@networkpro/web 1.25.5 → 1.25.7

package/.github/workflows/probely-scan.yml

@@ -21,31 +21,50 @@ jobs:
 
     env:
       PROBELY_API_KEY: ${{ secrets.PROBELY_API_KEY }}
-      TARGET_ID: 3by8xa6kzArN
-      API_BASE: https://api.probely.com/v2 # Always include /v2
+      TARGET_ID: ${{ secrets.PROBELY_TARGET_ID }}
+      API_BASE: https://api.probely.com
       MAX_WAIT_MINUTES: 60 # configurable
 
     steps:
       - name: Start Probely Scan
         id: start-scan
         run: |
+          curl_retry() {
+            curl --fail-with-body --retry 3 --retry-delay 5 --retry-max-time 30 "$@"
+          }
+
           echo "🧪 Triggering Probely scan for target $TARGET_ID ..."
-          response=$(curl -s -X POST "$API_BASE/targets/$TARGET_ID/scans/" \
+
+          response_file=$(mktemp)
+          http_code=$(curl_retry -s -w "%{http_code}" -o "$response_file" -X POST "$API_BASE/targets/$TARGET_ID/scan_now/" \
             -H "Authorization: JWT $PROBELY_API_KEY" \
             -H "Content-Type: application/json" \
             -d '{}')
 
-          echo "Raw API response:"
-          echo "$response" | jq .
+          echo "🌐 HTTP status: $http_code"
+          echo "📄 Raw API response:"
+          cat "$response_file"
+
+          if [ "$http_code" -ne 201 ]; then
+            echo "::error ::Unexpected HTTP response from Probely API: $http_code"
+            exit 1
+          fi
+
+          if ! jq . "$response_file" >/dev/null 2>&1; then
+            echo "::error ::Invalid JSON response from Probely API."
+            cat "$response_file"
+            exit 1
+          fi
 
-          scan_id=$(echo "$response" | jq -r '.id // empty')
+          jq . "$response_file"
+          scan_id=$(jq -r '.id // empty' "$response_file")
 
           if [ -z "$scan_id" ]; then
-            echo "::error ::Failed to start scan — check API key, target ID, or base URL."
+            echo "::error ::Scan ID not found in response. Check API key, target ID, or base URL."
             exit 1
           fi
 
-          echo "scan_id=$scan_id" >> $GITHUB_ENV
+          echo "scan_id=$scan_id" >> "$GITHUB_ENV"
           echo "✅ Scan started with ID: $scan_id"
 
       - name: Wait for Scan Completion
@@ -53,7 +72,7 @@ jobs:
           echo "⏳ Waiting for scan $scan_id to complete..."
           elapsed=0
           while [ $elapsed -lt $((MAX_WAIT_MINUTES * 60)) ]; do
-            status=$(curl -s "$API_BASE/scans/$scan_id/" \
+            status=$(curl --fail-with-body -s "$API_BASE/targets/$TARGET_ID/scans/$scan_id/" \
               -H "Authorization: JWT $PROBELY_API_KEY" | jq -r '.status // empty')
 
             echo "⏱️  Status: $status (elapsed $elapsed sec)"
@@ -78,18 +97,19 @@ jobs:
       - name: Download Probely HTML Report
         run: |
           echo "📥 Downloading report for scan $scan_id ..."
-          curl -s "$API_BASE/scans/$scan_id/report/" \
+          curl -s "$API_BASE/targets/$TARGET_ID/scans/$scan_id/endpoints/" \
             -H "Authorization: JWT $PROBELY_API_KEY" \
-            -o probely-report.html
+            -o probely-scan-coverage.csv
 
-          if [ ! -s probely-report.html ]; then
+          if [ ! -s probely-scan-coverage.csv ]; then
             echo "::error ::Report file is empty or missing."
             exit 1
           fi
-          echo "✅ Report saved as probely-report.html"
+          echo "✅ Report saved as probely-scan-coverage.csv"
 
       - name: Upload report artifact
         uses: actions/upload-artifact@v5
         with:
-          name: probely-report
-          path: probely-report.html
+          name: probely-scan-coverage
+          path: probely-scan-coverage.csv
+# cspell:ignore mktemp

package/.vscode/settings.json

@@ -41,40 +41,5 @@
   "css.customData": [
     ".vscode/customData.json" // Path to your custom data file
   ],
-  "markdown.validate.enabled": false,
-  "markdown.validate.ignoredLinks": [
-    "#bugs",
-    "#features",
-    "#top",
-    "#ownership",
-    "#trademark",
-    "#branding",
-    "#licensed-material",
-    "#licenses",
-    "#dlnotes",
-    "#cc-by",
-    "#gnu-gpl",
-    "#third-party",
-    "#prohibited-uses",
-    "#disclaimer",
-    "#contact",
-    "#revisions",
-    "#pledge",
-    "#standards",
-    "#response",
-    "#enforce",
-    "#attribute",
-    "#version",
-    "#structure",
-    "#getting-started",
-    "#configuration",
-    "#sw-utilities",
-    "#cspreport",
-    "#testing",
-    "#toolchain",
-    "#toolconfig",
-    "#scripts",
-    "#license",
-    "#questions"
-  ]
+  "markdown.validate.enabled": false
 }

package/CHANGELOG.md

@@ -22,6 +22,74 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.25.7] - 2025-11-11
+
+### Added
+
+- Introduced `src/lib/security/probely.js` helper module to detect Probely vulnerability scanner requests via normalized IP and User-Agent matching.
+  - Supports case-insensitive substring matching for known Probely UA fragments (`ProbelySPDR/`, etc.).
+  - IP allowlisting based on published ranges: <https://help.probely.com/en/articles/5112461/>
+- Added unit test suite `tests/unit/server/lib/security/probely.test.js` to verify robustness of `isProbelyScanner()` logic against UA/IP variations and edge cases.
+
+### Changed
+
+- Updated `hooks.server.js` to integrate `isProbelyScanner()` as a drop-in replacement for inline Probely detection logic, improving clarity and testability.
+- Contact details and motto updated in `static/.well-known/humans.txt`.
+- Refreshed last modified dates in `static/sitemap.xml`.
+- Minor cosmetic changes to `static/robots.txt`.
+- Corrected fallback metadata in `+layout.svelte`.
+- Removed inline styles from `src/lib/components/PWAInstallButton.svelte` and `src/lib/components/foss/FossFeatures.svelte`.
+  - Moved styles to `src/lib/styles/css/default.css`.
+  - Regenerated `global.min.css` bundle with LightningCSS.
+- Minor optimizations and cleanup to several files:
+  - `src/lib/components/RedirectPage.svelte`
+  - `src/lib/components/layout/Footer.svelte`
+  - `src/lib/pages/AboutContent.svelte`
+  - `src/lib/pages/TermsConditionsContent.svelte`
+  - `src/lib/pages/TermsUseContent.svelte`
+  - `src/routes/contact/+page.svelte`
+  - `src/routes/posts/+page.svelte`
+  - `src/routes/privacy-rights/+page.svelte`
+- Bumped project version to `v1.25.7`.
+- Updated dependencies:
+  - `autoprefixer` `^10.4.21` → `^10.4.22`
+  - `browserslist` `^4.27.0` → `^4.28.0`
+  - `svelte` `5.43.3` → `5.43.6`
+  - `svelte-check` `^4.3.3` → `^4.3.4`
+  - `posthog-js` `^1.285.1` → `^1.290.0`
+  - `vite` `^7.1.12` → `^7.2.2`
+
+---
+
+## [1.25.6] - 2025-11-04
+
+### Security
+
+- Hardened `Content-Security-Policy (CSP)` in `hooks.server.js`:
+  - Environment-specific policies for `production`, `audit`, `dev`, and `test`
+  - Added real CSP reporting endpoint (`csp.netwk.pro`) in production
+  - Report-only mode enabled in non-prod for safer diagnostics
+- Added `/api/mock-csp` endpoint to capture and log CSP violation reports in non-prod environments
+
+### Changed
+
+- Updated `README.md` with detailed explanation of the CSP enforcement strategy and future nonce-based roadmap
+- Moved inline styles from `Badges.svelte` and `Logo.svelte` to external stylesheet (`default.css`)
+- Regenerated `global.min.css` using LightningCSS to reflect updated external styles
+- Bumped project version to `v1.25.6`
+- Updated dependencies:
+  - `@eslint/js` `^9.39.0` → `^9.39.1`
+  - `eslint` `^9.39.0` → `^9.39.1`
+  - `eslint-plugin-jsdoc` `^61.1.11` → `^61.1.12`
+  - `svelte` `5.43.2` → `5.43.3`
+  - `posthog-js` `^1.284.0` → `^1.285.1`
+
+### Fixed
+
+- Updated `probely-scan.yml` GitHub workflow to utilize the correct API endpoint and cURL requests.
+
+---
+
 ## [1.25.5] - 2025-11-03
 
