@networkpro/web 1.7.6 → 1.8.3

package/README.md

@@ -17,6 +17,8 @@ This file is part of Network Pro.
 [![Code Style: Prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg?style=flat)](https://github.com/prettier/prettier) [![stylelint](https://img.shields.io/badge/stylelint-%23747474?style=flat&logo=stylelint&logoSize=auto&labelColor=%23263238)](https://stylelint.io/)
 [![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-2.1-4baaaa.svg)](https://github.com/netwk-pro/netwk-pro.github.io/blob/master/CODE_OF_CONDUCT.md)
 
+<section id="top">
+
 ## 🚀 Project Overview
 
 This GitHub repository powers the official web presence of **[Network Pro Strategies](https://netwk.pro/about)** — a privacy-first consultancy specializing in cybersecurity, network engineering, and information security. We also lead public advocacy efforts promoting digital privacy and responsible cyber policy.
@@ -26,7 +28,27 @@ Built with [SvelteKit](https://kit.svelte.dev/) and deployed via [Netlify](https
 
 All infrastructure and data flows are designed with **maximum transparency, self-hosting, and user privacy** in mind.
 
-### 📁 Repository Structure
+</section>
+
+### Table of Contents
+
+- [Repository Structure](#structure)
+- [Getting Started](#getting-started)
+- [Configuration](#configuration)
+- [Service Worker Utilities](#sw-utilities)
+- [CSP Report Handler](#cspreport)
+- [Testing](#testing)
+- [Recommended Toolchain](#toolchain)
+- [Tooling Configuration](#toolconfig)
+- [Available Scripts](#scripts)
+- [License](#license)
+- [Questions](#questions)
+
+---
+
+<section id="structure">
+
+## 📁 Repository Structure
 
 ```bash
 .
@@ -36,8 +58,9 @@ All infrastructure and data flows are designed with **maximum transparency, self
 │   ├── extensions.json    # Recommended VSCodium / VS Code extensions
 │   ├── extensions.jsonc   # Commented version of extensions.json for reference
 │   └── settings.json      # User settings for VSCodium / VS Code
-├── netlify-functions/
-│   └── cspReport.js       # Serverless function to receive and log CSP violation reports
+├── netlify/
+│   └── edge-functions/    # Netlify Edge Functions directory
+│       └── csp-report.js  # Edge Function to receive and log CSP violation reports
 ├── scripts/               # General utility scripts
 ├── src/
 │   ├── lib/               # Reusable components, styles, utilities
@@ -74,8 +97,14 @@ tests/
 └── ...
 ```
 
+</section>
+
+<sub>[Back to top](#top)</sub>
+
 ---
 
+<section id="getting-started">
+
 ## 🛠 Getting Started
 
 ### 📦 Environment Setup
@@ -119,9 +148,9 @@ npm install
 > You can also use `bootstrap.local.sh` to automate the steps above and more (optional).  
 > `ENV_MODE` controls local tooling behavior — it is not used by the app runtime directly.
 
----
+&nbsp;
 
-#### 💾 Version Enforcement
+### 💾 Version Enforcement
 
 To ensure consistent environments across contributors and CI systems, this project enforces specific Node.js and npm versions via the `"engines"` field in `package.json`:
 
@@ -185,7 +214,13 @@ node -v     # Should fall within engines.node
 npm -v      # Should fall within engines.npm
 ```
 
-&nbsp;
+</section>
+
+<sub>[Back to top](#top)</sub>
+
+---
+
+<section id="configuration">
 
 ## 🛡️ Configuration
 
@@ -208,36 +243,117 @@ To re-enable nonce generation for inline scripts in the future:
 
 > 💡 The `[headers]` block in `netlify.toml` has been deprecated — all headers are now set dynamically from within SvelteKit.
 
----
+&nbsp;
 
 ### 🧭 `hooks.client.ts`
 
-This lightweight hook enhances client experience:
+Located at `src/hooks.client.ts`, this file is currently limited to handling uncaught client-side errors via the `handleError()` lifecycle hook.
 
-- Handles the `beforeinstallprompt` event to support progressive web app (PWA) install flows
-- Provides a `handleError()` hook that logs uncaught client-side errors
+Client-side PWA logic (such as handling the `beforeinstallprompt` event, checking browser compatibility, and registering the service worker) has been moved to `src/lib/registerServiceWorker.js` for better modularity and testability.
 
-Located at `src/hooks.client.ts`, it is automatically used by the SvelteKit runtime during client boot.
+> 💡 This separation ensures that error handling is isolated from PWA lifecycle logic, making both concerns easier to maintain.
+
+</section>
+
+<sub>[Back to top](#top)</sub>
 
 ---
 
-### 📣 CSP Report Handler
+<section id="sw-utilities">
+
+## ⚙️ Service Worker Utilities
+
+This project includes modular service worker management to support PWA functionality, update lifecycles, and debugging workflows.
+
+### ✅ `registerServiceWorker.js`
+
+Located at `src/lib/registerServiceWorker.js`, this module handles:
+
+- **Service worker registration** (`service-worker.js`)
+- **Update lifecycle**: prompts users when new content is available
+- **Cache hygiene**: removes unexpected caches not prefixed with `cache-`
+- **Install prompt support**: dispatches a `pwa-install-available` event for custom handling
+- **Firefox compatibility**: skips registration in Firefox during localhost development
+
+This function is typically called during client boot from `+layout.svelte` or another root-level component.
+
+> ℹ️ The service worker will not register if the `?nosw` flag is present or if `window.__DISABLE_SW__` is set (see below).
+
+&nbsp;
+
+### 🧹 `unregisterServiceWorker.js`
+
+Located at `src/lib/unregisterServiceWorker.js`, this utility allows for manual deactivation of service workers during debugging or user opt-out flows.
+
+It unregisters **all active service worker registrations** and logs the result.
+
+&nbsp;
+
+### 🚫 `disableSw.js`
+
+Located at `static/disableSw.js`, this file sets a global flag if the URL contains the `?nosw` query parameter:
+
+```js
+if (location.search.includes("nosw")) {
+  window.__DISABLE_SW__ = true;
+}
+```
+
+This flag is used by `registerServiceWorker.js` to bypass registration. It's helpful for testing environments, browser compatibility checks, or simulating first-load conditions without service worker interference.
+
+To use:
+
+```bash
+https://netwk.pro/?nosw
+```
+
+> 💡 `disableSw.js` is loaded from the static directory and runs early, ensuring the `__DISABLE_SW__` flag is available before service worker logic executes.
+
+&nbsp;
+
+#### 🔧 Example Usage
+
+To register the service worker conditionally, call the function from client code:
+
+```js
+import { registerServiceWorker } from "$lib/registerServiceWorker.js";
+
+registerServiceWorker();
+```
+
+You can optionally import unregisterServiceWorker() in a debug menu or settings panel to let users opt out of offline behavior.
+
+</section>
+
+<sub>[Back to top](#top)</sub>
+
+---
+
+<section id="cspreport">
+
+## 📣 CSP Report Handler
 
 To receive and inspect CSP violation reports in development or production, the repo includes a Netlify-compatible function at:
 
