🚀 v1.26.0 — January 10, 2026

This release focuses on polish, clarity, and tooling updates, with improvements to content, navigation styling, documentation, and test infrastructure.

Highlights

• Refined home page messaging to better emphasize security and privacy.
• Improved header navigation styling for cleaner external link icon alignment across layouts.
• Updated copyright headers and application metadata to reflect 2025–2026.
• Clarified repository distribution intent and reuse expectations in the README.
• Updated generator metadata to SvelteKit 2.49.4.

Tooling & Dependencies

• Updated test tooling for Vitest 4.x compatibility.
• Removed outdated Vitest version constraints from update tooling.
• Dependency updates include SvelteKit, Vitest, ESLint tooling, and related plugins.

This release contains no breaking changes and is safe to upgrade.

---

Full Changelog: v1.25.24...v1.26.0

v1.25.24 - 2026-01-07

Changed

• Updated generator metadata in src/app.html to reflect SvelteKit 2.49.3.
• Bumped project version to v1.25.24.
• Updated dependencies:
  • @sveltejs/kit 2.49.2 → 2.49.3
  • @sveltejs/vite-plugin-svelte ^6.2.1 → ^6.2.3
  • vite ^7.3.0 → ^7.3.1
  • @sveltejs/adapter-vercel ^6.2.0 → ^6.3.0
  • eslint-plugin-svelte ^3.13.1 → ^3.14.0
  • posthog-js ^1.313.0 → ^1.315.1

---

Full Changelog: v1.25.23...v1.25.24

v1.25.23 - 2026-01-04

Changed

• Updated README.md to accurately reflect hosting.
• Updated timestamp in static/.well-known/security.txt and created a new detached signature.
• Bumped project version to v1.25.23.

---

Full Changelog: v1.25.22...v1.25.23

v1.25.22 — CI Hardening & Dependency Security

This release focuses on improving CI security, reliability, and maintenance hygiene.

• Hardened the Gitleaks workflow to safely handle forked PRs and exclude Dependabot, preventing secret-related failures.
• Added guarded, redacted secret scan summaries and restricted artifacts, issues, and notifications to trusted contexts only.
• Stopped tracking generated .svelte-kit files to reduce noise and accidental commits.
• Addressed CVE-2025-15284 by enforcing a transitive dependency override for qs (^6.14.1).
• Updated several dependencies and removed a non-functional Mastodon verification.

Overall, this release improves supply-chain security, CI robustness, and developer experience with no functional breaking changes.

---

Full Changelog: v1.25.21...v1.25.22

v1.25.21 - 2025-12-27

Added

• Added Mastodon verification to src/routes/posts/+page.svelte via <svelte:head>.

Changed

• Updated intro paragraph of README.md to better reflect the company's current mission, focus, and messaging.
• Bumped project version to v1.25.21.
• Updated dependencies:
  • @testing-library/svelte ^5.3.0 → ^5.3.1
  • jsdom 27.3.0 → 27.4.0

---

Full Changelog: v1.25.20...v1.25.21

v1.25.20 - 2025-12-25

Added

• Added VERSIONING.md to document the project’s versioning strategy.

Changed

• Updated .lighthouse.cjs to utilize https://netwk.pro as the target.
• Removed Services route from sitemap.xml and refreshed last modified timestamps.
• Updated README.md to clarify the project's versioning strategy and changelog format.
• Updated src/routes/+page.svelte to apply containerClass="readable" to <FullWidthSection> for improved readability.
• Revised homepage and About page content (HomeContent.svelte and AboutContent.svelte) to better reflect the company’s current mission, focus, and messaging.
• Bumped project version to v1.25.20.

Removed

• Removed Services from primary navigation (HeaderDefault.svelte and HeaderHome.svelte).
• Removed references to home implementation services from AboutContent.svelte.
  • This change reflects a clarified focus on internal research, education, advocacy, and selectively aligned consulting, rather than broad outward-facing service offerings.

---

Full Changelog: v1.25.19...v1.25.20

v1.25.19 — Maintenance & Tooling Updates

This release focuses on CI/CD modernization, dependency updates, and minor documentation fixes.

• CI/CD: Updated GitHub Actions workflows to the latest major versions (actions/checkout@v6, upload-artifact@v6, download-artifact@v7) across all pipelines.
• Runtime: Updated Node.js version to v24.12.0 via .node-version and .nvmrc.
• Dependencies: Routine upgrades across ESLint, Svelte, Vite, testing utilities, and related tooling.
• Docs: Corrected README.md to accurately reflect subsite hosting on Vercel and Netlify.
• Chore: Version bump to v1.25.19.

No functional or behavioral changes expected; this is a maintenance-focused release.

---

Full Changelog: v1.25.18...v1.25.19

v1.25.18 - 2025-12-11

Changed

• Refreshed timestamp for root route in sitemap.xml.
• Reformatted the following files with Prettier:
  • src/lib/README.md
  • src/lib/pages/LicenseContent.svelte
  • src/lib/pages/PrivacyContent.svelte
  • src/lib/pages/TermsUseContent.svelte
• Bumped project version to v1.25.18.
• Updated dependencies:
  • prettier 3.6.2 → 3.7.4

🚀 v1.25.17 — Improved SSR Safety, Service Worker Cleanup, Dependency Updates

This release strengthens SSR reliability, improves build stability, and updates several core dependencies.

Highlights

• Added SSR boundary protection tests to prevent Node-only imports from leaking into client bundles.
• Refactored service-worker.js for clearer async logic and cleaner lint behavior.
• Updated purify.js to use import.meta.env.SSR, fixing jsdom-related build issues.
• Improved ESLint handling of unused error parameters.
• Refreshed QR code assets, metadata, contact info, and GitHub workflow tooling.
• Upgraded SvelteKit, Vite, jsdom, DOMPurify, Playwright, and other dependencies.

v1.25.16 - 2025-11-18

Changed

• Removed vercel-insights.com from the disallowedHosts list in service-worker.js.

Removed

• Removed https://vercel-insights.com from script-src and connect-src in hooks.server.js.

Notes

• Analytics: Reverted Vercel Analytics integration due to inline script injection requirement. Continuing with PostHog Cloud until migration to CSP-compliant Matomo is feasible.

---

Full Changelog: v1.25.15...v1.25.16