 ### Added
@@ -1702,7 +1770,9 @@ This enables analytics filtering and CSP hardening for the audit environment.
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.5...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.7...HEAD
+[1.25.7]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.7
+[1.25.6]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.6
 [1.25.5]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.5
 [1.25.4]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.4
 [1.25.3]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.3

package/README.md

@@ -173,23 +173,55 @@ This project includes custom runtime configuration files for enhancing security,
 
 ### 🔐 `hooks.server.js`
 
-Located at `src/hooks.server.js`, this file is responsible for injecting dynamic security headers. It includes:
+Located at `src/hooks.server.js`, this file dynamically injects security headers depending on the environment. It includes:
+
+- A **Content Security Policy (CSP)** with environment-based directives:
+  - **Production/Audit**: Enforced, hardened CSP
+  - **Test/Dev**: Uses `Content-Security-Policy-Report-Only` for safe diagnostics
+- A **Permissions Policy** that disables nonessential browser APIs
+- Standard HTTP security headers:
+  - `X-Content-Type-Options`
+  - `X-Frame-Options`
+  - `Referrer-Policy`
+  - `Strict-Transport-Security` (in non-test environments)
 
-- A Content Security Policy (CSP) configured with relaxed directives to permit inline scripts and styles (`'unsafe-inline'`)
-- A Permissions Policy to explicitly disable unnecessary browser APIs
-- Standard security headers such as `X-Content-Type-Options`, `X-Frame-Options`, and `Referrer-Policy`
+---
+
+### ⚙️ CSP Behavior by Environment
+
+| Environment  | Header                                | Analytics Enabled | CSP Reporting |
+| ------------ | ------------------------------------- | ----------------- | ------------- |
+| `production` | `Content-Security-Policy`             | ✅ Yes            | ✅ Yes        |
+| `audit`      | `Content-Security-Policy`             | ❌ No             | ❌ No         |
+| `dev`        | `Content-Security-Policy-Report-Only` | ❌ No             | ✅ Yes (mock) |
+| `test`       | `Content-Security-Policy-Report-Only` | ❌ No             | ✅ Yes (mock) |
+
+---
+
+### 🧪 Reporting & Debugging
 
-> ℹ️ A stricter CSP (excluding `'unsafe-inline'`) was attempted but reverted due to framework-level and third-party script compatibility issues. The current policy allows inline scripts to ensure stability across SvelteKit and analytics features such as PostHog.
+- In **non-production environments**, CSP headers are set to `report-only` mode.
+- Violations are POSTed to `/api/mock-csp`, which logs reports to the console.
+- In **production**, violations are sent to a real CSP collection endpoint (`https://csp.netwk.pro/.netlify/functions/csp-report`).
+
+---
+
+### ⚠️ Current Trade-Off
+
+> Due to limitations in PostHog and certain SvelteKit internals, the current policy allows `'unsafe-inline'` for scripts and styles. A strict CSP using nonces was previously attempted but blocked critical functionality.
+
+---
 
-#### Future Improvements
+### 📈 Future Improvements (Strict CSP Plan)
 
-To implement a strict nonce-based CSP in the future:
+To move toward a strict, nonce-based CSP:
 
-1. Add nonce generation and injection logic in `hooks.server.js`
-2. Update all inline `<script>` tags (e.g. in `app.html`) to include `nonce="__cspNonce__"`
-3. Ensure any analytics libraries or dynamic scripts support nonced or external loading
+1. Ensure **all inline scripts** are updated to include injected nonces (`nonce="%nonce%"`)
+2. Confirm **PostHog** or future analytics platforms support nonced or external scripts/stylesheets
+3. Review and refactor any components that rely on dynamic `style=` or `<style>` blocks without support for CSP nonces
+4. Move third-party scripts out of inline `<script>` tags where possible
 
-Note: Strict CSP adoption may require restructuring third-party integrations and deeper framework coordination.
+> ℹ️ Nonce-based CSP is the most secure long-term path but requires cooperation from all dependencies — and possibly upstream fixes to analytics tooling or SvelteKit itself.
 
 &nbsp;
 

package/cspell.json

@@ -69,12 +69,14 @@
     "precaching",
     "prefs",
     "Probely",
+    "probelyspdr",
     "publickey",
     "reconsent",
     "sarif",
     "serv",
     "shizuku",
     "SIEM",
+    "SPDR",
     "SPDY",
     "squircle",
     "stylelintignore",

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.25.5",
+  "version": "1.25.7",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -85,13 +85,13 @@
   },
   "dependencies": {
     "dompurify": "^3.3.0",
-    "posthog-js": "^1.284.0",
+    "posthog-js": "^1.290.0",
     "semver": "^7.7.3",
-    "svelte": "5.43.2"
+    "svelte": "5.43.6"
   },
   "devDependencies": {
     "@eslint/compat": "^1.4.1",
-    "@eslint/js": "^9.39.0",
+    "@eslint/js": "^9.39.1",
     "@lhci/cli": "^0.15.1",
     "@playwright/test": "^1.56.1",
     "@sveltejs/adapter-vercel": "^6.1.1",
@@ -100,11 +100,11 @@
     "@testing-library/jest-dom": "^6.9.1",
     "@testing-library/svelte": "^5.2.8",
     "@vitest/coverage-v8": "3.2.4",
-    "autoprefixer": "^10.4.21",
-    "browserslist": "^4.27.0",
-    "eslint": "^9.39.0",
+    "autoprefixer": "^10.4.22",
+    "browserslist": "^4.28.0",
+    "eslint": "^9.39.1",
     "eslint-config-prettier": "^10.1.8",
-    "eslint-plugin-jsdoc": "^61.1.11",
+    "eslint-plugin-jsdoc": "^61.1.12",
     "eslint-plugin-svelte": "^3.13.0",
     "globals": "^16.5.0",
     "jsdom": "26.1.0",
@@ -121,11 +121,11 @@
     "stylelint-config-html": "^1.1.0",
     "stylelint-config-recommended": "^17.0.0",
     "stylelint-order": "^7.0.0",
-    "svelte-check": "^4.3.3",
+    "svelte-check": "^4.3.4",
     "svelte-eslint-parser": "^1.4.0",
     "svelte-preprocess": "^6.0.3",
     "typescript": "^5.9.3",
-    "vite": "^7.1.12",
+    "vite": "^7.2.2",
     "vite-plugin-devtools-json": "^1.0.0",
     "vite-plugin-lightningcss": "^0.0.5",
     "vite-tsconfig-paths": "^5.1.4",

package/src/hooks.server.js

@@ -6,6 +6,7 @@ SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
 This file is part of Network Pro.
 ========================================================================== */
 