 ```bash
-netlify-functions/cspReport.js
+netlify/edge-functions/csp-report.js
 ```
 
-This function receives reports sent to `/functions/cspReport` and logs them to the console. You can later integrate with logging tools or alerts (e.g., via email, Slack, or SIEM ingestion).
+This Edge Function receives Content Security Policy (CSP) violation reports at `/api/csp-report` and logs relevant details to the console. High-risk violations (e.g., `script-src`, `form-action`) also trigger real-time alerts via `ntfy`. You can further integrate with logging tools, SIEM platforms, or notification systems as needed.
 
 Make sure to include the `report-uri` directive in your CSP header:
 
 ```bash
-Content-Security-Policy: ...; report-uri /.netlify/functions/cspReport;
+Content-Security-Policy: ...; report-uri /api/csp-report;
 ```
 
-&nbsp;
+</section>
+
+<sub>[Back to top](#top)</sub>
+
+---
+
+<section id="testing">
 
 ## 🧪 Testing
 
@@ -332,8 +448,14 @@ You can also audit locally using Chrome DevTools → Lighthouse tab for on-the-f
 
 <!-- markdownlint-disable MD028 -->
 
+</section>
+
+<sub>[Back to top](#top)</sub>
+
 ---
 
+<section id="toolchain">
+
 ## 🛠 Recommended Toolchain
 
 To streamline development and align with project conventions, we recommend the following setup — especially for contributors without a strong existing preference.
@@ -371,8 +493,14 @@ npm run lint:fix
 npm run format:fix
 ```
 
+</section>
+
+<sub>[Back to top](#top)</sub>
+
 ---
 
+<section id="toolconfig">
+
 ## ⚙️ Tooling Configuration
 
 All linting, formatting, and version settings are defined in versioned project config files:
@@ -395,8 +523,14 @@ These are the same rules used by CI and automation, so aligning your local setup
 
 > Note: `.vscode/extensions.json` defines a minimal recommended dev stack for VSCodium / VS Code. These extensions are **optional but thoughtfully curated** to improve developer experience without introducing bloat.
 
+</section>
+
+<sub>[Back to top](#top)</sub>
+
 ---
 
+<section id="scripts">
+
 ## 📜 Available Scripts
 
 The following CLI commands are available via `npm run <script>` or `pnpm run <script>`.
@@ -412,7 +546,7 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | `build:netlify` | Build using Netlify CLI                                                  |
 | `css:bundle`    | Bundle and minify CSS                                                    |
 
----
+&nbsp;
 
 ### ✅ Pre-check / Sync
 
@@ -425,7 +559,7 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | `checkout`    | Full local validation: check versions, test, lint, typecheck |
 | `verify`      | Alias for `checkout`                                         |
 
----
+&nbsp;
 
 ### 🧹 Cleanup & Maintenance
 
@@ -435,7 +569,7 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | `clean`   | Fully reset environment and reinstall           |
 | `upgrade` | Update all dependencies via `npm-check-updates` |
 
----
+&nbsp;
 
 <!-- markdownlint-disable MD024 -->
 
@@ -453,7 +587,7 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | `test:coverage` | Collect coverage from both client and server           |
 | `test:e2e`      | Runs E2E tests with up to 1 automatic retry on failure |
 
----
+&nbsp;
 
 ### 🧼 Linting & Formatting
 
@@ -468,7 +602,7 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | `format`     | Run Prettier formatting check           |
 | `format:fix` | Auto-format code using Prettier         |
 
----
+&nbsp;
 
 ### 💡 Lighthouse / Performance
 
@@ -477,7 +611,7 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | `lhci`     | Alias for Lighthouse CI   |
 | `lhci:run` | Run Lighthouse CI autorun |
 
----
+&nbsp;
 
 ### 📋 Audits / Validation
 
@@ -487,7 +621,7 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | `head:flatten`  | Flatten headers for Netlify                  |
 | `head:validate` | Validate headers file against project config |
 
----
+&nbsp;
 
 ### 🔄 Lifecycle Hooks
 
@@ -495,10 +629,14 @@ The following CLI commands are available via `npm run <script>` or `pnpm run <sc
 | ------------- | ----------------------------------- |
 | `postinstall` | Ensures version check after install |
 
-&nbsp;
+</section>
+
+<sub>[Back to top](#top)</sub>
 
 ---
 
+<section id="license">
+
 ## 🧾 License
 
 This project is licensed under:
@@ -509,11 +647,21 @@ This project is licensed under:
 
 Source code, branding, and visual assets are subject to reuse and distribution terms specified on our [Legal, Copyright, and Licensing page](https://netwk.pro/license).
 
