soames-gatsby-theme 0.1.2 → 0.1.4

package/README.md

@@ -18,14 +18,20 @@ npm install soames-gatsby-theme
 
 ## Known Security Notices
 
-During installation, you may encounter audit warnings for two high-severity vulnerabilities related to the cookie and path-to-regexp packages. These packages are used internally by Gatsby’s development tooling, specifically:
+After installation, `npm audit` will report a number of vulnerabilities. All remaining issues fall into two categories:
 
-cookie is included via express and socket.io, which Gatsby uses for its hot-reloading dev server.
+**Gatsby dev-server tooling** — packages used only during local development (`gatsby develop`) and not included in the production static build:
 
-path-to-regexp is also included by express and only used during local development.
+- `cookie`, `path-to-regexp` — used by express and socket.io for Gatsby’s hot-reloading dev server
+- `@parcel/reporter-dev-server` — Gatsby’s internal build tooling
+- `webpack`, `serialize-javascript` — bundler used at build time, not present in the output
+- `tmp` — used by CLI tooling (inquirer) internal to Gatsby’s dependency tree
 
-These dependencies are not included in the production build of your site. Gatsby generates static HTML, CSS, and JS files that do not use these server-side tools.
+**Build-time data-fetching dependencies** — packages used to pull content from WordPress at build time and not included in the deployed site:
 
-As of this version, these issues do not pose a risk to end users or affect the final deployed site. They will be resolved in future versions as Gatsby and its related plugins are updated.
+- `showdown` — pulled in by `@wordpress/blocks` for block rendering; no upstream fix available as of this version
+- `file-type`, `uuid` — used by `gatsby-source-wordpress` for media processing and internal queuing
 
-You can safely ignore these warnings unless you're modifying or redistributing the Gatsby development server code itself.
+Gatsby generates static HTML, CSS, and JS files. None of the packages above are included in your deployed site or exposed to end users.
+
+These issues cannot be resolved without breaking changes to core Gatsby dependencies and will be addressed in future versions as Gatsby and its plugins are updated. You can safely ignore these warnings unless you are modifying or redistributing the Gatsby development tooling itself.

package/dist/src/components/shortcodes/SoamesVideo.js

@@ -3,6 +3,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 const jsx_runtime_1 = require("react/jsx-runtime");
 const SoamesVideo = ({ attributes }) => {
     const { link, title } = attributes;
-    return ((0, jsx_runtime_1.jsx)("section", { className: "soames-video-container", children: (0, jsx_runtime_1.jsx)("figure", { className: "soames-figure align-center container", children: (0, jsx_runtime_1.jsx)("div", { className: "video-block", children: (0, jsx_runtime_1.jsx)("div", { className: "video-wrapper", children: (0, jsx_runtime_1.jsx)("iframe", { height: "580", width: "360", src: link, title: title ?? "Embedded video", frameBorder: "0", allow: "accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share", allowFullScreen: true }) }) }) }) }));
+    return ((0, jsx_runtime_1.jsx)("section", { className: "soames-video-container", children: (0, jsx_runtime_1.jsx)("figure", { className: "soames-figure align-center container", children: (0, jsx_runtime_1.jsx)("div", { className: "video-block", children: (0, jsx_runtime_1.jsx)("div", { className: "video-wrapper", children: (0, jsx_runtime_1.jsx)("iframe", { height: "580", width: "360", src: link, title: title ?? "Embedded video", frameBorder: "0", allow: "accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share", referrerPolicy: "strict-origin-when-cross-origin", allowFullScreen: true }) }) }) }) }));
 };
 exports.default = SoamesVideo;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "soames-gatsby-theme",
-  "version": "0.1.2",
+  "version": "0.1.4",
   "description": "A customizable Gatsby theme for personal websites using WordPress as a headless CMS.",
   "main": "dist/gatsby-config.js",
   "scripts": {

package/src/components/shortcodes/SoamesVideo.tsx

@@ -22,6 +22,7 @@ const SoamesVideo: React.FC<SoamesVideoProps> = ({ attributes }) => {
               title={title ?? "Embedded video"}
               frameBorder="0"
               allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share"
+              referrerPolicy="strict-origin-when-cross-origin"
               allowFullScreen
             ></iframe>
           </div>

package/dist/gatsby-node.js

@@ -1,7 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.createPages = void 0;
-const createPages = async ({ actions }) => {
-    // Add dynamic page creation logic here if needed
-};
-exports.createPages = createPages;

package/dist/src/pages/index.js

@@ -1,9 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const jsx_runtime_1 = require("react/jsx-runtime");
-const Layout_1 = __importDefault(require("../components/Layout"));
-const Home = () => ((0, jsx_runtime_1.jsx)(Layout_1.default, { children: (0, jsx_runtime_1.jsx)("p", { children: "Welcome to the TypeScript version of Soames Gatsby Theme!" }) }));
-exports.default = Home;