@networkpro/web 1.25.9 → 1.25.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env.template +1 -1
- package/.github/workflows/auto-assign.yml +2 -0
- package/.github/workflows/backup-branch.yml +2 -0
- package/.github/workflows/build-and-publish.yml +0 -15
- package/.github/workflows/check-security-txt-expiry.yml +2 -0
- package/.github/workflows/dependency-review.yml +2 -0
- package/.github/workflows/meta-check.yml +3 -0
- package/.github/workflows/prevent-audit-merge.yml +3 -0
- package/.github/workflows/secret-scan.yml +2 -0
- package/.github/workflows/templates/check-codeql.template.yml +2 -0
- package/.github/workflows/templates/publish.template.yml +0 -15
- package/CHANGELOG.md +30 -1
- package/package.json +5 -4
- package/src/lib/security/probely.js +13 -4
package/.env.template
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
# Rename to `.env` (or `.env.local`) and customize as needed
|
|
6
6
|
|
|
7
7
|
# Custom environment mode for scripts and tooling
|
|
8
|
-
# One of: dev, test, ci,
|
|
8
|
+
# One of: dev, test, ci, audit, production
|
|
9
9
|
ENV_MODE=dev
|
|
10
10
|
|
|
11
11
|
# Optional: API keys or tokens for local dev (never commit real values)
|
|
@@ -42,11 +42,6 @@ jobs:
|
|
|
42
42
|
cache: npm
|
|
43
43
|
cache-dependency-path: package-lock.json
|
|
44
44
|
|
|
45
|
-
#- name: Show Node.js and npm versions
|
|
46
|
-
# run: |
|
|
47
|
-
# echo "Node.js version: $(node -v)"
|
|
48
|
-
# echo "npm version: $(npm -v)"
|
|
49
|
-
|
|
50
45
|
- name: Upgrade npm
|
|
51
46
|
run: |
|
|
52
47
|
corepack enable
|
|
@@ -132,11 +127,6 @@ jobs:
|
|
|
132
127
|
cache: npm
|
|
133
128
|
cache-dependency-path: package-lock.json
|
|
134
129
|
|
|
135
|
-
#- name: Show Node.js and npm versions
|
|
136
|
-
# run: |
|
|
137
|
-
# echo "Node.js version: $(node -v)"
|
|
138
|
-
# echo "npm version: $(npm -v)"
|
|
139
|
-
|
|
140
130
|
- name: Upgrade npm
|
|
141
131
|
run: |
|
|
142
132
|
corepack enable
|
|
@@ -193,11 +183,6 @@ jobs:
|
|
|
193
183
|
cache: npm
|
|
194
184
|
cache-dependency-path: package-lock.json
|
|
195
185
|
|
|
196
|
-
#- name: Show Node.js and npm versions
|
|
197
|
-
# run: |
|
|
198
|
-
# echo "Node.js version: $(node -v)"
|
|
199
|
-
# echo "npm version: $(npm -v)"
|
|
200
|
-
|
|
201
186
|
- name: Upgrade npm
|
|
202
187
|
run: |
|
|
203
188
|
corepack enable
|
|
@@ -50,11 +50,6 @@ jobs:
|
|
|
50
50
|
cache: npm
|
|
51
51
|
cache-dependency-path: package-lock.json
|
|
52
52
|
|
|
53
|
-
#- name: Show Node.js and npm versions
|
|
54
|
-
# run: |
|
|
55
|
-
# echo "Node.js version: $(node -v)"
|
|
56
|
-
# echo "npm version: $(npm -v)"
|
|
57
|
-
|
|
58
53
|
- name: Upgrade npm
|
|
59
54
|
run: |
|
|
60
55
|
corepack enable
|
|
@@ -136,11 +131,6 @@ jobs:
|
|
|
136
131
|
cache: npm
|
|
137
132
|
cache-dependency-path: package-lock.json
|
|
138
133
|
|
|
139
|
-
#- name: Show Node.js and npm versions
|
|
140
|
-
# run: |
|
|
141
|
-
# echo "Node.js version: $(node -v)"
|
|
142
|
-