-&nbsp;
+</section>
+
+<sub>[Back to top](#top)</sub>
+
+---
+
+<section id="questions">
 
 ## 🙋‍♂️Questions?
 
-Reach out via [netwk.pro/contact](https://netwk.pro/contact), open an issue on this repo, or email us directly at `contact (at) s.neteng.pro`.
+Reach out via our [Contact Form](https://netwk.pro/contact), open an issue on this repo, or email us directly at `support (at) neteng.pro`.
+
+</section>
+
+<sub>[Back to top](#top)</sub>
 
 &nbsp;
 
@@ -522,7 +670,7 @@ _Designed for professionals. Hardened for privacy. Built with intent._
 
 ---
 
-<div style="font-size: 12px; text-align: center;">
+<span style="font-size: 12px; text-align: center;">
 
 Copyright &copy; 2025  
 **[Network Pro Strategies](https://netwk.pro) (Network Pro&trade;)**
@@ -531,4 +679,6 @@ Network Pro&trade;, the shield logo, and the "Locking Down Networks&trade;" slog
 
 Licensed under **[CC BY 4.0](https://netwk.pro/license#cc-by)** and the **[GNU GPL](https://netwk.pro/license#gnu-gpl)**, as published by the [Free Software Foundation](https://www.fsf.org), either version 3 of the License, or (at your option) any later version.
 
-</div>
+</span>
+
+<!-- cspell:ignore cspreport toolconfig -->

package/_redirects

@@ -1,2 +1,5 @@
 https://www.netwk.pro/*  https://netwk.pro/:splat  301
 /privacy-policy          /privacy                  301
+
+# New redirect for Netlify function proxy
+/api/*                   /.netlify/functions/:splat  200

package/cspell.json

@@ -19,6 +19,7 @@
     "homescreen",
     "Izzy",
     "lhci",
+    "lifecycles",
     "lighthouseci",
     "lighthouserc",
     "lightningcss",
@@ -35,6 +36,7 @@
     "nosniff",
     "nosw",
     "npmjs",
+    "ntfy",
     "obtainium",
     "posthog",
     "SIEM",
@@ -45,6 +47,7 @@
     "subsites",
     "Supercookie",
     "supercookies",
+    "unregisters",
     "urlcheck",
     "vcard",
     "vite",

package/netlify/edge-functions/csp-report.js

@@ -0,0 +1,151 @@
+/* ==========================================================================
+edge-functions/csp-report.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * @file csp-report.js
+ * @description Netlify Edge Function to handle CSP violation reports.
+ *
+ * Accepts POST requests to /api/csp-report and logs relevant CSP reports.
+ * Filters out common low-value reports (e.g., img-src) to reduce invocation
+ * cost. Alerts on high-risk violations via ntfy topic.
+ *
+ * @module netlify/edge-functions
+ * @author SunDevil311
+ * @updated 2025-05-31
+ */
+
+/**
+ * Netlify Edge Function entry point for CSP reporting.
+ *
+ * @param {Request} request - The incoming HTTP request object
+ * @param {import('@netlify/edge-functions').Context} _context - The Netlify Edge Function context (unused)
+ * @returns {Promise<Response>} HTTP Response with status 204 or 405
+ */
+export default async (request, _context) => {
+  if (request.method !== "POST") {
+    return new Response("Method Not Allowed", { status: 405 });
+  }
+
+  try {
+    const body = await request.json();
+    const report = body["csp-report"];
+
+    // Ignore if report is missing or malformed
+    if (!report || typeof report !== "object") {
+      return new Response(null, { status: 204 });
+    }
+
+    const violated = report["violated-directive"] ?? "";
+    const blockedUri = report["blocked-uri"] ?? "";
+
+    // Filter: Skip img-src violations and empty URIs
+    const ignored = [
+      violated.startsWith("img-src"),
+      blockedUri === "",
+      blockedUri === "about",
+      blockedUri.startsWith("chrome-extension://"),
+      blockedUri.startsWith("moz-extension://"),
+    ].some(Boolean);
+
+    if (ignored) {
+      return new Response(null, { status: 204 });
+    }
+
+    // Send alert for high-risk directives
+    await sendToNtfy(violated, blockedUri, report);
+
+    // Log useful violations
+    console.log("[CSP-Edge] Violation:", {
+      directive: violated,
+      uri: blockedUri,
+      referrer: report["referrer"],
+      source: report["source-file"],
+      line: report["line-number"],
+    });
+  } catch (err) {
+    console.warn("[CSP-Edge] Failed to parse CSP report:", err.message);
+  }
+
+  return new Response(null, { status: 204 });
+};
+
+const recentViolations = new Map();
+const VIOLATION_TTL_MS = 60_000;
+
+/**
+ * Sends a high-priority alert to your ntfy topic for high-risk CSP violations.
+ * Applies rate-limiting to avoid sending duplicate alerts within 60 seconds.
+ *
+ * @param {string} violated - The violated CSP directive
+ * @param {string} blockedUri - The URI that was blocked
+ * @param {Record<string, any>} report - The full CSP report object
+ */
+async function sendToNtfy(violated, blockedUri, report) {
+  const highRiskDirectives = [
+    "script-src",
+    "form-action",
+    "frame-ancestors",
+    "base-uri",
+  ];
+
+  const directiveKey = violated.split(" ")[0]; // strip fallback values or sources
+  const isHighRisk = highRiskDirectives.includes(directiveKey);
+  console.log(`[CSP-Edge] Checking directive: ${directiveKey}`);
+  if (!isHighRisk) return;
+
+  const key = `${violated}|${blockedUri}`;
+  const now = Date.now();
+
+  // Skip and log if violation was reported recently
+  if (
+    recentViolations.has(key) &&
+    now - recentViolations.get(key) < VIOLATION_TTL_MS
+  ) {
+    console.log(`[CSP-Edge] Skipped duplicate alert for ${key}`);
+    return;
+  }
+
+  // Record the current timestamp
+  recentViolations.set(key, now);
+
+  // Cleanup old entries (memory-safe for low volume)
+  for (const [k, t] of recentViolations.entries()) {
+    if (now - t > VIOLATION_TTL_MS) {
+      recentViolations.delete(k);
+    }
+  }
+
+  const topicUrl = "https://ntfy.neteng.pro/csp-alerts";
+
+  const message = [
+    `🚨 CSP Violation Detected`,
+    `Directive: ${violated}`,
+    `Blocked URI: ${blockedUri}`,
+    `Referrer: ${report.referrer || "N/A"}`,
+    `Source: ${report["source-file"] || "N/A"}`,
+    `Line: ${report["line-number"] || "N/A"}`,
+  ].join("\n");
+
+  await fetch(topicUrl, {
+    method: "POST",
+    headers: {
+      "Content-Type": "text/plain",
+      "X-Title": "High-Risk CSP Violation",
+      "X-Priority": "5",
+    },
+    body: message,
+  });
+}
+
+/**
+ * Configuration block for the Edge Function.
+ * This sets the endpoint route to /api/csp-report
+ */
+export const config = {
+  path: "/api/csp-report",
+};

