Releases: netwk-pro/netwk-pro.github.io
v1.24.2
What's Changed
- chore: release prep for v1.24.2 by @SunDevil311 in #148
Full Changelog: v1.24.1...v1.24.2
Contributors
Assets 2
v1.24.1
Contributors
Assets 2
Release v1.24.0 - 2025-11-01
🧩 Added
- Introduced GitLeaks secret scanning CI workflow (
.github/workflows/secret-scan.yml) for automated detection of committed secrets. - Implemented a two-phase scan strategy:
- Pull Request scans – catch leaks before merge.
- Nightly scheduled scans – detect older or historical leaks.
- Added artifact uploads (
gitleaks-report.json) for maintainers to download detailed scan results. - Added public-safe summary output (redacted and concise) for visibility in workflow results.
- Added automatic GitHub issue creation and optional ntfy.sh notifications for real-time alerts.
- Introduced fork-safety guards to prevent secrets exposure or broken runs in forked PRs.
- Annotated workflow with Layer 1 – Output Redaction and Layer 2 – Secret/Fork Handling for clarity.
⚙️ Changed
- Bumped project version →
v1.24.0. - Updated
.node-versionand.nvmrcto Node.js 24.11.0 (LTS). - Updated all CI workflows to use
node-version: 24:build-and-publish.ymllighthouse.ymlmeta-check.ymlplaywright.ymlpublish-test.ymltemplates/publish.template.yml
- Updated dependencies:
@eslint/js→^9.39.0eslint→^9.39.0globals→^16.5.0posthog-js→^1.284.0
💡 Highlights:
This release strengthens the CI/CD pipeline with automated secret detection, safer public visibility, and Node.js 24.x LTS alignment across all build workflows.
🚀 Release 1.23.0 — Metadata Refactor, SEO Enhancements & Security Fixes
Release Date: 2025-10-30
This release focuses on improving maintainability, SEO consistency, and overall project structure. It consolidates metadata logic, modernizes test and routing behavior, and patches a critical transitive dependency vulnerability.
✨ Highlights
- Complete refactor of metadata and SEO handling
→ All<meta>and<title>logic centralized inMetaTags.svelte
→ Automatic title & description suffixing for consistent branding
→ Dynamic canonical URL generation per route - Route simplification
→/license→/legaland/foss-spotlight→/foss - Refactored all route imports to use named exports from
$lib/componentsand$lib/pages - Playwright utilities modernized with
waitForURL()/waitForLoadState() - Updated to Node.js 22.21.1 (LTS) and SvelteKit 2.48.4
🛡️ Security
- Patched transitive dependency vulnerability:
tar@7.5.1→tar@7.5.2(CVE-2025-64118)
- Verified all overrides with
npm lsandnpm explain
🧱 Additional Changes
- Updated
src/app.htmlfor cleaner head injection and PWA improvements - Adjusted fallback metadata and layout logic to prevent duplicate branding
- Refreshed sitemap timestamps and test assertions
- Dependency updates:
svelte→5.43.2eslint-plugin-svelte→3.13.0
🧭 Summary
This version modernizes the app’s structure and SEO pipeline, improves internal test reliability, and secures the build against upstream dependency issues — a solid step toward cleaner, more scalable code.
v1.22.2 - 2025-10-29
This release refines documentation, improves test configuration compatibility, and introduces new developer tools to strengthen maintainability and CI consistency.
Highlights
- ✍️ Documentation Overhaul — Fully rewrote
CONTRIBUTING.mdfor the SvelteKit era, and centralized contribution and conduct files in the organization’s.githubrepo. - 🧩 Developer Experience — Added
vite-plugin-devtools-jsonfor enhanced DevTools integration and.ncurc.jsonto standardize upgrade behavior across projects. - ⚙️ Testing & Compatibility — Updated
vitest.config.client.jsto support Svelte 5 rune syntax and upcoming Vitest 4.x / Vite 6 compatibility. - 🚀 Workflow Modernization — Upgraded GitHub Actions to the latest stable versions (
setup-node@v6,upload-artifact@v5). - 🔧 Dependency Updates — Incremental updates to SvelteKit, Vite, ESLint, and PostHog libraries.
- 🧱 Node.js Alignment — All environments now use Node 22.21.0 (LTS) for local and CI parity.
