Update packages to address GHSA-w7fw-mjwx-w883 (#81)

Update npm/node packages to address security alert GHSA-w7fw-mjwx-w883
(https://github.com/AlexJSully/Small-Dev-Talk/security/dependabot/37).

Author: AlexJSully

README.md

@@ -11,9 +11,9 @@ Small Dev Talk is an independent news source that covers all things from the ind
 
 It is recommended that you use the web-version of Small Dev Talk available at [https://smalldevtalk.net/](https://smalldevtalk.net/) which is an archived version of the original site that is being hosted on [Tumblr](https://smalldevtalk.tumblr.com/). This does require an internet connection to load.
 
-If you would like to run this offline, you can download the Github and remove all of <https://raw.githubusercontent.com/AlexJSully/Small-Dev-Talk/master/> from index.js & index.min.js and it would load offline as well.
+For local usage, the app loads metadata from `/src/articleArchive/articleData.json` and article content from `/src/articleArchive/author{AuthorNameNoSpaces}/{YYYY-MM-DD}_{ArticleKey}/{ArticleKey}.md`. You can serve the repository root with `npm run start` and regenerate the service worker with `npm run workbox` after adding assets.
 
-To visit specific articles, just change the directory to end with '?' + article name (list of article names can be found in [articleData.json](src\articleArchive\articleData.json)). For example, if you would like to read the Playsets' interview, just change the directory to [https://smalldevtalk.net/index.html?Playsets](https://smalldevtalk.net/index.html?Playsets).
+To visit specific articles, use the first query parameter as the article key from [src/articleArchive/articleData.json](src/articleArchive/articleData.json). For example, [https://smalldevtalk.net/index.html?Playsets](https://smalldevtalk.net/index.html?Playsets).
 
 ## Browser Compatibilities
 

docs/guide/articles.md

@@ -34,18 +34,18 @@ Edit [src/articleArchive/articleData.json](../../src/articleArchive/articleData.
 
 **Field Requirements:**
 
-- `title`: Display title (required)
-- `author`: Must match author folder name (required)
-- `date`: Publication date in YYYY-MM-DD format (required)
-- `summary`: Brief description (optional)
-- `thumbnail`: Filename of cover image (optional)
+- `title`: Display title (required for listings and carousel)
+- `author`: Used to build the `author{AuthorNameNoSpaces}` folder (required for loading)
+- `date`: Used in article folder naming (required for loading)
+- `summary`: Used in listings and carousel text (optional)
+- `thumbnail`: Used in listings, carousel, and Open Graph image (required for listings and carousel)
 
 ## Step 2: Create Article Directory
 
 Create the directory structure using the exact naming pattern:
 
 ```bash
-mkdir -p src/articleArchive/author{AuthorFirstNameLastName}/{YYYY-MM-DD}_{ArticleTitle}/
+mkdir -p src/articleArchive/author{AuthorName}/{YYYY-MM-DD}_{ArticleTitle}/
 ```
 
 **Example:**
@@ -93,12 +93,9 @@ src/articleArchive/authorAlexanderSullivan/2013-03-26_Caravaneer2/
 └── ...
 ```
 
-**Supported Formats:**
+**Precaching Formats:**
 
-- JPEG (.jpg, .jpeg)
-- PNG (.png)
-- WebP (.webp)
-- GIF (.gif)
+Workbox precaches assets that match the extensions in `workbox-config.js`, including `jpg`, `jpeg`, `png`, `webp`, `gif`, `svg`, and `ico`.
 
 ## Step 5: Update Service Worker Cache
 

docs/guide/getting-started.md

@@ -4,10 +4,7 @@ Welcome to the Small Dev Talk development environment. This guide covers install
 
 ## System Requirements
 
-- **Node.js:** v18+ (for npm and development tools)
-- **npm:** v8+
-- **Browser:** Chrome, Firefox, Safari, or Edge (recent versions)
-- **macOS/Linux/Windows:** All supported with appropriate shell environment
+- **Node.js:** v20.19.0+ (required by the ESLint toolchain)
 
 ## Installation
 
@@ -42,18 +39,19 @@ npm run start
 
 - Starts an HTTP server on `http://localhost:3000`
 - Serves all files from the project root
-- Allows browser access to the site with live reload capabilities
 
 **Access:** Open `http://localhost:3000` in your browser
 
-### Environment
+### Runtime Initialization
 
-The local server will run with:
+- `window.onload` calls `registerServiceWorker()` and then initializes data loading
+- `retrievePageData()` fetches legacy page definitions
+- `retrieveArticleData()` fetches article metadata and triggers rendering
 
-- No authentication required
-- All articles loaded from the local archive
-- Sentry tracing enabled (data sent to Sentry project)
-- Service workers active (caching enabled)
+### Third-Party Scripts
+
+- Sentry is initialized in `index.html`
+- Google Analytics and Google Tag Manager scripts are loaded in `index.html`
 
 ## Project Structure
 
@@ -152,16 +150,11 @@ npm run validate            # Run full validation pipeline:
 npm run workbox             # Generate precaching manifest for service worker
 ```
 