package/netlify.toml

@@ -11,9 +11,9 @@
   targetPort = 5173
   port = 8888
 
-[functions."*"]
-  node_bundler = "esbuild"
-  included_files = ["netlify-functions/**"]
+[[edge_functions]]
+  path = "/api/csp-report"
+  function = "csp-report"
 
 [[plugins]]
   package = "netlify-plugin-submit-sitemap"

package/package.json

@@ -4,7 +4,7 @@
   "sideEffects": [
     "./.netlify/shims.js"
   ],
-  "version": "1.7.6",
+  "version": "1.8.3",
   "description": "Locking Down Networks, Unlocking Confidence | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -80,7 +80,7 @@
     "nodemailer": "^7.0.3",
     "posthog-js": "^1.249.0",
     "semver": "^7.7.2",
-    "svelte": "5.33.10"
+    "svelte": "5.33.11"
   },
   "devDependencies": {
     "@eslint/compat": "^1.2.9",
@@ -97,7 +97,7 @@
     "browserslist": "^4.25.0",
     "eslint": "^9.28.0",
     "eslint-config-prettier": "^10.1.5",
-    "eslint-plugin-jsdoc": "^50.6.17",
+    "eslint-plugin-jsdoc": "^50.7.0",
     "eslint-plugin-svelte": "^3.9.0",
     "globals": "^16.2.0",
     "jsdom": "^26.1.0",

package/src/hooks.server.js

@@ -21,14 +21,11 @@ export async function handle({ event, resolve }) {
   const isProdEnvironment =
     process.env.NODE_ENV === "production" || process.env.ENV_MODE === "prod";
 
-  if (!isProdEnvironment) {
-    console.log("ENV_MODE:", process.env.ENV_MODE);
-  }
+  console.log("[CSP Debug] NODE_ENV:", process.env.NODE_ENV);
+  console.log("[CSP Debug] ENV_MODE:", process.env.ENV_MODE);
 
   // Determine report URI
-  const reportUri = isProdEnvironment
-    ? "/.netlify/functions/cspReport"
-    : "/api/mock-csp";
+  const reportUri = isProdEnvironment ? "/api/csp-report" : "/api/mock-csp";
 
   // Construct base policy
   const cspDirectives = [

package/src/lib/components/layout/HeaderDefault.svelte

@@ -79,7 +79,7 @@ This file is part of Network Pro.
       {#if label === "blog"}
         <br />
       {:else}
-        <span class="separator">|</span>
+        <span class="goldseparator">|</span>
       {/if}
     {/if}
   {/each}

package/src/lib/components/layout/HeaderHome.svelte

@@ -77,7 +77,7 @@ This file is part of Network Pro.
       {#if label === "blog"}
         <br />
       {:else}
-        <span class="separator">|</span>
+        <span class="goldseparator">|</span>
       {/if}
     {/if}
   {/each}

package/src/lib/pages/FossContent.svelte

@@ -46,7 +46,7 @@ This file is part of Network Pro.
    */
   const pageInfo = {
     title: "FOSS Spotlight",
-    lastUpdated: "May 26, 2025",
+    lastUpdated: "May 30, 2025",
   };
 
   /** @type {any} */
@@ -67,8 +67,7 @@ This file is part of Network Pro.
       href="https://spdx.dev/learn/handling-license-info"
       target={constants.targetBlank}>
       SPDX License Identifier
-    </a>
-    : &nbsp;<code>CC-BY-4.0 OR GPL-3.0-or-later</code>
+    </a>: &nbsp;<code>CC-BY-4.0 OR GPL-3.0-or-later</code>
   </span>
 </section>
 

package/src/lib/styles/css/default.css

@@ -439,8 +439,8 @@ footer .container {
 
 .center-nav {
   padding: 5px;
-  font-size: 0.875rem;
-  line-height: 1.125rem;
+  font-size: 1rem;
+  line-height: 1.5rem;
   text-align: center;
 }
 