+import { isProbelyScanner } from '$lib/security/probely.js';
 import { detectEnvironment } from '$lib/utils/env.js';
 
 /**
@@ -13,30 +14,41 @@ import { detectEnvironment } from '$lib/utils/env.js';
  * @type {import('@sveltejs/kit').Handle}
  */
 export async function handle({ event, resolve }) {
+  /**
+   * 🔍 Probely scanner allowlisting
+   * - Robust UA check (case‑insensitive)
+   * - Normalized X‑Forwarded‑For parsing
+   * - Avoids false positives
+   * @see https://help.probely.com/en/articles/5112461/
+   */
+
+  /** @type {string} */
+  const userAgent = event.request.headers.get('user-agent') || '';
+
+  /** @type {string} */
+  const remoteIp =
+    event.request.headers.get('x-forwarded-for')?.split(',')[0]?.trim() || '';
+
+  const isProbely = isProbelyScanner({ ua: userAgent, ip: remoteIp });
+
+  if (isProbely) {
+    console.info('[Probely Bypass] Matched scanner request:', {
+      ip: remoteIp,
+      ua: userAgent,
+    });
+  }
   const response = await resolve(event);
 
   const env = detectEnvironment(event.url.hostname);
-  const { isAudit, isDebug, isTest, isProd, mode, effective } = env;
-
-  // Show logs in dev only
-  if (isDebug) {
-    console.log('[CSP Debug ENV]', {
-      mode,
-      effective,
-      hostname: event.url.hostname,
-      isAudit,
-      isTest,
-      isProd,
-    });
-  }
+  const { isAudit, isDebug, isTest, isProd } = env;
 
-  // Determine report URI
   const reportUri =
     isProd && !isTest && !isAudit
       ? 'https://csp.netwk.pro/.netlify/functions/csp-report'
       : '/api/mock-csp';
 
-  // Base hardened policy
+  console.log('[CSP] Report URI set to:', reportUri);
+
   const cspDirectives = [
     "default-src 'self';",
     "script-src 'self' 'unsafe-inline' https://us.i.posthog.com https://us-assets.i.posthog.com;",
@@ -69,8 +81,10 @@ export async function handle({ event, resolve }) {
     cspDirectives[4] = "connect-src 'self';";
   }
 
-  // 📋 Attach CSP report directives ONLY in production
-  if (isProd && !isAudit && !isTest) {
+  // 📋 Add reporting for environments that support it
+  const shouldReport = !isAudit && !isTest;
+
+  if (shouldReport) {
     cspDirectives.push(`report-uri ${reportUri};`, 'report-to csp-endpoint;');
 
     response.headers.set(
@@ -84,8 +98,20 @@ export async function handle({ event, resolve }) {
     );
   }
 
-  // ✅ Apply final CSP
-  response.headers.set('Content-Security-Policy', cspDirectives.join(' '));
+  // ✅ Apply CSP — enforce in prod or audit, report-only in dev/test
+  const cspHeader =
+    (isProd || isAudit) && !isTest
+      ? 'Content-Security-Policy'
+      : 'Content-Security-Policy-Report-Only';
+
+  response.headers.set(cspHeader, cspDirectives.join(' '));
+
+  // Log applied CSP headers in debug/audit/test
+  if (isDebug || isAudit) {
+    console.info(`[CSP] Applied header: ${cspHeader}`);
+    console.info(`[CSP] Policy:`, cspDirectives.join(' '));
+    console.info(`[CSP] Reporting to: ${reportUri}`);
+  }
 
   // Standard security headers
   response.headers.set(

package/src/lib/components/Badges.svelte

@@ -29,8 +29,6 @@ This file is part of Network Pro.
    * @property {string} src - The source URL of the badge image.
    * @property {string} alt - The alt text for the badge image.
    * @property {string} [class] - The CSS class for styling the badge (optional).
-   * @property {string} width - The width of the badge (CSS value).
-   * @property {string} height - The height of the badge (CSS value).
    */
 
   /**
@@ -42,15 +40,13 @@ This file is part of Network Pro.
       href: ccbyLink,
       src: ccBadge,
       alt: 'Creative Commons BY',
-      width: '160px',
-      height: '24px',
+      class: 'badge badge--cc',
     },
     {
       href: gplLink,
       src: gplBadge,
       alt: 'GPL 3.0 or Later',
-      width: '120px',
-      height: '24px',
+      class: 'badge badge--gpl',
     },
   ];
 </script>
@@ -68,8 +64,7 @@ This file is part of Network Pro.
                 loading="lazy"
                 src={badge.src}
                 alt={badge.alt}
-                style:width={badge.width}
-                style:height={badge.height} />
+                class={badge.class} />
             </a>
           </td>
         {/each}

package/src/lib/components/Logo.svelte

@@ -7,9 +7,12 @@ This file is part of Network Pro.
 ========================================================================== -->
 
 <script>
+  import { CONSTANTS } from '$lib';
   // Import logo images
   import { logoPng, logoWbp } from '$lib';
 
+  const { COMPANY_INFO } = CONSTANTS;
+
   /**
    * Decoding mode for the image.
    * @type {"sync" | "async" | "auto"}
@@ -23,16 +26,16 @@ This file is part of Network Pro.
   export let loading = 'eager';
 
   /**
-   * CSS class for the logo image.
+   * Optional extra CSS classes for the logo image.
    * @type {string}
    */
-  export let className = 'logo';
+  export let className = '';
 
   /**
    * Alt text for the logo image.
    * @type {string}
    */
-  export let alt = 'Network Pro Strategies';
+  export let alt = COMPANY_INFO.NAME;
 
   /**
    * First part of the company slogan.
@@ -58,18 +61,6 @@ This file is part of Network Pro.
    */
   export let showTagline = true;
 
-  /**
-   * Width of the logo in pixels.
-   * @type {string}
-   */
-  export let width = '250px';
-
-  /**
-   * Height of the logo in pixels.
-   * @type {string}
-   */
-  export let height = '250px';
-
   /**
    * Fetch priority for the logo image.
    * @type {"high" | "low" | "auto"}
@@ -83,12 +74,10 @@ This file is part of Network Pro.
   <img
     {decoding}
     {loading}
-    class={className}
+    class={`logo${className ? ` ${className}` : ''}`}
     src={logoPng}
     {alt}
-    {fetchpriority}
-    style:width
-    style:height />
+    {fetchpriority} />
 </picture>
 