-This is needed after:
-
-- Adding new images or assets
-- Modifying build structure
-- Updating offline caching strategy
+This command regenerates `src/serviceWorker/sw.js` with the current precache manifest.
 
 ## Environment Variables
 
-Currently, Small Dev Talk does not use environment variables. Configuration is primarily done through:
+Small Dev Talk does not reference environment variables in runtime scripts. Configuration is done through:
 
-- [index.html](../../index.html) — Sentry DSN, meta tags, security policies
-- [package.json](../../package.json) — Version number
+- [index.html](../../index.html) — Sentry and analytics configuration, meta tags, security policies
 - [workbox-config.js](../../workbox-config.js) — Precaching configuration

docs/guide/index.md

@@ -4,7 +4,7 @@ This section contains practical guides for developers working with the Small Dev
 
 ## Overview
 
-The developer guides provide step-by-step instructions for common tasks, from setting up your local environment to publishing new articles and deploying to production. These guides are designed for both internal maintainers and external contributors.
+The developer guides provide step-by-step instructions for common tasks, from setting up a local environment to publishing new articles and running validation scripts.
 
 ## Available Guides
 
@@ -18,9 +18,6 @@ Complete setup guide for local development.
 - Running the local development server
 - Understanding the project structure
 - Configuring development tools (ESLint, Prettier, Markdownlint)
-- Debugging with browser DevTools
-- Working with Service Workers
-- Common troubleshooting steps
 
 ### [Adding & Publishing Articles](./articles.md)
 
@@ -48,22 +45,16 @@ Guide to running tests and ensuring code quality.
 - Code formatting with Prettier
 - Markdown validation
 - Full validation pipeline
-- Debugging test failures
 - Continuous Integration (CI) process
 
 ### [Deployment & Build](./deployment.md)
 
-Build process and deployment to GitHub Pages.
+Deployment and build notes based on repository scripts and workflows.
 
 **What you'll learn:**
 
-- Building production files (CSS, JS, Service Worker)
-- Understanding the deployment pipeline
-- GitHub Actions workflow
-- Pre-deployment checklist
-- Rollback procedures
-- Environment configuration
-- Performance optimization
+- Service worker generation for precaching
+- Repository deployment notes based on current workflows
 
 ## Common Commands
 
@@ -81,15 +72,15 @@ npm run eslint             # Fix ESLint errors
 npm run prettier           # Format all files
 npm run lint:markdown      # Validate markdown files
 
-# Build
-npm run build:css          # Compile CSS
-npm run build:js           # Minify JavaScript
+# Service worker
 npm run workbox            # Regenerate Service Worker cache
 
