ts',
+  '.test.',
+  '.spec.',
+  'vitest.config',
+  'playwright.config',
+];
+
+function isServerOnlyFile(filePath) {
+  return SERVER_ONLY_ALLOWLIST.some((key) => filePath.includes(key));
+}
+
+// Regex helpers
+function createStaticImportRegex(moduleName) {
+  return new RegExp(`import\\s+[^;]*['"]${moduleName}['"]`);
+}
+
+function createDynamicImportRegex(moduleName) {
+  return new RegExp(`import\\(['"]${moduleName}['"]\\)`);
+}
+
+function hasSSRGuard(text) {
+  // Basic detection of SSR guard presence
+  // Stronger variants are possible, but this avoids false positives
+  return /import\.meta\.env\.SSR/.test(text);
+}
+
+test('no Node-only modules leak into client-visible modules', async () => {
+  const files = await globby([
+    'src/**/*.{js,ts,svelte}',
+    '!src/lib/server/**', // ignore server-only utilities
+    '!**/*.test.*',
+    '!**/*.spec.*',
+  ]);
+
+  const violations = [];
+
+  for (const file of files) {
+    if (isServerOnlyFile(file)) continue;
+
+    const text = await fs.readFile(file, 'utf8');
+
+    for (const mod of NODE_ONLY_IMPORTS) {
+      const staticMatch = createStaticImportRegex(mod).test(text);
+      const dynamicMatch = createDynamicImportRegex(mod).test(text);
+
+      if (!staticMatch && !dynamicMatch) continue;
+
+      // If SSR guarded, allow it
+      if (hasSSRGuard(text)) continue;
+
+      violations.push({
+        file,
+        module: mod,
+      });
+    }
+  }
+
+  if (violations.length > 0) {
+    const formatted = violations
+      .map((v) => `❌ ${v.module} imported in ${v.file}`)
+      .join('\n');
+
+    throw new Error(
+      'SSR boundary violations detected:\n' +
+        formatted +
+        '\n\nTo fix: move to src/lib/server/, or wrap the import in import.meta.env.SSR.',
+    );
+  }
+});

package/static/CNAME

@@ -1 +0,0 @@
-netwk.pro