 {#if showSlogan}

package/src/lib/components/PWAInstallButton.svelte

@@ -48,38 +48,9 @@ This file is part of Network Pro.
 {#if show}
   <button
     id="pwa-install"
-    class="install-button"
+    class="pwa-install-button"
     on:click={promptInstall}
     transition:fade={{ duration: 600 }}>
     Install App
   </button>
 {/if}
-
-<style>
-  .install-button {
-    display: block;
-    padding: 0.5rem 1rem;
-    border: none;
-    box-shadow: 0 2px 4px rgba(0, 0, 0, 0.2);
-    font-size: 1rem;
-    font-weight: bold;
-    color: #000;
-    background-color: #ffc627;
-    transition: background-color 0.2s ease-in-out;
-    border-radius: 6px;
-    cursor: pointer;
-    font-family: inherit;
-    margin-left: auto;
-    margin-right: auto;
-    margin-top: 1rem;
-  }
-
-  .install-button:hover {
-    background-color: #e6b300;
-  }
-
-  .install-button:focus {
-    outline: 2px solid #000;
-    outline-offset: 2px;
-  }
-</style>

package/src/lib/components/RedirectPage.svelte

@@ -9,7 +9,7 @@ This file is part of Network Pro.
 <script>
   import { onMount } from 'svelte';
   import { redirectWithBrowserAwareness } from '$lib/utils/redirect.js';
-  import FullWidthSection from '$lib/components/FullWidthSection.svelte';
+  import { FullWidthSection } from '$lib/components';
 
   export let to;
   export let rel = ''; // Accepts optional rel value

package/src/lib/components/foss/FossFeatures.svelte

@@ -16,7 +16,7 @@ This file is part of Network Pro.
 
 <!-- BEGIN FOSS FEATURES -->
 {#if features && features.length > 0}
-  <ul>
+  <ul class="foss-features">
     {#each features as feature, index}
       <li class="emoji">
         {#if index === 0}
@@ -40,16 +40,3 @@ This file is part of Network Pro.
 {/if}
 
 <!-- END FOSS FEATURES -->
-
-<style>
-  ul {
-    margin: 0;
-    list-style-type: none;
-    padding-left: 0;
-  }
-
-  ul li {
-    font-weight: 600;
-    margin-bottom: 0.5em;
-  }
-</style>

package/src/lib/components/layout/Footer.svelte

@@ -8,7 +8,6 @@ This file is part of Network Pro.
 
 <script>
   import { base } from '$app/paths';
-  // Import icons for licenses
   import { bySvg, ccSvg } from '$lib';
   import { CONSTANTS } from '$lib';
 

package/src/lib/pages/AboutContent.svelte

@@ -56,12 +56,6 @@ This file is part of Network Pro.
    */
   const loading = 'lazy';
 
-  /**
-   * CSS class for styled horizontal rule
-   * @type {string}
-   */
-  const hrStyle = 'hr-styled';
-
   /**
    * Navigation links for the page
    * @type {Array<{
@@ -241,7 +235,7 @@ This file is part of Network Pro.
 
 <div class="spacer"></div>
 
-<hr class={hrStyle} />
+<hr class="hr-styled" />
 
 <div class="spacer"></div>
 

package/src/lib/pages/TermsConditionsContent.svelte

@@ -21,7 +21,7 @@ This file is part of Network Pro.
    * URL to Terms of Use page, using the base path
    * @type {string}
    */
-  const termsLink = `${base}/terms-of-use/`;
+  const termsLink = `${base}/terms-of-use`;
 
   /**
    * Markdown version of the Terms and Conditions document

package/src/lib/pages/TermsUseContent.svelte

@@ -6,8 +6,6 @@ SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
 This file is part of Network Pro.
 ========================================================================== -->
 
-<!-- cspell:ignore tandc -->
-
 <script>
   import { base } from '$app/paths';
   import { CONSTANTS } from '$lib';
@@ -15,7 +13,7 @@ This file is part of Network Pro.
   // Log the base path to verify its value
   //console.log("Base path:", base);
 
-  console.log(CONSTANTS.COMPANY_INFO.APP_NAME);
+  //console.log(CONSTANTS.COMPANY_INFO.APP_NAME);
 
   const { COMPANY_INFO, PAGE, NAV } = CONSTANTS;
 
@@ -227,11 +225,12 @@ This file is part of Network Pro.
   <p class="bquote">
     <strong>Note:</strong> For more details regarding our privacy practices,
     refer to our
-    <a rel={PAGE.REL} href={privacyLink} target={PAGE.SELF}>Privacy Policy</a>.
-    For licensing terms and content usage rights, please visit our
-    <a rel={PAGE.REL} href={licenseLink} target={PAGE.SELF}
-      >Legal, Copyright, and Licensing</a>
+    <a href={privacyLink} target={PAGE.SELF}>Privacy Policy</a>. For licensing
+    terms and content usage rights, please visit our
+    <a href={licenseLink} target={PAGE.SELF}>Legal, Copyright, and Licensing</a>
     page.
   </p>
 </section>
 <!-- END TERMS OF USE -->
+
+<!-- cspell:ignore tandc -->

package/src/lib/security/probely.js

@@ -0,0 +1,47 @@
+/* ==========================================================================
+src/lib/security/probely.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * @file probely.js
+ * @description Determines whether a request originates from the Probely
+ * security scanner, based on its User-Agent string or known source IP address.
+ * @module tests/security
+ * @author Scott Lopez
+ * @updated 2025-11-11
+ */
+
+/** @typedef {{ ua: string, ip: string }} ScannerInput */
+
+/**
+ * Check if a request is likely from Probely.
+ * @param {ScannerInput} input
+ * @returns {boolean} - True if the request matches Probely’s fingerprint.
+ */
+export function isProbelyScanner({ ua, ip }) {
+  const PROBELY_UA_FRAGMENT = 'probelyspdr/';
+  const PROBELY_IPS = [
+    '18.235.241.170',
+    '52.65.214.19',
+    '13.237.213.25',
+    '52.19.40.38',
+    '44.205.45.120',
+    '3.104.172.219',
+    '13.211.189.220',
+    '52.16.191.244',
+  ];
+
+  if (!ua && !ip) return false;
+
+  const normalizedUA = ua?.toLowerCase() ?? '';
+  const normalizedIP = ip?.trim() ?? '';
+
+  return (
+    normalizedUA.includes(PROBELY_UA_FRAGMENT) ||
+    PROBELY_IPS.includes(normalizedIP)
+  );
+}

package/src/lib/styles/css/default.css

@@ -396,6 +396,8 @@ footer .container {
 
 .logo {
   display: block;
+  width: var(--logo-width, 250px);
+  height: var(--logo-height, 250px);
   margin-left: auto;
   margin-right: auto;
 }
@@ -709,3 +711,58 @@ footer .container {
 #toc a:hover {
   text-decoration: underline;
 }
+
+.badge {
+  display: inline-block;
+  height: 24px;
+}
+
+.badge--cc {
+  width: 160px;
+}
+
+.badge--gpl {
+  width: 120px;
+}
+
+/* From PWAInstallButton.svelte */
+
+.pwa-install-button {
+  display: block;
+  padding: 0.5rem 1rem;
+  border: none;
+  box-shadow: 0 2px 4px rgba(0, 0, 0, 0.2);
+  font-size: 1rem;
+  font-weight: bold;
+  color: #000;
+  background-color: #ffc627;
+  transition: background-color 0.2s ease-in-out;
+  border-radius: 6px;
+  cursor: pointer;
+  font-family: inherit;
+  margin-left: auto;
+  margin-right: auto;
+  margin-top: 1rem;
+}
+
+.pwa-install-button:hover {
+  background-color: #e6b300;
+}
+
+.pwa-install-button:focus {
+  outline: 2px solid #000;
+  outline-offset: 2px;
+}
+
+/* From FossFeatures.svelte */
+
+.foss-features {
+  margin: 0;
+  list-style-type: none;
+  padding-left: 0;
+}
+
+.foss-features li {
+  font-weight: 600;
+  margin-bottom: 0.5em;
+}

