jwright
c1db5cec86
All JS moved to external /site.js → script-src 'self' with no inline JS, hashes or eval. Full header set via nginx (CSP, nosniff, frame-deny, referrer, permissions, COOP/CORP); HSTS stays at the CF edge. Shared headers include avoids the location add_header reset footgun. Build-time secret/inline-script/third-party scan gate. SECURITY.md documents posture.
30 lines
649 B
JSON
30 lines
649 B
JSON
{
|
|
"name": "bztmon-site",
|
|
"type": "module",
|
|
"version": "0.0.1",
|
|
"engines": {
|
|
"node": ">=22.12.0"
|
|
},
|
|
"scripts": {
|
|
"dev": "astro dev",
|
|
"build": "astro build",
|
|
"preview": "astro preview",
|
|
"check": "astro check",
|
|
"scan": "bash scripts/check-build.sh dist",
|
|
"gen:og": "node scripts/gen-og.mjs",
|
|
"astro": "astro"
|
|
},
|
|
"dependencies": {
|
|
"@astrojs/rss": "^4.0.18",
|
|
"@astrojs/sitemap": "^3.7.3",
|
|
"@tailwindcss/vite": "^4.3.1",
|
|
"astro": "^6.4.7",
|
|
"tailwindcss": "^4.3.1"
|
|
},
|
|
"devDependencies": {
|
|
"@astrojs/check": "^0.9.9",
|
|
"@types/node": "^25.9.3",
|
|
"typescript": "^6.0.3"
|
|
}
|
|
}
|