@networkpro/web 1.25.7 → 1.25.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/prevent-audit-merge.yml +27 -0
- package/.stylelintignore +3 -0
- package/CHANGELOG.md +39 -1
- package/package.json +2 -2
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
# .github/workflows/prevent-audit-merge.yml
|
|
2
|
+
#
|
|
3
|
+
# Copyright © 2025 Network Pro Strategies (Network Pro™)
|
|
4
|
+
# SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
|
|
5
|
+
# This file is part of Network Pro
|
|
6
|
+
|
|
7
|
+
name: Prevent audit merges into master
|
|
8
|
+
|
|
9
|
+
on:
|
|
10
|
+
pull_request:
|
|
11
|
+
branches: [master]
|
|
12
|
+
|
|
13
|
+
permissions:
|
|
14
|
+
contents: read
|
|
15
|
+
|
|
16
|
+
jobs:
|
|
17
|
+
check-branch:
|
|
18
|
+
runs-on: ubuntu-24.04
|
|
19
|
+
steps:
|
|
20
|
+
- name: Fail if source is audit-netlify
|
|
21
|
+
run: |
|
|
22
|
+
SOURCE_BRANCH="${{ github.event.pull_request.head.ref }}"
|
|
23
|
+
echo "🔍 Checking source branch: $SOURCE_BRANCH"
|
|
24
|
+
if [[ "$SOURCE_BRANCH" == "audit-netlify" ]]; then
|
|
25
|
+
echo "❌ Merge from 'audit-netlify' to 'master' is prohibited."
|
|
26
|
+
exit 1
|
|
27
|
+
fi
|
package/.stylelintignore
CHANGED
package/CHANGELOG.md
CHANGED
|
@@ -22,6 +22,43 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
|
|
|
22
22
|
|
|
23
23
|
---
|
|
24
24
|
|
|
25
|
+
## [1.25.8] - 2025-11-11
|
|
26
|
+
|
|
27
|
+
### Added
|
|
28
|
+
|
|
29
|
+
- 🔐 **Branch protection rules** on `master`:
|
|
30
|
+
- Enforced pull requests for all changes
|
|
31
|
+
- Blocked force pushes
|
|
32
|
+
- Linear history requirement
|
|
33
|
+
- 🚫 **CI workflow to prevent merges from `audit-netlify` to `master`**:
|
|
34
|
+
- PRs originating from `audit-netlify` targeting `master` are automatically rejected
|
|
35
|
+
- Triggered on `pull_request` events
|
|
36
|
+
- Uses `github.event.pull_request.head.ref` for precise branch detection
|
|
37
|
+
- 🚀 **Netlify CI deployment** for audit-only branch:
|
|
38
|
+
- Workflow `.github/workflows/deploy-audit-netlify.yml` added
|
|
39
|
+
- Deploys `audit-netlify` to a separate Netlify site
|
|
40
|
+
- Uses environmental variables to trigger `vite build --mode audit`
|
|
41
|
+
- 🌐 **`hooks.server.js` CSP hardening** for audit deployments:
|
|
42
|
+
- Probely scanner detection based on UA/IP added via `isProbelyScanner()`
|
|
43
|
+
- Audit-specific CSP disables analytics and CSP reporting endpoints
|
|
44
|
+
- Logs detailed CSP info when in `isAudit` or `isDebug` modes
|
|
45
|
+
- 🛡️ Middleware improvements:
|
|
46
|
+
- User-agent/IP fingerprinting for Probely DAST
|
|
47
|
+
- Added logging for audit-mode scanner matches
|
|
48
|
+
- 🧪 Support for per-environment `.env` files (e.g. `.env.audit`)
|
|
49
|
+
- 🔄 Git helper scripts:
|
|
50
|
+
- Added bash script to sync `audit-netlify` with latest `master`
|
|
51
|
+
- Supports merge conflict resolution via VS Code diff viewer
|
|
52
|
+
|
|
53
|
+
### Changed
|
|
54
|
+
|
|
55
|
+
- Updated `.stylelintignore` to exclude `.netlify` directory
|
|
56
|
+
- Updated `lint:md` script to exclude the `build/` and `.netlify/` directories
|
|
57
|
+
- Refined `svelte.config.js` to support alternate build targets (Vercel → Netlify via adapter switch)
|
|
58
|
+
- Audit builds now use isolated `.env` config and a separate Netlify site token
|
|
59
|
+
|
|
60
|
+
---
|
|
61
|
+
|
|
25
62
|
## [1.25.7] - 2025-11-11
|
|
26
63
|
|
|
27
64
|
### Added
|
|
@@ -1770,7 +1807,8 @@ This enables analytics filtering and CSP hardening for the audit environment.
|
|
|
1770
1807
|
|
|
1771
1808
|
<!-- Link references -->
|
|
1772
1809
|
|
|
1773
|
-
[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.
|
|
1810
|
+
[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.8...HEAD
|
|
1811
|
+
[1.25.8]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.8
|
|
1774
1812
|
[1.25.7]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.7
|
|
1775
1813
|
[1.25.6]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.6
|
|
1776
1814
|
[1.25.5]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.5
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@networkpro/web",
|
|
3
3
|
"private": false,
|
|
4
|
-
"version": "1.25.
|
|
4
|
+
"version": "1.25.8",
|
|
5
5
|
"description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
|
|
6
6
|
"keywords": [
|
|
7
7
|
"advisory",
|
|
@@ -70,7 +70,7 @@
|
|
|
70
70
|
"lint:fix": "eslint . --ext .js,.cjs,.mjs,.svelte --fix",
|
|
71
71
|
"lint:jsdoc": "eslint . --ext .js,.cjs,.mjs,.svelte --max-warnings=0",
|
|
72
72
|
"lint:css": "stylelint \"**/*.{css,svelte}\" --ignore-path .stylelintignore",
|
|
73
|
-
"lint:md": "npx markdownlint-cli2 \"**/*.{md,markdown}\" \"#node_modules/**\" \"#playwright-report/**\" \"#test-results/**\"",
|
|
73
|
+
"lint:md": "npx markdownlint-cli2 \"**/*.{md,markdown}\" \"#build/**\" \"#.netlify/**\" \"#node_modules/**\" \"#playwright-report/**\" \"#test-results/**\"",
|
|
74
74
|
"format": "prettier --check .",
|
|
75
75
|
"format:fix": "prettier --write .",
|
|
76
76
|
"lint:all": "npm-run-all --parallel --print-label lint lint:md lint:css --sequential format",
|