Skip to content

Commit 7a5f004

Browse files
authored
Update packages to address GHSA-w7fw-mjwx-w883 (#81)
Update npm/node packages to address security alert GHSA-w7fw-mjwx-w883 (https://github.com/AlexJSully/Small-Dev-Talk/security/dependabot/37).
1 parent 5394c5a commit 7a5f004

9 files changed

Lines changed: 743 additions & 811 deletions

File tree

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,9 +11,9 @@ Small Dev Talk is an independent news source that covers all things from the ind
1111

1212
It is recommended that you use the web-version of Small Dev Talk available at [https://smalldevtalk.net/](https://smalldevtalk.net/) which is an archived version of the original site that is being hosted on [Tumblr](https://smalldevtalk.tumblr.com/). This does require an internet connection to load.
1313

14-
If you would like to run this offline, you can download the Github and remove all of <https://raw.githubusercontent.com/AlexJSully/Small-Dev-Talk/master/> from index.js & index.min.js and it would load offline as well.
14+
For local usage, the app loads metadata from `/src/articleArchive/articleData.json` and article content from `/src/articleArchive/author{AuthorNameNoSpaces}/{YYYY-MM-DD}_{ArticleKey}/{ArticleKey}.md`. You can serve the repository root with `npm run start` and regenerate the service worker with `npm run workbox` after adding assets.
1515

16-
To visit specific articles, just change the directory to end with '?' + article name (list of article names can be found in [articleData.json](src\articleArchive\articleData.json)). For example, if you would like to read the Playsets' interview, just change the directory to [https://smalldevtalk.net/index.html?Playsets](https://smalldevtalk.net/index.html?Playsets).
16+
To visit specific articles, use the first query parameter as the article key from [src/articleArchive/articleData.json](src/articleArchive/articleData.json). For example, [https://smalldevtalk.net/index.html?Playsets](https://smalldevtalk.net/index.html?Playsets).
1717

1818
## Browser Compatibilities
1919

docs/guide/articles.md

Lines changed: 8 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -34,18 +34,18 @@ Edit [src/articleArchive/articleData.json](../../src/articleArchive/articleData.
3434

3535
**Field Requirements:**
3636

37-
- `title`: Display title (required)
38-
- `author`: Must match author folder name (required)
39-
- `date`: Publication date in YYYY-MM-DD format (required)
40-
- `summary`: Brief description (optional)
41-
- `thumbnail`: Filename of cover image (optional)
37+
- `title`: Display title (required for listings and carousel)
38+
- `author`: Used to build the `author{AuthorNameNoSpaces}` folder (required for loading)
39+
- `date`: Used in article folder naming (required for loading)
40+
- `summary`: Used in listings and carousel text (optional)
41+
- `thumbnail`: Used in listings, carousel, and Open Graph image (required for listings and carousel)
4242

4343
## Step 2: Create Article Directory
4444

4545
Create the directory structure using the exact naming pattern:
4646

4747
```bash
48-
mkdir -p src/articleArchive/author{AuthorFirstNameLastName}/{YYYY-MM-DD}_{ArticleTitle}/
48+
mkdir -p src/articleArchive/author{AuthorName}/{YYYY-MM-DD}_{ArticleTitle}/
4949
```
5050

5151
**Example:**
@@ -93,12 +93,9 @@ src/articleArchive/authorAlexanderSullivan/2013-03-26_Caravaneer2/
9393
└── ...
9494
```
9595

96-
**Supported Formats:**
96+
**Precaching Formats:**
9797

98-
- JPEG (.jpg, .jpeg)
99-
- PNG (.png)
100-
- WebP (.webp)
101-
- GIF (.gif)
98+
Workbox precaches assets that match the extensions in `workbox-config.js`, including `jpg`, `jpeg`, `png`, `webp`, `gif`, `svg`, and `ico`.
10299

103100
## Step 5: Update Service Worker Cache
104101

docs/guide/getting-started.md

Lines changed: 12 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,7 @@ Welcome to the Small Dev Talk development environment. This guide covers install
44

55
## System Requirements
66

7-
- **Node.js:** v18+ (for npm and development tools)
8-
- **npm:** v8+
9-
- **Browser:** Chrome, Firefox, Safari, or Edge (recent versions)
10-
- **macOS/Linux/Windows:** All supported with appropriate shell environment
7+
- **Node.js:** v20.19.0+ (required by the ESLint toolchain)
118

129
## Installation
1310

@@ -42,18 +39,19 @@ npm run start
4239

4340
- Starts an HTTP server on `http://localhost:3000`
4441
- Serves all files from the project root
45-
- Allows browser access to the site with live reload capabilities
4642

4743
**Access:** Open `http://localhost:3000` in your browser
4844

49-
### Environment
45+
### Runtime Initialization
5046

51-
The local server will run with:
47+
- `window.onload` calls `registerServiceWorker()` and then initializes data loading
48+
- `retrievePageData()` fetches legacy page definitions
49+
- `retrieveArticleData()` fetches article metadata and triggers rendering
5250

53-
- No authentication required
54-
- All articles loaded from the local archive
55-
- Sentry tracing enabled (data sent to Sentry project)
56-
- Service workers active (caching enabled)
51+
### Third-Party Scripts
52+
53+
- Sentry is initialized in `index.html`
54+
- Google Analytics and Google Tag Manager scripts are loaded in `index.html`
5755

5856
## Project Structure
5957

@@ -152,16 +150,11 @@ npm run validate # Run full validation pipeline:
152150
npm run workbox # Generate precaching manifest for service worker
153151
```
154152