@@ -497,3 +497,12 @@ footer .container {
   font-family: inherit; /* Ensure it uses the same font-family as normal text */
   font-style: normal; /* Remove italic for the description */
 }
+
+.goldseparator {
+  margin: 0 0.5rem;
+  color: #FFC627;
+}
+
+.gold {
+  color: #FFC627;
+}

package/src/lib/styles/global.min.css

@@ -3,4 +3,4 @@ Copyright © 2025 Network Pro Strategies (Network Pro™)
 SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
 This file is part of Network Pro.
 ========================================================================== */
-html{-webkit-text-size-adjust:100%}body{margin:0}main{display:block}h1{margin:.67em 0;font-size:2em}hr{box-sizing:content-box}pre{font-family:monospace;font-size:1em}a{background-color:#0000}abbr[title]{border-bottom:none;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace;font-size:1em}small{font-size:80%}sub,sup{vertical-align:baseline;font-size:75%;line-height:0;position:relative}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:100%;line-height:1.15}button,input{overflow:visible}button,select{text-transform:none}button,[type=button],[type=reset],[type=submit]{-webkit-appearance:button;appearance:button}button::-moz-focus-inner,[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner{border-style:none;padding:0}button:-moz-focusring,[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring{outline:1px dotted buttontext}fieldset{padding:.35em .75em .625em}legend{color:inherit;box-sizing:border-box;white-space:normal;max-width:100%;padding:0;display:table}progress{vertical-align:baseline}textarea{overflow:auto}[type=checkbox],[type=radio]{box-sizing:border-box;padding:0}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{font:inherit;-webkit-appearance:button}details{display:block}summary{display:list-item}template{display:none}html{color:#222;scroll-behavior:smooth;font-size:1em;line-height:1.4}::-moz-selection{text-shadow:none;background:#191919}::selection{text-shadow:none;background:#191919}hr{border:0;border-top:1px solid #ccc;height:1px;margin:1em 0;padding:0;display:block;overflow:visible}audio,canvas,iframe,img,svg,video{vertical-align:middle}fieldset{border:0;margin:0;padding:0}textarea{resize:vertical}body{color:#fafafa;background-color:#191919;margin:10px;font-family:Arial,Helvetica,sans-serif}a{text-decoration:none}a:link{color:#ffc627}a:hover,a:active{color:#ffc627;text-decoration:underline}a:focus{color:#191919;background-color:#ffc627}a:visited,a:visited:hover{color:#7f6227}.hidden,[hidden]{display:none!important}.visually-hidden{clip:rect(0,0,0,0);white-space:nowrap;border:0;width:1px;height:1px;margin:-1px;padding:0;position:absolute;overflow:hidden}.visually-hidden.focusable:active,.visually-hidden.focusable:focus{clip:auto;width:auto;height:auto;white-space:inherit;margin:0;position:static;overflow:visible}.invisible{visibility:hidden}.clearfix:before,.clearfix:after{content:"";display:table}.clearfix:after{clear:both}@media print{*,:before,:after{color:#000!important;box-shadow:none!important;text-shadow:none!important;background:#fff!important}a,a:visited{text-decoration:underline}a[href]:after{content:" (" attr(href)")"}abbr[title]:after{content:" (" attr(title)")"}a[href^=\#]:after,a[href^=javascript\:]:after{content:""}pre{white-space:pre-wrap!important}pre,blockquote{page-break-inside:avoid;border:1px solid #999}tr,img{page-break-inside:avoid}p,h2,h3{orphans:3;widows:3}h2,h3{page-break-after:avoid}}.full-width-section{background-position:50%;background-size:cover;width:100%;max-width:1920px;margin:0 auto}.container{max-width:1200px;margin:0 auto;padding:0 12px}.readable{max-width:900px;margin:0 auto}header,footer{width:100%}header .container,footer .container{max-width:1200px;margin:0 auto;padding:20px 12px}.gh{border-collapse:collapse;border-spacing:0;margin:0 auto}.gh td,.gh th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.gh .gh-tcell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.gh,.gh col{width:auto!important}.gh-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.soc{border-collapse:collapse;border-spacing:0;margin:0 auto}.soc td,.soc th{border-collapse:collapse;word-break:normal;padding:8px;overflow:hidden}.soc .soc-fa{text-align:center;vertical-align:middle}@media screen and (width<=767px){.soc,.soc col{width:auto!important}.soc-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.foss{border-collapse:collapse;border-spacing:0}.foss td,.foss th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.foss .foss-cell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.foss,.foss col{width:auto!important}.foss-wrap{-webkit-overflow-scrolling:touch;overflow-x:auto}}.bnav{text-align:center;border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav td,.bnav th{text-align:center;vertical-align:middle;word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav .bnav-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav,.bnav col{width:auto!important}.bnav-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.bnav2{border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav2 td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav2 th{word-break:normal;border-style:none;padding:12px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.bnav2 .bnav2-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav2,.bnav2 col{width:auto!important}.bnav2-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.pgp{border-collapse:collapse;border-spacing:0;margin:0 auto}.pgp td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp th{word-break:normal;border:1px solid #000;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp .pgp-col1{text-align:right;vertical-align:middle;padding-right:1rem}.pgp .pgp-col2{text-align:left;vertical-align:middle;padding-left:1rem}@media screen and (width<=767px){.pgp,.pgp col{width:auto!important}.pgp-wrap{-webkit-overflow-scrolling:touch;margin:2rem 0 auto;overflow-x:auto}}.logo{margin-left:auto;margin-right:auto;display:block}.index-title1{text-align:center;font-style:italic;font-weight:700}.index-title2{letter-spacing:-.015em;text-align:center;font-variant:small-caps;font-size:1.25rem;line-height:1.625rem}.index1{letter-spacing:-.035em;text-align:center;font-style:italic;font-weight:700;line-height:2.125rem}.index2{letter-spacing:-.035em;text-align:center;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.index3{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem}.index4{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem;text-decoration:underline}.subhead{letter-spacing:-.035em;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.bold{font-weight:700}.emphasis{font-style:italic}.uline{text-decoration:underline}.bolditalic{font-style:italic;font-weight:700}.bquote{border-left:3px solid #9e9e9e;margin-left:30px;padding-left:10px;font-style:italic}.small-text{font-size:.75rem;line-height:1.125rem}.large-text-center{text-align:center;font-size:1.25rem;line-height:1.75rem}.prewrap{white-space:pre-wrap;display:block}.hr-styled{width:75%;margin:auto}.center-text{text-align:center}.copyright{text-align:center;font-size:.75rem;line-height:1.125rem}.visited{color:#7f6227}.center-nav{text-align:center;padding:5px;font-size:.875rem;line-height:1.125rem}.block{resize:none;background:0 0;border:none;border-radius:0;outline:none;width:100%;font-size:.75rem;line-height:1.125rem}.fingerprint{white-space:pre-line;font-weight:700;display:block}.pgp-image{width:150px;height:150px}.spacer{margin:2rem 0}.separator{margin:0 .5rem}.emoji{margin-right:8px}.headline{margin-bottom:4px;font-style:italic;font-weight:700;display:block}.label{font-family:inherit;font-weight:700}.description{font-family:inherit;font-style:normal;font-weight:400;display:inline}