package/src/lib/styles/global.min.css

@@ -3,4 +3,4 @@ Copyright © 2025 Network Pro Strategies (Network Pro™)
 SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
 This file is part of Network Pro.
 ========================================================================== */
-html{-webkit-text-size-adjust:100%}body{margin:0}main{display:block}h1{margin:.67em 0;font-size:2em}hr{box-sizing:content-box}pre{font-family:monospace;font-size:1em}a{background-color:#0000}abbr[title]{border-bottom:none;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace;font-size:1em}small{font-size:80%}sub,sup{vertical-align:baseline;font-size:75%;line-height:0;position:relative}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:100%;line-height:1.15}button,input{overflow:visible}button,select{text-transform:none}button,[type=button],[type=reset],[type=submit]{-webkit-appearance:button;appearance:button}button::-moz-focus-inner,[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner{border-style:none;padding:0}button:-moz-focusring,[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring{outline:1px dotted buttontext}fieldset{padding:.35em .75em .625em}legend{color:inherit;box-sizing:border-box;white-space:normal;max-width:100%;padding:0;display:table}progress{vertical-align:baseline}textarea{overflow:auto}[type=checkbox],[type=radio]{box-sizing:border-box;padding:0}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{font:inherit;-webkit-appearance:button}details{display:block}summary{display:list-item}template{display:none}html{color:#222;scroll-behavior:smooth;font-size:1em;line-height:1.4}::-moz-selection{text-shadow:none;background:#191919}::selection{text-shadow:none;background:#191919}hr{border:0;border-top:1px solid #ccc;height:1px;margin:1em 0;padding:0;display:block;overflow:visible}audio,canvas,iframe,img,svg,video{vertical-align:middle}fieldset{border:0;margin:0;padding:0}textarea{resize:vertical}body{color:#fafafa;background-color:#191919;margin:10px;font-family:Arial,Helvetica,sans-serif}a{text-decoration:none}a:link{color:#ffc627}a:hover,a:active{color:#ffc627;text-decoration:underline}a:focus{color:#111;background-color:#ffc627}a:visited,a:visited:hover{color:#cba557}a:visited:focus,a:visited:focus-visible{color:#111!important}.hidden,[hidden]{display:none!important}.visually-hidden{clip:rect(0,0,0,0);white-space:nowrap;border:0;width:1px;height:1px;margin:-1px;padding:0;position:absolute;overflow:hidden}.visually-hidden.focusable:active,.visually-hidden.focusable:focus{clip:auto;width:auto;height:auto;white-space:inherit;margin:0;position:static;overflow:visible}.invisible{visibility:hidden}.clearfix:before,.clearfix:after{content:"";display:table}.clearfix:after{clear:both}@media print{*,:before,:after{color:#000!important;box-shadow:none!important;text-shadow:none!important;background:#fff!important}a,a:visited{text-decoration:underline}a[href]:after{content:" (" attr(href)")"}abbr[title]:after{content:" (" attr(title)")"}a[href^=\#]:after,a[href^=javascript\:]:after{content:""}pre{white-space:pre-wrap!important}pre,blockquote{break-inside:avoid;border:1px solid #999}tr,img{break-inside:avoid}p,h2,h3{orphans:3;widows:3}h2,h3{break-after:avoid}}.full-width-section{background-position:50%;background-size:cover;width:100%;max-width:1920px;margin:0 auto}.container{max-width:1200px;margin:0 auto;padding:0 12px}.readable{max-width:900px;margin:0 auto}header,footer{width:100%}header .container,footer .container{max-width:1200px;margin:0 auto;padding:20px 12px}.gh{border-collapse:collapse;border-spacing:0;margin:0 auto}.gh td,.gh th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.gh .gh-tcell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.gh,.gh col{width:auto!important}.gh-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.soc{border-collapse:collapse;border-spacing:0;margin:0 auto}.soc td,.soc th{border-collapse:collapse;word-break:normal;padding:8px;overflow:hidden}.soc .soc-fa{text-align:center;vertical-align:middle}@media screen and (width<=767px){.soc,.soc col{width:auto!important}.soc-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.foss{border-collapse:collapse;border-spacing:0}.foss td,.foss th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.foss .foss-cell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.foss,.foss col{width:auto!important}.foss-wrap{-webkit-overflow-scrolling:touch;overflow-x:auto}}.bnav{text-align:center;border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav td,.bnav th{text-align:center;vertical-align:middle;word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav .bnav-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav,.bnav col{width:auto!important}.bnav-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.bnav2{border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav2 td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav2 th{word-break:normal;border-style:none;padding:12px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.bnav2 .bnav2-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav2,.bnav2 col{width:auto!important}.bnav2-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.pgp{border-collapse:collapse;border-spacing:0;margin:0 auto}.pgp td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp th{word-break:normal;border:1px solid #000;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp .pgp-col1{text-align:right;vertical-align:middle;padding-right:1rem}.pgp .pgp-col2{text-align:left;vertical-align:middle;padding-left:1rem}@media screen and (width<=767px){.pgp,.pgp col{width:auto!important}.pgp-wrap{-webkit-overflow-scrolling:touch;margin:2rem 0 auto;overflow-x:auto}}#service-summary{color:#e6e6e6;margin-top:2rem;margin-bottom:2.5rem}.service-table{color:#e6e6e6;border-collapse:collapse;background-color:#191919;width:100%;font-size:.95rem}.service-table th,.service-table td{text-align:left;vertical-align:top;border-bottom:1px solid #333;padding:.75rem 1rem}.service-table th{color:#ffc627;text-transform:uppercase;background-color:#222;font-size:.85rem;font-weight:600}.service-table a{color:#ffc627;font-weight:500;text-decoration:none}.service-table a:hover{text-decoration:underline}.service-table tr:hover{background-color:#222;transition:background-color .3s,box-shadow .3s;box-shadow:0 0 10px 2px #ffc62740}.service-table tr.selected{background-color:#222;border-left:4px solid #ffc627;transition:background-color .3s,border-left-color .3s}.service-table tr.selected:hover{background-color:#252525;box-shadow:0 0 12px 3px #ffc62759}@media (width<=768px){.service-table{font-size:.9rem}.service-table th,.service-table td{padding:.5rem}}.logo{margin-left:auto;margin-right:auto;display:block}.index-title1{text-align:center;font-style:italic;font-weight:700}.index-title2{letter-spacing:-.015em;text-align:center;font-variant:small-caps;font-size:1.25rem;line-height:1.625rem}.index1{letter-spacing:-.035em;text-align:center;font-style:italic;font-weight:700;line-height:2.125rem}.index2{letter-spacing:-.035em;text-align:center;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.index3{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem}.index4{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem;text-decoration:underline}.subhead{letter-spacing:-.035em;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.bold{font-weight:700}.emphasis{font-style:italic}.uline{text-decoration:underline}.bolditalic{font-style:italic;font-weight:700}.bquote{border-left:3px solid #9e9e9e;margin-left:30px;padding-left:10px;font-style:italic}.small-text{font-size:.75rem;line-height:1.125rem}.large-text-center{text-align:center;font-size:1.25rem;line-height:1.75rem}.prewrap{white-space:pre-wrap;display:block}.hr-styled{width:75%;margin:auto}.center-text{text-align:center}.copyright{text-align:center;font-size:.75rem;line-height:1.125rem}.gold{color:#ffc627}.visited{color:#cba557}.goldseparator{color:#ffc627;margin:0 .5rem}.center-nav{text-align:center;padding:5px;font-size:1rem;line-height:1.5rem}.block{overflow-wrap:break-word;resize:none;white-space:normal;word-break:normal;background:0 0;border:none;border-radius:0;outline:none;width:100%;font-family:monospace;font-size:.875rem;line-height:1.125rem}.full-width-section.centered{flex-direction:column;justify-content:center;min-height:80vh;display:flex}.fingerprint{white-space:pre-line;font-family:monospace;display:block}.pgp-image{width:150px;height:150px}.spacer{margin:2rem 0}.separator{margin:0 .5rem}.emoji{margin-right:8px}.headline{margin-bottom:4px;font-style:italic;font-weight:700;display:block}.label{font-family:inherit;font-weight:700}.description{font-family:inherit;font-style:normal;font-weight:400;display:inline}.sr-only{clip:rect(0,0,0,0);white-space:nowrap;border:0;width:1px;height:1px;margin:-1px;padding:0;position:absolute;overflow:hidden}.pgp-entry{flex-wrap:wrap;align-items:center;gap:2rem;margin-bottom:2rem;display:flex}.pgp-text{flex:2;min-width:250px}.pgp-qr{flex:1;min-width:150px}.obtainium-direct-label{margin:.25rem 0 .75rem;font-weight:700}.obtainium-manual-label{margin-top:.75rem;font-weight:700}.obtainium-img{width:185px;height:55px;margin-bottom:.25rem}.obtainium-margin{margin-left:4px}.obtainium-fa-down{color:#ffc627;margin-left:4px}.obtainium-icon{width:50px;height:50px}.proton-img{width:168px;height:24px}.redirect-text{text-align:center;margin-top:4rem}.redirect-content{text-align:center;margin-top:2rem;font-family:system-ui,sans-serif}.loading-spinner{border:4px solid #ddd;border-top-color:#ffc627;border-radius:50%;width:48px;height:48px;margin:2rem auto;animation:1s linear infinite spin}@keyframes spin{to{transform:rotate(360deg)}}.cc-link{text-decoration:none}.cc-img{vertical-align:text-bottom;margin-left:3px;display:inline-block;height:18px!important}#toc ul{padding-left:1.5rem;list-style-type:disc}#toc a{color:var(--color-primary,#ffc627);text-decoration:none}#toc a:hover{text-decoration:underline}