155-
This is needed after:
156-
157-
- Adding new images or assets
158-
- Modifying build structure
159-
- Updating offline caching strategy
153+
This command regenerates `src/serviceWorker/sw.js` with the current precache manifest.
160154

161155
## Environment Variables
162156

163-
Currently, Small Dev Talk does not use environment variables. Configuration is primarily done through:
157+
Small Dev Talk does not reference environment variables in runtime scripts. Configuration is done through:
164158

165-
- [index.html](../../index.html) — Sentry DSN, meta tags, security policies
166-
- [package.json](../../package.json) — Version number
159+
- [index.html](../../index.html) — Sentry and analytics configuration, meta tags, security policies
167160
- [workbox-config.js](../../workbox-config.js) — Precaching configuration

docs/guide/index.md

Lines changed: 8 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ This section contains practical guides for developers working with the Small Dev
44

55
## Overview
66

7-
The developer guides provide step-by-step instructions for common tasks, from setting up your local environment to publishing new articles and deploying to production. These guides are designed for both internal maintainers and external contributors.
7+
The developer guides provide step-by-step instructions for common tasks, from setting up a local environment to publishing new articles and running validation scripts.
88

99
## Available Guides
1010

@@ -18,9 +18,6 @@ Complete setup guide for local development.
1818
- Running the local development server
1919
- Understanding the project structure
2020
- Configuring development tools (ESLint, Prettier, Markdownlint)
21-
- Debugging with browser DevTools
22-
- Working with Service Workers
23-
- Common troubleshooting steps
2421

2522
### [Adding & Publishing Articles](./articles.md)
2623

@@ -48,22 +45,16 @@ Guide to running tests and ensuring code quality.
4845
- Code formatting with Prettier
4946
- Markdown validation
5047
- Full validation pipeline
51-
- Debugging test failures
5248
- Continuous Integration (CI) process
5349

5450
### [Deployment & Build](./deployment.md)
5551

56-
Build process and deployment to GitHub Pages.
52+
Deployment and build notes based on repository scripts and workflows.
5753

5854
**What you'll learn:**
5955

60-
- Building production files (CSS, JS, Service Worker)
61-
- Understanding the deployment pipeline
62-
- GitHub Actions workflow
63-
- Pre-deployment checklist
64-
- Rollback procedures
65-
- Environment configuration
66-
- Performance optimization
56+
- Service worker generation for precaching
57+
- Repository deployment notes based on current workflows
6758

6859
## Common Commands
6960

@@ -81,15 +72,15 @@ npm run eslint # Fix ESLint errors
8172
npm run prettier # Format all files
8273
npm run lint:markdown # Validate markdown files
8374

84-
# Build
85-
npm run build:css # Compile CSS
86-
npm run build:js # Minify JavaScript
75+
# Service worker
8776
npm run workbox # Regenerate Service Worker cache
8877