Full Changelog: v1.22.1...v1.22.2
v1.22.1 — 2025-10-21
✍️ Documentation
- Updated project structure and
static/pgpdetails in README.md.
🧩 Improvements
- Refined text and layout in AboutContent.svelte and ServicesContent.svelte.
- Added clickable privacy contact links in PrivacyContent.svelte and PrivacyDashboard.svelte.
- Increased Playwright timeouts and implemented
Promise.all()for more reliable navigation tests. - Enhanced
'about'route tests with explicit load-state checks and extended timeouts for CI stability. - Standardized test behavior across desktop and mobile suites.
🛠 Fixes
- Corrected hosting reference in TermsUseContent.svelte (now showing Vercel).
- Fixed license identifier syntax across multiple legal and policy pages.
✅ Summary:
This update focuses on improving test reliability, content accuracy, and documentation clarity.
Playwright E2E tests are now more resilient under CI latency, and site pages have been updated for improved consistency and correctness.
🚀 v1.22.0 — Dynamic QR Imports & PGP Enhancements
This release introduces dynamic QR code imports, a centralized PGP key registry, and refined contact handling across the site. The About and PGP pages now use dynamic lookups, cleaner typing, and more consistent asset management.
✨ Highlights
- Added
getQR()helper and dynamicQR_IMAGESregistry for automated QR imports. - New
PGP_KEYSdata module with type-safe bindings and dynamic QR references. - Updated About and PGP pages to use centralized constants and data.
- Split PGP fingerprints into two lines for improved readability.
- Added new app constants:
EMAIL_LINK,SECURE_LINK, andPRIVACY_LINK. - Added favicon and manifest entry for
icon-about.png.
🧰 Improvements
- Refactored service worker and image imports for consistency.
- Rebuilt global CSS with LightningCSS.
- Updated dependencies for SvelteKit 2.47.2 compatibility.
🧩 Technical
- Updated
vite→7.1.11to address CVE-2025-62522. - Cleaned up redundant imports and old static assets in
/static/pgp.
🛠 Refactor release introducing dynamic QR imports, improved PGP management, and enhanced maintainability across contact components.
v1.21.1 - 2025-10-17
What's Changed
- chore: release prep for v1.21.1 by @SunDevil311 in #137
Full Changelog: v1.21.0...v1.21.1
Contributors
Assets 2
Release: v1.21.0 · 2025-10-17
This release introduces improved analytics handling, service worker lifecycle cleanup, and PWA enhancements. It also includes better development ergonomics and general code hygiene updates.
✨ Highlights
- Modular Analytics: Added
initAnalytics.jsutility for centralized PostHog tracking, asset preloading, and dev-mode safeguards. - PostHog Improvements: Introduced
$pageleaveevent support and suppressed noisy dev errors inposthog.js. - Service Worker Refinements: Firefox dev-mode support with auto-unregister and environment-aware logging.
- PWA Updates: Adjusted manifest for proper maskable icon behavior and corrected caching exclusions.
- Code Quality: Extended linting, refined meta fallback handling, and improved UX spacing in home content.
🚀 v1.20.0 — Services Expansion & PostHog Proxy Integration
Release date: October 17, 2025
This update introduces a brand-new Services section, improved analytics integration, and a round of performance and dependency updates.
✨ Highlights
- Added a complete Services route (
/services) with detailed service descriptions and a new Services Summary Table component. - Updated navigation headers and site styles to include the new Services page.
- Implemented a PostHog Cloud proxy via Vercel rewrites for improved privacy and compliance — analytics now route securely through your own domain.
- Modernized build and deployment workflows, including updated npm v11.6.2, improved GitHub Packages publishing, and relaxed CSP rules for development.
🛠️ Additional Improvements
- Refreshed several site pages with updated content and metadata.
- Rebuilt
global.min.cssusing LightningCSS for optimized CSS delivery. - Updated SvelteKit to
2.47.1and upgraded supporting dependencies (Svelte, Vite, Playwright, ESLint, PostHog, etc.). - Added new workflow permissions and runner updates for improved CI stability.
🔒 Security & Compliance
- Enhanced CSP handling in
hooks.server.js. - Added
/relay-MSR0rewrites to handle PostHog requests securely via same-origin proxy. - Updated privacy page with new Security & Anti-Abuse Measures (hCaptcha) section.
Full changelog: View changes in CHANGELOG.md
Tag: v1.20.0