v1.25.23 - 2026-01-04

Changed

• Updated README.md to accurately reflect hosting.
• Updated timestamp in static/.well-known/security.txt and created a new detached signature.
• Bumped project version to v1.25.23.

---

Full Changelog: v1.25.22...v1.25.23

v1.25.22 — CI Hardening & Dependency Security

This release focuses on improving CI security, reliability, and maintenance hygiene.

• Hardened the Gitleaks workflow to safely handle forked PRs and exclude Dependabot, preventing secret-related failures.
• Added guarded, redacted secret scan summaries and restricted artifacts, issues, and notifications to trusted contexts only.
• Stopped tracking generated .svelte-kit files to reduce noise and accidental commits.
• Addressed CVE-2025-15284 by enforcing a transitive dependency override for qs (^6.14.1).
• Updated several dependencies and removed a non-functional Mastodon verification.

Overall, this release improves supply-chain security, CI robustness, and developer experience with no functional breaking changes.

---

Full Changelog: v1.25.21...v1.25.22

v1.25.21 - 2025-12-27

Added

• Added Mastodon verification to src/routes/posts/+page.svelte via <svelte:head>.

Changed

• Updated intro paragraph of README.md to better reflect the company's current mission, focus, and messaging.
• Bumped project version to v1.25.21.
• Updated dependencies:
  • @testing-library/svelte ^5.3.0 → ^5.3.1
  • jsdom 27.3.0 → 27.4.0

---

Full Changelog: v1.25.20...v1.25.21

v1.25.20 - 2025-12-25

Added

• Added VERSIONING.md to document the project’s versioning strategy.

Changed

• Updated .lighthouse.cjs to utilize https://netwk.pro as the target.
• Removed Services route from sitemap.xml and refreshed last modified timestamps.
• Updated README.md to clarify the project's versioning strategy and changelog format.
• Updated src/routes/+page.svelte to apply containerClass="readable" to <FullWidthSection> for improved readability.
• Revised homepage and About page content (HomeContent.svelte and AboutContent.svelte) to better reflect the company’s current mission, focus, and messaging.
• Bumped project version to v1.25.20.

Removed

• Removed Services from primary navigation (HeaderDefault.svelte and HeaderHome.svelte).
• Removed references to home implementation services from AboutContent.svelte.
  • This change reflects a clarified focus on internal research, education, advocacy, and selectively aligned consulting, rather than broad outward-facing service offerings.

---

Full Changelog: v1.25.19...v1.25.20

v1.25.19 — Maintenance & Tooling Updates

This release focuses on CI/CD modernization, dependency updates, and minor documentation fixes.

• CI/CD: Updated GitHub Actions workflows to the latest major versions (actions/checkout@v6, upload-artifact@v6, download-artifact@v7) across all pipelines.
• Runtime: Updated Node.js version to v24.12.0 via .node-version and .nvmrc.
• Dependencies: Routine upgrades across ESLint, Svelte, Vite, testing utilities, and related tooling.
• Docs: Corrected README.md to accurately reflect subsite hosting on Vercel and Netlify.
• Chore: Version bump to v1.25.19.

No functional or behavioral changes expected; this is a maintenance-focused release.

---

Full Changelog: v1.25.18...v1.25.19

v1.25.18 - 2025-12-11

Changed

• Refreshed timestamp for root route in sitemap.xml.
• Reformatted the following files with Prettier:
  • src/lib/README.md
  • src/lib/pages/LicenseContent.svelte
  • src/lib/pages/PrivacyContent.svelte
  • src/lib/pages/TermsUseContent.svelte
• Bumped project version to v1.25.18.
• Updated dependencies:
  • prettier 3.6.2 → 3.7.4

🚀 v1.25.17 — Improved SSR Safety, Service Worker Cleanup, Dependency Updates

This release strengthens SSR reliability, improves build stability, and updates several core dependencies.

Highlights

• Added SSR boundary protection tests to prevent Node-only imports from leaking into client bundles.
• Refactored service-worker.js for clearer async logic and cleaner lint behavior.
• Updated purify.js to use import.meta.env.SSR, fixing jsdom-related build issues.
• Improved ESLint handling of unused error parameters.
• Refreshed QR code assets, metadata, contact info, and GitHub workflow tooling.
• Upgraded SvelteKit, Vite, jsdom, DOMPurify, Playwright, and other dependencies.

v1.25.16 - 2025-11-18

Changed

• Removed vercel-insights.com from the disallowedHosts list in service-worker.js.

Removed

• Removed https://vercel-insights.com from script-src and connect-src in hooks.server.js.

Notes

• Analytics: Reverted Vercel Analytics integration due to inline script injection requirement. Continuing with PostHog Cloud until migration to CSP-compliant Matomo is feasible.

---

Full Changelog: v1.25.15...v1.25.16

v1.25.15 - 2025-11-18

Added

• Added https://vercel-insights.com to script-src and connect-src in hooks.server.js to allow for Vercel Analytics.

Changed

• Added vercel-insights.com to the disallowedHosts list in service-worker.js, in order to prevent SW caching.
• Bumped project version to v1.25.15.
• Updated dependencies:
  • svelte 5.43.10 → 5.43.12

---

Full Changelog: v1.25.14...v1.25.15

v1.25.14 - 2025-11-18

Changed

• Bumped project version to v1.25.14.
• Updated dependencies:
  • svelte 5.43.7 → 5.43.10
  • posthog-js ^1.293.0 → ^1.295.0

Security

• Added transitive dependency override for glob to ^11.1.0, in order to address CVE-2025-64756.

---

Full Changelog: v1.25.13...v1.25.14