8978
# Full Validation
90-
npm run validate # Run all checks (required before merge)
79+
npm run validate # Run all checks
9180
```
9281

82+
Implementation: [package.json](../../package.json)
83+
9384
## Related Documentation
9485

9586
- [System Architecture](../architecture/system.md) — Understanding the codebase structure

docs/guide/testing.md

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ This guide covers running tests and validating code quality in Small Dev Talk.
44

55
## Test Types
66

7-
Small Dev Talk uses three types of automated testing:
7+
Small Dev Talk uses four types of automated testing:
88

99
1. **Unit Tests (Jest)** — Test individual functions and modules
1010
2. **E2E Tests (Cypress)** — Test complete user workflows
@@ -101,13 +101,14 @@ This runs:
101101
4. Cypress E2E tests
102102
5. Markdownlint validation
103103

104-
**Must pass before merging to master.**
105-
106104
## Continuous Integration
107105

108-
GitHub Actions automatically:
106+
GitHub Actions workflows in this repository:
107+
108+
- Run Prettier, ESLint, Jest, and Cypress on pushes and pull requests
109+
- Run Markdownlint on markdown-only changes
110+
- Run CodeQL analysis on pushes and pull requests
111+
112+
## Related Documentation
109113

110-
- Runs all tests on pull requests
111-
- Reports status in PR
112-
- Blocks merging if tests fail
113-
- Deploys on merge to master
114+
- [Developer Setup & Getting Started](./getting-started.md)

docs/index.md

Lines changed: 18 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
11
# Small Dev Talk Documentation
22

3-
Welcome to the Small Dev Talk documentation. This directory contains comprehensive guides for understanding, maintaining, and extending the Small Dev Talk codebase.
3+
Welcome to the Small Dev Talk documentation. This directory contains guides for understanding, maintaining, and extending the Small Dev Talk codebase.
44

55
## Overview
66

7-
Small Dev Talk is a static web application that archives and displays interviews with indie developers, game developers, and creators across various entertainment industries. The site provides content from multiple authors spanning games, movies, technology, design, and more.
7+
Small Dev Talk is a static client-side site. On page load, the browser script fetches legacy page definitions and article metadata, then renders either a listing view or a single article based on the URL query string.
88

99
The project is currently in **maintenance mode**, meaning focus is on bug fixes and security updates rather than new features.
1010

@@ -32,22 +32,23 @@ Practical guides for developers working with the codebase.
3232
Detailed documentation for key modules and functions.
3333

3434
- [ArticleFiller Class](./api/article-filler.md) — Core class for article loading and page rendering
35-
- [Sentry Integration](./api/sentry.md) — Error tracking and monitoring configuration
36-
- [Service Worker](./api/service-worker.md)Caching strategy and offline support
37-
- [Build Tools & Scripts](./api/build-tools.md)Configuration for tooling and automation
35+
- [Sentry Integration](./api/sentry.md) — Error tracking configuration
36+
- [Service Worker](./api/service-worker.md)Precaching and runtime caching behavior
37+
- [Build Tools & Scripts](./api/build-tools.md)Tooling and npm scripts
3838

3939
## Key Technologies
4040

41-
| Technology | Purpose | Version |
42-
| ---------------------------------------------------------------------------- | --------------------------- | -------- |
43-
| [Bootstrap](https://getbootstrap.com/) | UI framework | Latest |
44-
| [Showdown.js](http://showdownjs.com/) | Markdown to HTML conversion | Latest |
45-
| [Sentry](https://sentry.io/) | Error tracking | v10.32.1 |
46-
| [Service Workers / Workbox](https://developers.google.com/web/tools/workbox) | Offline caching | v7.4.0 |
47-
| [Jest](https://jestjs.io/) | Unit testing | v30.2.0 |
48-
| [Cypress](https://cypress.io/) | E2E testing | v15.8.1 |
49-
| [ESLint](https://eslint.org/) | Code linting | v9.39.2 |
50-
| [Prettier](https://prettier.io/) | Code formatting | v3.7.4 |
41+
| Technology | Purpose | Version |
42+
| ---------------------------------------------------------------------------- | ---------------------------- | ---------- |
43+
| [Bootstrap](https://getbootstrap.com/) | UI framework (local bundle) | Local copy |
44+
| [jQuery](https://jquery.com/) | DOM utilities (local bundle) | Local copy |
45+
| [Showdown.js](http://showdownjs.com/) | Markdown to HTML conversion | Local copy |
46+
| [Sentry](https://sentry.io/) | Error tracking | v10.32.1 |
47+
| [Service Workers / Workbox](https://developers.google.com/web/tools/workbox) | Precaching and caching | v7.4.0 |
48+
| [Jest](https://jestjs.io/) | Unit testing | v30.2.0 |
49+
| [Cypress](https://cypress.io/) | E2E testing | v15.10.0 |
50+
| [ESLint](https://eslint.org/) | Code linting | v10.0.0 |
51+
| [Prettier](https://prettier.io/) | Code formatting | v3.8.1 |
5152

5253
## Quick Links
5354

@@ -61,12 +62,8 @@ Detailed documentation for key modules and functions.
6162
- **Project Status:** Maintenance Mode
6263
- **Latest Version:** 1.3.4
6364
- **License:** GPL-3.0
64-
- **Build Status:** Automated via GitHub Actions
65+
- **Automation:** Code quality and CodeQL workflows run in GitHub Actions
6566

6667
## Contributing
6768

68-
To contribute, see [CONTRIBUTING.md](../CONTRIBUTING.md) at the repository root. Focus areas for contributions include:
69-
70-
- Bug fixes (priority)
71-
- Security updates (priority)
72-
- Documentation improvements
69+
To contribute, see [CONTRIBUTING.md](../CONTRIBUTING.md) at the repository root.

0 commit comments

Comments
 (0)