+html{-webkit-text-size-adjust:100%}body{margin:0}main{display:block}h1{margin:.67em 0;font-size:2em}hr{box-sizing:content-box}pre{font-family:monospace;font-size:1em}a{background-color:#0000}abbr[title]{border-bottom:none;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace;font-size:1em}small{font-size:80%}sub,sup{vertical-align:baseline;font-size:75%;line-height:0;position:relative}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:100%;line-height:1.15}button,input{overflow:visible}button,select{text-transform:none}button,[type=button],[type=reset],[type=submit]{-webkit-appearance:button;appearance:button}button::-moz-focus-inner,[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner{border-style:none;padding:0}button:-moz-focusring,[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring{outline:1px dotted buttontext}fieldset{padding:.35em .75em .625em}legend{color:inherit;box-sizing:border-box;white-space:normal;max-width:100%;padding:0;display:table}progress{vertical-align:baseline}textarea{overflow:auto}[type=checkbox],[type=radio]{box-sizing:border-box;padding:0}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{font:inherit;-webkit-appearance:button}details{display:block}summary{display:list-item}template{display:none}html{color:#222;scroll-behavior:smooth;font-size:1em;line-height:1.4}::-moz-selection{text-shadow:none;background:#191919}::selection{text-shadow:none;background:#191919}hr{border:0;border-top:1px solid #ccc;height:1px;margin:1em 0;padding:0;display:block;overflow:visible}audio,canvas,iframe,img,svg,video{vertical-align:middle}fieldset{border:0;margin:0;padding:0}textarea{resize:vertical}body{color:#fafafa;background-color:#191919;margin:10px;font-family:Arial,Helvetica,sans-serif}a{text-decoration:none}a:link{color:#ffc627}a:hover,a:active{color:#ffc627;text-decoration:underline}a:focus{color:#111;background-color:#ffc627}a:visited,a:visited:hover{color:#cba557}a:visited:focus,a:visited:focus-visible{color:#111!important}.hidden,[hidden]{display:none!important}.visually-hidden{clip:rect(0,0,0,0);white-space:nowrap;border:0;width:1px;height:1px;margin:-1px;padding:0;position:absolute;overflow:hidden}.visually-hidden.focusable:active,.visually-hidden.focusable:focus{clip:auto;width:auto;height:auto;white-space:inherit;margin:0;position:static;overflow:visible}.invisible{visibility:hidden}.clearfix:before,.clearfix:after{content:"";display:table}.clearfix:after{clear:both}@media print{*,:before,:after{color:#000!important;box-shadow:none!important;text-shadow:none!important;background:#fff!important}a,a:visited{text-decoration:underline}a[href]:after{content:" (" attr(href)")"}abbr[title]:after{content:" (" attr(title)")"}a[href^=\#]:after,a[href^=javascript\:]:after{content:""}pre{white-space:pre-wrap!important}pre,blockquote{break-inside:avoid;border:1px solid #999}tr,img{break-inside:avoid}p,h2,h3{orphans:3;widows:3}h2,h3{break-after:avoid}}.full-width-section{background-position:50%;background-size:cover;width:100%;max-width:1920px;margin:0 auto}.container{max-width:1200px;margin:0 auto;padding:0 12px}.readable{max-width:900px;margin:0 auto}header,footer{width:100%}header .container,footer .container{max-width:1200px;margin:0 auto;padding:20px 12px}.gh{border-collapse:collapse;border-spacing:0;margin:0 auto}.gh td,.gh th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.gh .gh-tcell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.gh,.gh col{width:auto!important}.gh-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.soc{border-collapse:collapse;border-spacing:0;margin:0 auto}.soc td,.soc th{border-collapse:collapse;word-break:normal;padding:8px;overflow:hidden}.soc .soc-fa{text-align:center;vertical-align:middle}@media screen and (width<=767px){.soc,.soc col{width:auto!important}.soc-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.foss{border-collapse:collapse;border-spacing:0}.foss td,.foss th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.foss .foss-cell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.foss,.foss col{width:auto!important}.foss-wrap{-webkit-overflow-scrolling:touch;overflow-x:auto}}.bnav{text-align:center;border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav td,.bnav th{text-align:center;vertical-align:middle;word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav .bnav-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav,.bnav col{width:auto!important}.bnav-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.bnav2{border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav2 td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav2 th{word-break:normal;border-style:none;padding:12px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.bnav2 .bnav2-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav2,.bnav2 col{width:auto!important}.bnav2-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.pgp{border-collapse:collapse;border-spacing:0;margin:0 auto}.pgp td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp th{word-break:normal;border:1px solid #000;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp .pgp-col1{text-align:right;vertical-align:middle;padding-right:1rem}.pgp .pgp-col2{text-align:left;vertical-align:middle;padding-left:1rem}@media screen and (width<=767px){.pgp,.pgp col{width:auto!important}.pgp-wrap{-webkit-overflow-scrolling:touch;margin:2rem 0 auto;overflow-x:auto}}#service-summary{color:#e6e6e6;margin-top:2rem;margin-bottom:2.5rem}.service-table{color:#e6e6e6;border-collapse:collapse;background-color:#191919;width:100%;font-size:.95rem}.service-table th,.service-table td{text-align:left;vertical-align:top;border-bottom:1px solid #333;padding:.75rem 1rem}.service-table th{color:#ffc627;text-transform:uppercase;background-color:#222;font-size:.85rem;font-weight:600}.service-table a{color:#ffc627;font-weight:500;text-decoration:none}.service-table a:hover{text-decoration:underline}.service-table tr:hover{background-color:#222;transition:background-color .3s,box-shadow .3s;box-shadow:0 0 10px 2px #ffc62740}.service-table tr.selected{background-color:#222;border-left:4px solid #ffc627;transition:background-color .3s,border-left-color .3s}.service-table tr.selected:hover{background-color:#252525;box-shadow:0 0 12px 3px #ffc62759}@media (width<=768px){.service-table{font-size:.9rem}.service-table th,.service-table td{padding:.5rem}}.logo{width:var(--logo-width,250px);height:var(--logo-height,250px);margin-left:auto;margin-right:auto;display:block}.index-title1{text-align:center;font-style:italic;font-weight:700}.index-title2{letter-spacing:-.015em;text-align:center;font-variant:small-caps;font-size:1.25rem;line-height:1.625rem}.index1{letter-spacing:-.035em;text-align:center;font-style:italic;font-weight:700;line-height:2.125rem}.index2{letter-spacing:-.035em;text-align:center;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.index3{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem}.index4{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem;text-decoration:underline}.subhead{letter-spacing:-.035em;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.bold{font-weight:700}.emphasis{font-style:italic}.uline{text-decoration:underline}.bolditalic{font-style:italic;font-weight:700}.bquote{border-left:3px solid #9e9e9e;margin-left:30px;padding-left:10px;font-style:italic}.small-text{font-size:.75rem;line-height:1.125rem}.large-text-center{text-align:center;font-size:1.25rem;line-height:1.75rem}.prewrap{white-space:pre-wrap;display:block}.hr-styled{width:75%;margin:auto}.center-text{text-align:center}.copyright{text-align:center;font-size:.75rem;line-height:1.125rem}.gold{color:#ffc627}.visited{color:#cba557}.goldseparator{color:#ffc627;margin:0 .5rem}.center-nav{text-align:center;padding:5px;font-size:1rem;line-height:1.5rem}.block{overflow-wrap:break-word;resize:none;white-space:normal;word-break:normal;background:0 0;border:none;border-radius:0;outline:none;width:100%;font-family:monospace;font-size:.875rem;line-height:1.125rem}.full-width-section.centered{flex-direction:column;justify-content:center;min-height:80vh;display:flex}.fingerprint{white-space:pre-line;font-family:monospace;display:block}.pgp-image{width:150px;height:150px}.spacer{margin:2rem 0}.separator{margin:0 .5rem}.emoji{margin-right:8px}.headline{margin-bottom:4px;font-style:italic;font-weight:700;display:block}.label{font-family:inherit;font-weight:700}.description{font-family:inherit;font-style:normal;font-weight:400;display:inline}.sr-only{clip:rect(0,0,0,0);white-space:nowrap;border:0;width:1px;height:1px;margin:-1px;padding:0;position:absolute;overflow:hidden}.pgp-entry{flex-wrap:wrap;align-items:center;gap:2rem;margin-bottom:2rem;display:flex}.pgp-text{flex:2;min-width:250px}.pgp-qr{flex:1;min-width:150px}.obtainium-direct-label{margin:.25rem 0 .75rem;font-weight:700}.obtainium-manual-label{margin-top:.75rem;font-weight:700}.obtainium-img{width:185px;height:55px;margin-bottom:.25rem}.obtainium-margin{margin-left:4px}.obtainium-fa-down{color:#ffc627;margin-left:4px}.obtainium-icon{width:50px;height:50px}.proton-img{width:168px;height:24px}.redirect-text{text-align:center;margin-top:4rem}.redirect-content{text-align:center;margin-top:2rem;font-family:system-ui,sans-serif}.loading-spinner{border:4px solid #ddd;border-top-color:#ffc627;border-radius:50%;width:48px;height:48px;margin:2rem auto;animation:1s linear infinite spin}@keyframes spin{to{transform:rotate(360deg)}}.cc-link{text-decoration:none}.cc-img{vertical-align:text-bottom;margin-left:3px;display:inline-block;height:18px!important}#toc ul{padding-left:1.5rem;list-style-type:disc}#toc a{color:var(--color-primary,#ffc627);text-decoration:none}#toc a:hover{text-decoration:underline}.badge{height:24px;display:inline-block}.badge--cc{width:160px}.badge--gpl{width:120px}.pwa-install-button{color:#000;cursor:pointer;background-color:#ffc627;border:none;border-radius:6px;margin-top:1rem;margin-left:auto;margin-right:auto;padding:.5rem 1rem;font-family:inherit;font-size:1rem;font-weight:700;transition:background-color .2s ease-in-out;display:block;box-shadow:0 2px 4px #0003}.pwa-install-button:hover{background-color:#e6b300}.pwa-install-button:focus{outline-offset:2px;outline:2px solid #000}.foss-features{margin:0;padding-left:0;list-style-type:none}.foss-features li{margin-bottom:.5em;font-weight:600}