# echo "npm version: $(npm -v)"
|
|
143
|
-
|
|
144
134
|
- name: Upgrade npm
|
|
145
135
|
run: |
|
|
146
136
|
corepack enable
|
|
@@ -197,11 +187,6 @@ jobs:
|
|
|
197
187
|
cache: npm
|
|
198
188
|
cache-dependency-path: package-lock.json
|
|
199
189
|
|
|
200
|
-
#- name: Show Node.js and npm versions
|
|
201
|
-
# run: |
|
|
202
|
-
# echo "Node.js version: $(node -v)"
|
|
203
|
-
# echo "npm version: $(npm -v)"
|
|
204
|
-
|
|
205
190
|
- name: Upgrade npm
|
|
206
191
|
run: |
|
|
207
192
|
corepack enable
|
package/CHANGELOG.md
CHANGED
|
@@ -22,6 +22,34 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
|
|
|
22
22
|
|
|
23
23
|
---
|
|
24
24
|
|
|
25
|
+
## [1.25.10] - 2025-11-12
|
|
26
|
+
|
|
27
|
+
### Changed
|
|
28
|
+
|
|
29
|
+
- Updated GitHub workflows to specify `ENV: ci` where appropriate:
|
|
30
|
+
- `templates/check-codeql.template.yml`
|
|
31
|
+
- `templates/publish.template.yml`
|
|
32
|
+
- `auto-assign.yml`
|
|
33
|
+
- `branch-backup.yml`
|
|
34
|
+
- `check-security-txt-expiry.yml`
|
|
35
|
+
- `dependency-review.yml`
|
|
36
|
+
- `meta-check.yml`
|
|
37
|
+
- `prevent-audit-merges.yml`
|
|
38
|
+
- `secret-scan.yml`
|
|
39
|
+
- Added `@sveltejs/adapter-netlify` devDependency for smoother toggling between production and audit modes.
|
|
40
|
+
- Production uses `@sveltejs/adapter-vercel` only. `@sveltejs/adapter-netlify` exists solely to support the audit environment.
|
|
41
|
+
- Bumped project version to `v1.25.10`.
|
|
42
|
+
- Updated dependencies:
|
|
43
|
+
- `@testing-library/svelte` `^5.2.8` → `^5.2.9`
|
|
44
|
+
- `eslint-plugin-jsdoc` `^61.1.12` → `^61.2.0`
|
|
45
|
+
- `posthog-js` `^1.290.0` → `^1.292.0`
|
|
46
|
+
|
|
47
|
+
## Removed
|
|
48
|
+
|
|
49
|
+
- Removed unneeded comments in `build-and-publish.yml` workflow.
|
|
50
|
+
|
|
51
|
+
---
|
|
52
|
+
|
|
25
53
|
## [1.25.9] - 2025-11-11
|
|
26
54
|
|
|
27
55
|
### Changed
|
|
@@ -1827,7 +1855,8 @@ This enables analytics filtering and CSP hardening for the audit environment.
|
|
|
1827
1855
|
|
|
1828
1856
|
<!-- Link references -->
|
|
1829
1857
|
|
|
1830
|
-
[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.
|
|
1858
|
+
[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.25.10...HEAD
|
|
1859
|
+
[1.25.10]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.10
|
|
1831
1860
|
[1.25.9]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.9
|
|
1832
1861
|
[1.25.8]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.8
|
|
1833
1862
|
[1.25.7]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.25.7
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@networkpro/web",
|
|
3
3
|
"private": false,
|
|
4
|
-
"version": "1.25.
|
|
4
|
+
"version": "1.25.10",
|
|
5
5
|
"description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
|
|
6
6
|
"keywords": [
|
|
7
7
|
"advisory",
|
|
@@ -85,7 +85,7 @@
|
|
|
85
85
|
},
|
|
86
86
|
"dependencies": {
|
|
87
87
|
"dompurify": "^3.3.0",
|
|
88
|
-
"posthog-js": "^1.