+html{-webkit-text-size-adjust:100%}body{margin:0}main{display:block}h1{margin:.67em 0;font-size:2em}hr{box-sizing:content-box}pre{font-family:monospace;font-size:1em}a{background-color:#0000}abbr[title]{border-bottom:none;text-decoration:underline dotted}b,strong{font-weight:bolder}code,kbd,samp{font-family:monospace;font-size:1em}small{font-size:80%}sub,sup{vertical-align:baseline;font-size:75%;line-height:0;position:relative}sub{bottom:-.25em}sup{top:-.5em}img{border-style:none}button,input,optgroup,select,textarea{margin:0;font-family:inherit;font-size:100%;line-height:1.15}button,input{overflow:visible}button,select{text-transform:none}button,[type=button],[type=reset],[type=submit]{-webkit-appearance:button;appearance:button}button::-moz-focus-inner,[type=button]::-moz-focus-inner,[type=reset]::-moz-focus-inner,[type=submit]::-moz-focus-inner{border-style:none;padding:0}button:-moz-focusring,[type=button]:-moz-focusring,[type=reset]:-moz-focusring,[type=submit]:-moz-focusring{outline:1px dotted buttontext}fieldset{padding:.35em .75em .625em}legend{color:inherit;box-sizing:border-box;white-space:normal;max-width:100%;padding:0;display:table}progress{vertical-align:baseline}textarea{overflow:auto}[type=checkbox],[type=radio]{box-sizing:border-box;padding:0}[type=number]::-webkit-inner-spin-button,[type=number]::-webkit-outer-spin-button{height:auto}[type=search]{-webkit-appearance:textfield;appearance:textfield;outline-offset:-2px}[type=search]::-webkit-search-decoration{-webkit-appearance:none}::-webkit-file-upload-button{font:inherit;-webkit-appearance:button}details{display:block}summary{display:list-item}template{display:none}html{color:#222;scroll-behavior:smooth;font-size:1em;line-height:1.4}::-moz-selection{text-shadow:none;background:#191919}::selection{text-shadow:none;background:#191919}hr{border:0;border-top:1px solid #ccc;height:1px;margin:1em 0;padding:0;display:block;overflow:visible}audio,canvas,iframe,img,svg,video{vertical-align:middle}fieldset{border:0;margin:0;padding:0}textarea{resize:vertical}body{color:#fafafa;background-color:#191919;margin:10px;font-family:Arial,Helvetica,sans-serif}a{text-decoration:none}a:link{color:#ffc627}a:hover,a:active{color:#ffc627;text-decoration:underline}a:focus{color:#191919;background-color:#ffc627}a:visited,a:visited:hover{color:#7f6227}.hidden,[hidden]{display:none!important}.visually-hidden{clip:rect(0,0,0,0);white-space:nowrap;border:0;width:1px;height:1px;margin:-1px;padding:0;position:absolute;overflow:hidden}.visually-hidden.focusable:active,.visually-hidden.focusable:focus{clip:auto;width:auto;height:auto;white-space:inherit;margin:0;position:static;overflow:visible}.invisible{visibility:hidden}.clearfix:before,.clearfix:after{content:"";display:table}.clearfix:after{clear:both}@media print{*,:before,:after{color:#000!important;box-shadow:none!important;text-shadow:none!important;background:#fff!important}a,a:visited{text-decoration:underline}a[href]:after{content:" (" attr(href)")"}abbr[title]:after{content:" (" attr(title)")"}a[href^=\#]:after,a[href^=javascript\:]:after{content:""}pre{white-space:pre-wrap!important}pre,blockquote{page-break-inside:avoid;border:1px solid #999}tr,img{page-break-inside:avoid}p,h2,h3{orphans:3;widows:3}h2,h3{page-break-after:avoid}}.full-width-section{background-position:50%;background-size:cover;width:100%;max-width:1920px;margin:0 auto}.container{max-width:1200px;margin:0 auto;padding:0 12px}.readable{max-width:900px;margin:0 auto}header,footer{width:100%}header .container,footer .container{max-width:1200px;margin:0 auto;padding:20px 12px}.gh{border-collapse:collapse;border-spacing:0;margin:0 auto}.gh td,.gh th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.gh .gh-tcell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.gh,.gh col{width:auto!important}.gh-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.soc{border-collapse:collapse;border-spacing:0;margin:0 auto}.soc td,.soc th{border-collapse:collapse;word-break:normal;padding:8px;overflow:hidden}.soc .soc-fa{text-align:center;vertical-align:middle}@media screen and (width<=767px){.soc,.soc col{width:auto!important}.soc-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.foss{border-collapse:collapse;border-spacing:0}.foss td,.foss th{border-collapse:collapse;word-break:normal;padding:10px 5px;overflow:hidden}.foss .foss-cell{text-align:center;vertical-align:middle}@media screen and (width<=767px){.foss,.foss col{width:auto!important}.foss-wrap{-webkit-overflow-scrolling:touch;overflow-x:auto}}.bnav{text-align:center;border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav td,.bnav th{text-align:center;vertical-align:middle;word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav .bnav-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav,.bnav col{width:auto!important}.bnav-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.bnav2{border-collapse:collapse;border-spacing:0;margin:0 auto}.bnav2 td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;font-weight:700;line-height:1.125rem;overflow:hidden}.bnav2 th{word-break:normal;border-style:none;padding:12px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.bnav2 .bnav2-cell{text-align:center;vertical-align:middle;align-content:center}@media screen and (width<=767px){.bnav2,.bnav2 col{width:auto!important}.bnav2-wrap{-webkit-overflow-scrolling:touch;margin:auto 0;overflow-x:auto}}.pgp{border-collapse:collapse;border-spacing:0;margin:0 auto}.pgp td{word-break:normal;border-style:none;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp th{word-break:normal;border:1px solid #000;padding:10px;font-size:.875rem;line-height:1.125rem;overflow:hidden}.pgp .pgp-col1{text-align:right;vertical-align:middle;padding-right:1rem}.pgp .pgp-col2{text-align:left;vertical-align:middle;padding-left:1rem}@media screen and (width<=767px){.pgp,.pgp col{width:auto!important}.pgp-wrap{-webkit-overflow-scrolling:touch;margin:2rem 0 auto;overflow-x:auto}}.logo{margin-left:auto;margin-right:auto;display:block}.index-title1{text-align:center;font-style:italic;font-weight:700}.index-title2{letter-spacing:-.015em;text-align:center;font-variant:small-caps;font-size:1.25rem;line-height:1.625rem}.index1{letter-spacing:-.035em;text-align:center;font-style:italic;font-weight:700;line-height:2.125rem}.index2{letter-spacing:-.035em;text-align:center;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.index3{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem}.index4{letter-spacing:-.035em;text-align:center;font-size:1.5rem;line-height:1.75rem;text-decoration:underline}.subhead{letter-spacing:-.035em;font-variant:small-caps;font-size:1.5rem;line-height:1.75rem}.bold{font-weight:700}.emphasis{font-style:italic}.uline{text-decoration:underline}.bolditalic{font-style:italic;font-weight:700}.bquote{border-left:3px solid #9e9e9e;margin-left:30px;padding-left:10px;font-style:italic}.small-text{font-size:.75rem;line-height:1.125rem}.large-text-center{text-align:center;font-size:1.25rem;line-height:1.75rem}.prewrap{white-space:pre-wrap;display:block}.hr-styled{width:75%;margin:auto}.center-text{text-align:center}.copyright{text-align:center;font-size:.75rem;line-height:1.125rem}.visited{color:#7f6227}.center-nav{text-align:center;padding:5px;font-size:1rem;line-height:1.5rem}.block{resize:none;background:0 0;border:none;border-radius:0;outline:none;width:100%;font-size:.75rem;line-height:1.125rem}.fingerprint{white-space:pre-line;font-weight:700;display:block}.pgp-image{width:150px;height:150px}.spacer{margin:2rem 0}.separator{margin:0 .5rem}.emoji{margin-right:8px}.headline{margin-bottom:4px;font-style:italic;font-weight:700;display:block}.label{font-family:inherit;font-weight:700}.description{font-family:inherit;font-style:normal;font-weight:400;display:inline}.goldseparator{color:#ffc627;margin:0 .5rem}.gold{color:#ffc627}