package/src/routes/+layout.svelte

@@ -30,11 +30,9 @@ This file is part of Network Pro.
   });
 
   // fallback values if data.meta not set
-  const metaTitle =
-    data?.meta?.title || 'Security, Networking, Privacy — Network Pro™';
+  const metaTitle = data?.meta?.title || 'Security, Networking, Privacy';
   const metaDescription =
-    data?.meta?.description ||
-    'Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies';
+    data?.meta?.description || 'Locking Down Networks, Unlocking Confidence™';
 </script>
 
 <!-- Injects proper <title> and <meta> tags -->

package/src/routes/api/mock-csp/+server.js

@@ -7,10 +7,19 @@ This file is part of Network Pro.
 ========================================================================== */
 
 /** @type {import('@sveltejs/kit').RequestHandler} */
-export async function POST({ request }) {
-  console.log('🔶 [Mock CSP] Report received during dev/CI');
+export async function OPTIONS() {
+  return new Response(null, {
+    status: 204,
+    headers: {
+      'Access-Control-Allow-Origin': '*',
+      'Access-Control-Allow-Methods': 'POST, OPTIONS',
+      'Access-Control-Allow-Headers': 'Content-Type',
+    },
+  });
+}
 
-  // Optional: read/validate body for debugging
+/** @type {import('@sveltejs/kit').RequestHandler} */
+export async function POST({ request }) {
   try {
     const data = await request.json();
     console.log('🔶 [Mock CSP] Payload:', data);
@@ -18,5 +27,12 @@ export async function POST({ request }) {
     console.warn('⚠️ [Mock CSP] No JSON body provided.');
   }
 
