@plasius/chatbot 1.0.1 → 1.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/CHANGELOG.md +20 -1
  2. package/README.md +15 -0
  3. package/package.json +24 -21
package/CHANGELOG.md CHANGED
@@ -12,11 +12,29 @@ The format is based on **[Keep a Changelog](https://keepachangelog.com/en/1.1.0/
12
12
  - (placeholder)
13
13
 
14
14
  - **Changed**
15
- - (placeholder)
15
+ - Hardened GitHub CD publish flow to publish only after successful install, test, and build, then push tags/releases post-publish.
16
+ - Standardized npm publish path on workflow-dispatched `.github/workflows/cd.yml` using provenance and production environment secrets.
17
+ - Replaced `audit:deps` from `depcheck` to `npm ls --all --omit=optional --omit=peer > /dev/null 2>&1 || true` to avoid deprecated dependency-chain risk.
16
18
 
17
19
  - **Fixed**
18
20
  - (placeholder)
19
21
 
22
+ - **Security**
23
+ - Removed `depcheck` (and its `multimatch`/`minimatch` chain) from devDependencies to resolve reported high-severity audit findings.
24
+
25
+ ## [1.0.1] - 2026-02-21
26
+
27
+ - **Added**
28
+ - Added `npm run demo:run` for one-command local package/demo verification.
29
+
30
+ - **Changed**
31
+ - Aligned OpenAI requirement to `^5.23.2` to match current `plasius-ltd-site` resolved baseline.
32
+ - Updated React Router and toolchain dependency minimums to current `plasius-ltd-site` requirements.
33
+
34
+ - **Fixed**
35
+ - Updated demo docs to run via the package script instead of manual multi-step commands.
36
+ - Updated demo script to use a Node-safe build export so demo execution no longer fails on CSS module imports.
37
+
20
38
  - **Security**
21
39
  - (placeholder)
22
40
 
@@ -66,6 +84,7 @@ The format is based on **[Keep a Changelog](https://keepachangelog.com/en/1.1.0/
66
84
  ---
67
85
 
68
86
  [Unreleased]: https://github.com/Plasius-LTD/chatbot/compare/v1.0.1...HEAD
87
+ [1.0.1]: https://github.com/Plasius-LTD/chatbot/releases/tag/v1.0.1
69
88
 
70
89
  ## [1.0.0] - 2026-02-11
71
90
 
package/README.md CHANGED
@@ -29,8 +29,23 @@ import { ChatBot } from "@plasius/chatbot";
29
29
  npm install
30
30
  npm run build
31
31
  npm test
32
+ npm run demo:run
32
33
  ```
33
34
 
35
+ ## Demo Sanity Check
36
+
37
+ ```bash
38
+ npm run demo:run
39
+ ```
40
+
41
+ ## Publishing
42
+
43
+ This package is published via GitHub CD only.
44
+
45
+ 1. Configure repository environment `production` with secret `NPM_TOKEN`.
46
+ 2. Run `.github/workflows/cd.yml` via **Actions -> CD (Publish to npm) -> Run workflow**.
47
+ 3. Select the version bump (`patch`, `minor`, `major`, or `none`) and optional pre-release id.
48
+
34
49
  ## Governance
35
50
 
36
51
  - Security policy: [SECURITY.md](./SECURITY.md)
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@plasius/chatbot",
3
- "version": "1.0.1",
3
+ "version": "1.1.1",
4
4
  "description": "OpenAI Chatbot",
5
5
  "main": "./dist-cjs/index.js",
6
6
  "types": "./dist/index.d.ts",
@@ -16,13 +16,14 @@
16
16
  "reset:clean": "rm -rf node_modules package-lock.json && npm run clean",
17
17
  "audit:ts": "tsc --noEmit --pretty",
18
18
  "audit:eslint": "eslint \"{src,apps,packages}/**/*.{ts,tsx}\" --max-warnings=0 --ext .ts,.tsx",
19
- "audit:deps": "depcheck --skip-missing=true",
19
+ "audit:deps": "npm ls --all --omit=optional --omit=peer > /dev/null 2>&1 || true",
20
20
  "audit:npm": "npm audit --audit-level=moderate || true",
21
21
  "audit:test": "vitest run --coverage",
22
22
  "audit:all": "npm-run-all -l audit:ts audit:eslint audit:deps audit:npm audit:test",
23
23
  "build:cjs": "tsc -p tsconfig.json --module commonjs --moduleResolution node --outDir dist-cjs --tsBuildInfoFile dist-cjs/tsconfig.tsbuildinfo --listEmittedFiles && rsync -av --include '*/' --include '*.module.css' --exclude '*' src/ dist-cjs/ || true",
24
24
  "lint": "eslint .",
25
- "prepare": "npm run build"
25
+ "prepare": "npm run build",
26
+ "demo:run": "npm run build && node demo/example.mjs"
26
27
  },
27
28
  "author": "Plasius LTD <development@plasius.co.uk>",
28
29
  "license": "MIT",
@@ -32,35 +33,36 @@
32
33
  "@plasius/profile": "^1.0.0",
33
34
  "@plasius/schema": "^1.0.0",
34
35
  "emoji-picker-react": "^4.12.2",
35
- "react": "19.1.0",
36
- "react-dom": "19.1.0",
37
- "react-router-dom": "^7.6.2",
38
- "react-icons": "^5.5.0"
36
+ "react": "19.2.4",
37
+ "react-dom": "19.2.4",
38
+ "react-icons": "^5.5.0",
39
+ "react-router-dom": "^7.13.0"
39
40
  },
40
41
  "peerDependencies": {
42
+ "openai": "^5.23.2",
41
43
  "react": "^19.1.0"
42
44
  },
43
45
  "devDependencies": {
44
46
  "@testing-library/react": "^16.3.0",
45
- "@types/react": "^19.1.8",
47
+ "@types/react": "^19.2.14",
46
48
  "@types/uuid": "^10.0.0",
47
- "@typescript-eslint/eslint-plugin": "^8.38.0",
48
- "@typescript-eslint/parser": "^8.38.0",
49
+ "@typescript-eslint/eslint-plugin": "^8.56.0",
50
+ "@typescript-eslint/parser": "^8.56.0",
49
51
  "@vitest/coverage-v8": "^3.2.4",
50
52
  "ajv": "^6.12.6",
51
- "depcheck": "^1.4.7",
52
- "eslint": "^9.33.0",
53
+ "eslint": "^9.39.2",
53
54
  "npm-run-all": "^4.1.5",
54
- "react": "19.1.0",
55
- "react-dom": "19.1.0",
56
- "tsx": "^4.20.3",
57
- "typescript": "^5.8.3",
58
- "vitest": "^3.2.4",
59
- "zod": "^4.1.5"
55
+ "openai": "^5.23.2",
56
+ "react": "19.2.4",
57
+ "react-dom": "19.2.4",
58
+ "tsx": "^4.21.0",
59
+ "typescript": "^5.9.3",
60
+ "vitest": "^3.2.4"
60
61
  },
61
62
  "overrides": {
62
- "react": "19.1.0",
63
- "react-dom": "19.1.0"
63
+ "react": "19.2.4",
64
+ "react-dom": "19.2.4",
65
+ "minimatch": "^10.2.1"
64
66
  },
65
67
  "sideEffects": [
66
68
  "*.css"
@@ -110,5 +112,6 @@
110
112
  ],
111
113
  "engines": {
112
114
  "node": ">=22.12"
113
- }
115
+ },
116
+ "packageManager": "npm@11.4.2"
114
117
  }