package/src/routes/status/+page.server.js

@@ -0,0 +1,32 @@
+/* ==========================================================================
+src/routes/status/+page.server.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * Server-side load function for /status route.
+ *
+ * Logs runtime environment variables for debugging purposes.
+ * This function executes on the server during SSR and is used to verify
+ * that environment variables (e.g., ENV_MODE and NODE_ENV) are properly
+ * injected and available during runtime in Netlify's SSR context.
+ *
+ * @module src/routes/status
+ * @author SunDevil311
+ * @updated 2025-05-31
+ */
+
+export const prerender = false;
+
+/**
+ * @function load
+ * @returns {{ ok: boolean }} Response indicating successful execution
+ */
+export function load() {
+  console.log("[Status Debug] ENV_MODE:", process.env.ENV_MODE);
+  console.log("[Status Debug] NODE_ENV:", process.env.NODE_ENV);
+  return { ok: true };
+}

package/tests/unit/csp-report.test.js

@@ -0,0 +1,81 @@
+/* ==========================================================================
+tests/unit/csp-report.test.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * Tests the edge-functions/csp-report.js CSP reporting endpoint
+ *
+ * @module tests/unit
+ * @author SunDevil311
+ * @updated 2025-05-31
+ */
+
+/** @file Unit tests for edge-functions/csp-report.js using Vitest */
+/** @typedef {import('vitest').TestContext} TestContext */
+
+import { beforeEach, describe, expect, it, vi } from "vitest";
+import handler from "../../netlify/edge-functions/csp-report.js";
+
+// 🧪 Mock fetch used by sendToNtfy inside the Edge Function
+global.fetch = vi.fn(() =>
+  Promise.resolve({ ok: true, status: 200, text: () => "OK" }),
+);
+
+describe("csp-report.js", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+  });
+
+  it("should handle a valid CSP report", async () => {
+    const req = new Request("http://localhost/api/csp-report", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        "csp-report": {
+          "document-uri": "https://example.com",
+          "violated-directive": "script-src",
+          "blocked-uri": "https://malicious.site",
+        },
+      }),
+    });
+
+    const res = await handler(req, {});
+    expect(res.status).toBe(204);
+  });
+
+  it("should reject non-POST requests", async () => {
+    const req = new Request("http://localhost/api/csp-report", {
+      method: "GET",
+    });
+
+    const res = await handler(req, {});
+    const text = await res.text();
+    expect(res.status).toBe(405);
+    expect(text).toContain("Method Not Allowed");
+  });
+
+  it("should handle malformed JSON", async () => {
+    const badJson = "{ invalid json }";
+    const req = new Request("http://localhost/api/csp-report", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: badJson,
+    });
+
+    const res = await handler(req, {});
+    expect(res.status).toBe(204); // The current handler swallows errors silently
+  });
+
+  it("should handle missing body", async () => {
+    const req = new Request("http://localhost/api/csp-report", {
+      method: "POST",
+    });
+
+    const res = await handler(req, {});
+    expect(res.status).toBe(204); // No body is also treated silently
+  });
+});