-  return new Response(null, { status: 204 });
+  return new Response(null, {
+    status: 204,
+    headers: {
+      'Access-Control-Allow-Origin': '*',
+      'Access-Control-Allow-Methods': 'POST, OPTIONS',
+      'Access-Control-Allow-Headers': 'Content-Type',
+    },
+  });
 }

package/src/routes/contact/+page.svelte

@@ -7,7 +7,7 @@ This file is part of Network Pro.
 ========================================================================== -->
 
 <script>
-  import RedirectPage from '$lib/components/RedirectPage.svelte';
+  import { RedirectPage } from '$lib/components';
   import { appendUTM } from '$lib/utils/utm.js';
   import { getUTMParams } from '$lib/utils/getUTMParams.js';
   import { trackingEnabled } from '$lib/stores/trackingPreferences';

package/src/routes/posts/+page.svelte

@@ -7,7 +7,7 @@ This file is part of Network Pro.
 ========================================================================== -->
 
 <script>
-  import RedirectPage from '$lib/components/RedirectPage.svelte';
+  import { RedirectPage } from '$lib/components';
   import { appendUTM } from '$lib/utils/utm.js';
   import { getUTMParams } from '$lib/utils/getUTMParams.js';
   import { trackingEnabled } from '$lib/stores/trackingPreferences';

package/src/routes/privacy-rights/+page.svelte

@@ -7,7 +7,7 @@ This file is part of Network Pro.
 ========================================================================== -->
 
 <script>
-  import RedirectPage from '$lib/components/RedirectPage.svelte';
+  import { RedirectPage } from '$lib/components';
   import { appendUTM } from '$lib/utils/utm.js';
   import { getUTMParams } from '$lib/utils/getUTMParams.js';
   import { trackingEnabled } from '$lib/stores/trackingPreferences';

package/static/.well-known/humans.txt

@@ -1,13 +1,13 @@
 /* TEAM */
 Organization: Network Pro Strategies (Network Pro™)
 URL: https://netwk.pro
-Contact: SunDevil311 (Scott Lopez)
+Contact: Scott Lopez (SunDevil311)
 GitHub: https://github.com/netwk-pro
-Email: support@neteng.pro
+Email: support@netwk.pro
 
 /* PGP */
 PGP Fingerprint: 6590 B992 E2E3 EFF1 2738 7BCE 2AF0 93E9 DEC6 1BA0
-PGP Key: https://netwk.pro/pgp/support@neteng.pro.asc
+PGP Key: https://netwk.pro/pgp/support@netwk.pro.asc
 
 /* SITE */
 Standards: HTML5, CSS3, SvelteKit, Markdown
@@ -15,7 +15,7 @@ Tools: GitHub, Material for MkDocs, Proton Mail
 Hosting: Decentralized / CDN-backed static infrastructure
 
 /* MOTTO */
-"Designed for professionals. Hardened for privacy. Built with intent."
+"Locking Down Networks, Unlocking Confidence™"
 
 /* LAST UPDATED */
-2025-06-11
+2025-11-09

package/static/robots.txt

@@ -8,7 +8,7 @@
 
 User-agent: *
 
-# Disallow dev and CI/CD artifacts
+# --- Disallow dev and CI/CD artifacts
 Disallow: /tests/
 Disallow: /scripts/
 Disallow: /playwright-report/
@@ -34,7 +34,7 @@ Disallow: /privacy-rights
 Disallow: /..404
 Disallow: /status
 
-# --- Optional: service utilities or PWA
+# --- Service utilities or PWA
 Disallow: /service-worker
 Disallow: /service-worker.js
 Disallow: /service-worker.d.ts

package/static/sitemap.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!-- Sitemap last updated 2025-11-03 -->
+<!-- Sitemap last updated 2025-11-09 -->
 
 <urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
 
@@ -7,7 +7,7 @@
 
     <loc>https://netwk.pro</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>weekly</changefreq>
 
@@ -19,7 +19,7 @@
 
     <loc>https://netwk.pro/services</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -31,7 +31,7 @@
 
     <loc>https://netwk.pro/foss</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -43,7 +43,7 @@
 
     <loc>https://netwk.pro/about</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -55,7 +55,7 @@
 
     <loc>https://netwk.pro/privacy-dashboard</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -67,7 +67,7 @@
 
     <loc>https://netwk.pro/privacy</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -79,7 +79,7 @@
 
     <loc>https://netwk.pro/legal</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -91,7 +91,7 @@
 
     <loc>https://netwk.pro/terms-of-use</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -103,7 +103,7 @@
 
     <loc>https://netwk.pro/terms-conditions</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -115,7 +115,7 @@
 
     <loc>https://netwk.pro/pgp</loc>
 
-    <lastmod>2025-10-30</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>monthly</changefreq>
 
@@ -187,7 +187,7 @@
 
     <loc>https://netwk.pro/.well-known/humans.txt</loc>
 
-    <lastmod>2025-06-11</lastmod>
+    <lastmod>2025-11-09</lastmod>
 
     <changefreq>yearly</changefreq>
 

package/tests/unit/server/lib/security/probely.test.js

@@ -0,0 +1,50 @@
+/* ==========================================================================
+tests/unit/server/security/probely.test.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * @file probely.test.js
+ * @description  Unit tests for the isProbelyRequest helper.
+ * Validates detection logic for identifying known Probely scanner traffic
+ * based on User-Agent and IP address heuristics.
+ * @module tests/unit/server/security
+ * @author Scott Lopez
+ * @updated 2025-11-11
+ */
+
+import { isProbelyScanner } from '$lib/security/probely.js';
+
+describe('isProbelyScanner', () => {
+  it('detects known user-agent', () => {
+    const ua =
+      'Mozilla/5.0 (compatible; +https://probely.com/sos) AppleWebKit/537.36 Chrome/104.0.0.0 Safari/537.36 ProbelySPDR/0.2.0';
+    expect(isProbelyScanner({ ua, ip: '' })).toBe(true);
+  });
+
+  it('detects known IP', () => {
+    expect(isProbelyScanner({ ua: '', ip: '18.235.241.170' })).toBe(true);
+  });
+
+  it('handles lowercase and spacing in IP', () => {
+    expect(
+      isProbelyScanner({ ua: 'probelyspdr/1.0', ip: ' 18.235.241.170 ' }),
+    ).toBe(true);
+  });
+
+  it('returns false for unrelated UA and IP', () => {
+    expect(
+      isProbelyScanner({
+        ua: 'Mozilla/5.0 (Linux x86_64)',
+        ip: '8.8.8.8',
+      }),
+    ).toBe(false);
+  });
+
+  it('handles missing headers safely', () => {
+    expect(isProbelyScanner({ ua: '', ip: '' })).toBe(false);
+  });
+});

package/vitest.config.server.js

@@ -22,10 +22,11 @@ export default defineConfig({
   ],
   test: {
     name: 'server',
+    globals: true,
     environment: 'node',
     include: ['tests/unit/server/**/*.test.{js,mjs}'],
     exclude: ['tests/unit/**/*.svelte.test.{js,mjs}'],
-    reporters: ['default', 'json'],
+    reporter: ['default', 'json'],
     testTimeout: 10000,
     outputFile: {
       json: './reports/server/results.json',