|
|
88
|
+
"posthog-js": "^1.292.0",
|
|
89
89
|
"semver": "^7.7.3",
|
|
90
90
|
"svelte": "5.43.6"
|
|
91
91
|
},
|
|
@@ -94,17 +94,18 @@
|
|
|
94
94
|
"@eslint/js": "^9.39.1",
|
|
95
95
|
"@lhci/cli": "^0.15.1",
|
|
96
96
|
"@playwright/test": "^1.56.1",
|
|
97
|
+
"@sveltejs/adapter-netlify": "^5.2.4",
|
|
97
98
|
"@sveltejs/adapter-vercel": "^6.1.1",
|
|
98
99
|
"@sveltejs/kit": "2.48.4",
|
|
99
100
|
"@sveltejs/vite-plugin-svelte": "^6.2.1",
|
|
100
101
|
"@testing-library/jest-dom": "^6.9.1",
|
|
101
|
-
"@testing-library/svelte": "^5.2.
|
|
102
|
+
"@testing-library/svelte": "^5.2.9",
|
|
102
103
|
"@vitest/coverage-v8": "3.2.4",
|
|
103
104
|
"autoprefixer": "^10.4.22",
|
|
104
105
|
"browserslist": "^4.28.0",
|
|
105
106
|
"eslint": "^9.39.1",
|
|
106
107
|
"eslint-config-prettier": "^10.1.8",
|
|
107
|
-
"eslint-plugin-jsdoc": "^61.
|
|
108
|
+
"eslint-plugin-jsdoc": "^61.2.0",
|
|
108
109
|
"eslint-plugin-svelte": "^3.13.0",
|
|
109
110
|
"globals": "^16.5.0",
|
|
110
111
|
"jsdom": "26.1.0",
|
|
@@ -15,7 +15,7 @@ This file is part of Network Pro.
|
|
|
15
15
|
* @updated 2025-11-11
|
|
16
16
|
*/
|
|
17
17
|
|
|
18
|
-
/** @typedef {{ ua
|
|
18
|
+
/** @typedef {{ ua?: string, ip?: string }} ScannerInput */
|
|
19
19
|
|
|
20
20
|
/**
|
|
21
21
|
* Check if a request is likely from Probely.
|
|
@@ -23,7 +23,13 @@ This file is part of Network Pro.
|
|
|
23
23
|
* @returns {boolean} - True if the request matches Probely’s fingerprint.
|
|
24
24
|
*/
|
|
25
25
|
export function isProbelyScanner({ ua, ip }) {
|
|
26
|
-
const
|
|
26
|
+
const PROBELY_UA_FRAGMENTS = [
|
|
27
|
+
'probelyspdr/',
|
|
28
|
+
'probelyfp/',
|
|
29
|
+
'probelymrkt/',
|
|
30
|
+
'probelysc/',
|
|
31
|
+
'python-httpx/',
|
|
32
|
+
];
|
|
27
33
|
const PROBELY_IPS = [
|
|
28
34
|
'18.235.241.170',
|
|
29
35
|
'52.65.214.19',
|
|
@@ -41,7 +47,10 @@ export function isProbelyScanner({ ua, ip }) {
|
|
|
41
47
|
const normalizedIP = ip?.trim() ?? '';
|
|
42
48
|
|
|
43
49
|
return (
|
|
44
|
-
|
|
45
|
-
|
|
50
|
+
PROBELY_UA_FRAGMENTS.some((fragment) =>
|
|
51
|
+
normalizedUA.includes(fragment.toLowerCase()),
|
|
52
|
+
) || PROBELY_IPS.includes(normalizedIP)
|
|
46
53
|
);
|
|
47
54
|
}
|
|
55
|
+
|
|
56
|
+
// cspell:ignore probelyfp probelymrkt probelysc httpx
|