 # Full Validation
-npm run validate           # Run all checks (required before merge)
+npm run validate           # Run all checks
 ```
 
+Implementation: [package.json](../../package.json)
+
 ## Related Documentation
 
 - [System Architecture](../architecture/system.md) — Understanding the codebase structure

docs/guide/testing.md

@@ -4,7 +4,7 @@ This guide covers running tests and validating code quality in Small Dev Talk.
 
 ## Test Types
 
-Small Dev Talk uses three types of automated testing:
+Small Dev Talk uses four types of automated testing:
 
 1. **Unit Tests (Jest)** — Test individual functions and modules
 2. **E2E Tests (Cypress)** — Test complete user workflows
@@ -101,13 +101,14 @@ This runs:
 4. Cypress E2E tests
 5. Markdownlint validation
 
-**Must pass before merging to master.**
-
 ## Continuous Integration
 
-GitHub Actions automatically:
+GitHub Actions workflows in this repository:
+
+- Run Prettier, ESLint, Jest, and Cypress on pushes and pull requests
+- Run Markdownlint on markdown-only changes
+- Run CodeQL analysis on pushes and pull requests
+
+## Related Documentation
 
-- Runs all tests on pull requests
-- Reports status in PR
-- Blocks merging if tests fail
-- Deploys on merge to master
+- [Developer Setup & Getting Started](./getting-started.md)

docs/index.md

@@ -1,10 +1,10 @@
 # Small Dev Talk Documentation
 
-Welcome to the Small Dev Talk documentation. This directory contains comprehensive guides for understanding, maintaining, and extending the Small Dev Talk codebase.
+Welcome to the Small Dev Talk documentation. This directory contains guides for understanding, maintaining, and extending the Small Dev Talk codebase.
 
 ## Overview
 
-Small Dev Talk is a static web application that archives and displays interviews with indie developers, game developers, and creators across various entertainment industries. The site provides content from multiple authors spanning games, movies, technology, design, and more.
+Small Dev Talk is a static client-side site. On page load, the browser script fetches legacy page definitions and article metadata, then renders either a listing view or a single article based on the URL query string.
 
 The project is currently in **maintenance mode**, meaning focus is on bug fixes and security updates rather than new features.
 
@@ -32,22 +32,23 @@ Practical guides for developers working with the codebase.
 Detailed documentation for key modules and functions.
 
 - [ArticleFiller Class](./api/article-filler.md) — Core class for article loading and page rendering
-- [Sentry Integration](./api/sentry.md) — Error tracking and monitoring configuration
-- [Service Worker](./api/service-worker.md) — Caching strategy and offline support
-- [Build Tools & Scripts](./api/build-tools.md) — Configuration for tooling and automation
+- [Sentry Integration](./api/sentry.md) — Error tracking configuration
+- [Service Worker](./api/service-worker.md) — Precaching and runtime caching behavior
+- [Build Tools & Scripts](./api/build-tools.md) — Tooling and npm scripts
 
 ## Key Technologies
 
-| Technology                                                                   | Purpose                     | Version  |
-| ---------------------------------------------------------------------------- | --------------------------- | -------- |
-| [Bootstrap](https://getbootstrap.com/)                                       | UI framework                | Latest   |
-| [Showdown.js](http://showdownjs.com/)                                        | Markdown to HTML conversion | Latest   |
-| [Sentry](https://sentry.io/)                                                 | Error tracking              | v10.32.1 |
-| [Service Workers / Workbox](https://developers.google.com/web/tools/workbox) | Offline caching             | v7.4.0   |
-| [Jest](https://jestjs.io/)                                                   | Unit testing                | v30.2.0  |
-| [Cypress](https://cypress.io/)                                               | E2E testing                 | v15.8.1  |
-| [ESLint](https://eslint.org/)                                                | Code linting                | v9.39.2  |
-| [Prettier](https://prettier.io/)                                             | Code formatting             | v3.7.4   |
+| Technology                                                                   | Purpose                      | Version    |
+| ---------------------------------------------------------------------------- | ---------------------------- | ---------- |
+| [Bootstrap](https://getbootstrap.com/)                                       | UI framework (local bundle)  | Local copy |
+| [jQuery](https://jquery.com/)                                                | DOM utilities (local bundle) | Local copy |
+| [Showdown.js](http://showdownjs.com/)                                        | Markdown to HTML conversion  | Local copy |
+| [Sentry](https://sentry.io/)                                                 | Error tracking               | v10.32.1   |
+| [Service Workers / Workbox](https://developers.google.com/web/tools/workbox) | Precaching and caching       | v7.4.0     |
+| [Jest](https://jestjs.io/)                                                   | Unit testing                 | v30.2.0    |
+| [Cypress](https://cypress.io/)                                               | E2E testing                  | v15.10.0   |
+| [ESLint](https://eslint.org/)                                                | Code linting                 | v10.0.0    |
+| [Prettier](https://prettier.io/)                                             | Code formatting              | v3.8.1     |
 
 ## Quick Links
 
@@ -61,12 +62,8 @@ Detailed documentation for key modules and functions.
 - **Project Status:** Maintenance Mode
 - **Latest Version:** 1.3.4
 - **License:** GPL-3.0
-- **Build Status:** Automated via GitHub Actions
+- **Automation:** Code quality and CodeQL workflows run in GitHub Actions
 
 ## Contributing
 
-To contribute, see [CONTRIBUTING.md](../CONTRIBUTING.md) at the repository root. Focus areas for contributions include:
-
-- Bug fixes (priority)
-- Security updates (priority)
-- Documentation improvements
+To contribute, see [CONTRIBUTING.md](../CONTRIBUTING.md) at the repository root.