package/netlify-functions/cspReport.js

@@ -1,76 +0,0 @@
-/* ==========================================================================
-netlify-functions/cspReport.js
-
-Copyright © 2025 Network Pro Strategies (Network Pro™)
-SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
-This file is part of Network Pro.
-========================================================================== */
-
-/**
- * @file cspReport.js
- * @description Sets up a CSP reporting endpoint with email notifications, to be deployed as a Netlify function.
- * @module netlify-functions
- * @author SunDevil311
- * @updated 2025-05-29
- */
-
-import nodemailer from "nodemailer";
-
-/**
- * Netlify Function: CSP violation report handler
- *
- * @param {import('@netlify/functions').HandlerEvent} event - Incoming Netlify request
- * @returns {Promise<import('@netlify/functions').HandlerResponse>} - Netlify-compatible HTTP response
- */
-export async function handler(event) {
-  try {
-    if (event.httpMethod !== "POST") {
-      return {
-        statusCode: 405,
-        body: "Method Not Allowed",
-      };
-    }
-
-    if (!event.body) {
-      return {
-        statusCode: 400,
-        body: "No body provided",
-      };
-    }
-
-    /** @type {Record<string, any>} */
-    const report = JSON.parse(event.body);
-    const violation = report["csp-report"] || report;
-
-    const shouldSendEmail =
-      process.env.MAIL_ENABLED !== "false" && process.env.NODE_ENV !== "test";
-
-    if (shouldSendEmail) {
-      const transporter = nodemailer.createTransport({
-        host: process.env.SMTP_HOST,
-        port: 465,
-        secure: true,
-        auth: {
-          user: process.env.SMTP_USER,
-          pass: process.env.SMTP_PASS,
-        },
-      });
-
-      await transporter.sendMail({
-        from: `"CSP Reporter" <${process.env.SMTP_USER}>`,
-        to: process.env.NOTIFY_EMAIL,
-        subject: "🚨 CSP Violation Detected",
-        text: JSON.stringify(violation, null, 2),
-      });
-    }
-
-    return {
-      statusCode: 204,
-    };
-  } catch (error) {
-    return {
-      statusCode: 400,
-      body: `Invalid JSON: ${error instanceof Error ? error.message : "Unknown error"}`,
-    };
-  }
-}

package/tests/unit/cspReport.test.js

@@ -1,81 +0,0 @@
-/* ==========================================================================
-tests/unit/cspReport.test.js
-
-Copyright © 2025 Network Pro Strategies (Network Pro™)
-SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
-This file is part of Network Pro.
-========================================================================== */
-
-/** @file Unit tests for netlify-functions/cspReport.js using Vitest */
-/** @typedef {import('vitest').TestContext} TestContext */
-
-import { beforeEach, describe, expect, it, vi } from "vitest";
-import { handler } from "../../netlify-functions/cspReport.js";
-
-// 🧪 Force test mode
-process.env.NODE_ENV = "test";
-process.env.MAIL_ENABLED = "true"; // Still ignored due to NODE_ENV === test
-
-// 🧪 Mock nodemailer to prevent real email sending
-vi.mock("nodemailer", async () => {
-  return {
-    default: {
-      createTransport: () => ({
-        sendMail: vi.fn().mockResolvedValue({}),
-      }),
-    },
-  };
-});
-
-describe("cspReport.js", () => {
-  beforeEach(() => {
-    vi.clearAllMocks(); // reset mocks if needed
-  });
-
-  it("should handle valid CSP report", async () => {
-    /** @type {import('netlify/functions').HandlerEvent} */
-    const event = {
-      httpMethod: "POST",
-      body: JSON.stringify({
-        "csp-report": {
-          "document-uri": "https://example.com",
-          "violated-directive": "script-src",
-        },
-      }),
-    };
-
-    const response = await handler(event);
-    expect(response.statusCode).toBe(204);
-  });
-
-  it("should reject GET requests", async () => {
-    /** @type {import('netlify/functions').HandlerEvent} */
-    const event = { httpMethod: "GET" };
-    const response = await handler(event);
-    expect(response.statusCode).toBe(405);
-    expect(response.body).toContain("Method Not Allowed");
-  });
-
-  it("should handle malformed JSON", async () => {
-    /** @type {import('netlify/functions').HandlerEvent} */
-    const event = {
-      httpMethod: "POST",
-      body: "{ bad json }",
-    };
-
-    const response = await handler(event);
-    expect(response.statusCode).toBe(400);
-    expect(response.body).toContain("Invalid JSON");
-  });
-
-  it("should handle missing body", async () => {
-    /** @type {import('netlify/functions').HandlerEvent} */
-    const event = {
-      httpMethod: "POST",
-    };
-
-    const response = await handler(event);
-    expect(response.statusCode).toBe(400);
-    expect(response.body).toContain("No body provided");
-  });
-});