chore: update package version to 0.18.0 and enhance linting and forma…

.eslintrc.js

@@ -0,0 +1,51 @@
+module.exports = {
+  root: true,
+  env: {
+    browser: true,
+    es2021: true,
+    node: true,
+  },
+  extends: [
+    'eslint:recommended',
+  ],
+  parserOptions: {
+    ecmaFeatures: {
+      jsx: true,
+    },
+    ecmaVersion: 'latest',
+    sourceType: 'module',
+  },
+  plugins: [
+    'react',
+    'jsx-a11y',
+  ],
+  rules: {
+    // Disable console in production
+    'no-console': process.env.NODE_ENV === 'production' ? 'error' : 'warn',
+
+    // React specific rules (relaxed for Docusaurus)
+    'react/prop-types': 'off',
+    'react/react-in-jsx-scope': 'off',
+
+    // Accessibility rules
+    'jsx-a11y/alt-text': 'warn', // Warning instead of error for now
+
+    // Code quality (relaxed for existing code)
+    'no-unused-vars': ['warn', { 
+      argsIgnorePattern: '^_',
+      varsIgnorePattern: '^(React|Link|Layout|Head|Suspense|Redirect)$' // Allow common React/Docusaurus imports
+    }],
+    'prefer-const': 'warn',
+    'no-var': 'error',
+  },
+  settings: {
+    react: {
+      version: 'detect',
+    },
+  },
+  ignorePatterns: [
+    'build/',
+    'node_modules/',
+    '.docusaurus/',
+  ],
+};

.github/workflows/security.yml

@@ -0,0 +1,90 @@
+name: Security Audit
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main ]
+  schedule:
+    # Run security audit daily at 2 AM UTC
+    - cron: '0 2 * * *'
+
+jobs:
+  security-audit:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '18'
+        cache: 'npm'
+
+    - name: Install dependencies
+      run: npm ci
+
+    - name: Run npm audit
+      run: npm audit --audit-level=moderate
+      continue-on-error: true
+
+    - name: Run custom security checks
+      run: npm run security:deps
+
+    - name: Run ESLint security rules
+      run: npm run lint
+
+    - name: Check for secrets
+      uses: trufflesecurity/trufflehog@main
+      with:
+        path: ./
+        base: main
+        head: HEAD
+        extra_args: --debug --only-verified
+
+    - name: Security audit summary
+      if: always()
+      run: |
+        echo "## Security Audit Results" >> $GITHUB_STEP_SUMMARY
+        echo "- npm audit: $(npm audit --audit-level=moderate > /dev/null 2>&1 && echo "✅ Passed" || echo "❌ Issues found")" >> $GITHUB_STEP_SUMMARY
+        echo "- Custom checks: $(npm run security:deps > /dev/null 2>&1 && echo "✅ Passed" || echo "❌ Issues found")" >> $GITHUB_STEP_SUMMARY
+        echo "- Linting: $(npm run lint > /dev/null 2>&1 && echo "✅ Passed" || echo "❌ Issues found")" >> $GITHUB_STEP_SUMMARY
+
+  dependency-review:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'pull_request'
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Dependency Review
+      uses: actions/dependency-review-action@v3
+      with:
+        fail-on-severity: moderate
+        allow-licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, GPL-3.0
+
+  codeql-analysis:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: javascript
+        queries: security-and-quality
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v2
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2

.husky/commit-msg

@@ -0,0 +1,13 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+# Basic commit message validation
+commit_regex='^(feat|fix|docs|style|refactor|test|chore)(\(.+\))?: .{1,50}'
+
+if ! grep -qE "$commit_regex" "$1"; then
+    echo "Invalid commit message format!"
+    echo "Format: type(scope): description"
+    echo "Types: feat, fix, docs, style, refactor, test, chore"
+    echo "Example: feat(homepage): add new navigation component"
+    exit 1
+fi

.husky/pre-commit

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npx lint-staged

.husky/pre-push

@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+npm run security:check

.prettierignore

@@ -0,0 +1,28 @@
+# Dependencies
+node_modules/
+
+# Build output
+build/
+.docusaurus/
+target/
+
+# Lock files (formatting would change hashes)
+package-lock.json
+
+# Environment variables
+.env
+.env.local
+.env.production
+
+# IDE files
+.vscode/
+.idea/
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Generated files
+*.log
+.tmp/
+.cache/

.prettierrc.js

@@ -0,0 +1,37 @@
+module.exports = {
+  semi: true,
+  singleQuote: true,
+  tabWidth: 2,
+  trailingComma: 'es5',
+  useTabs: false,
+  printWidth: 80,
+  bracketSpacing: true,
+  bracketSameLine: false,
+  arrowParens: 'always',
+  endOfLine: 'lf',
+  embeddedLanguageFormatting: 'auto',
+  htmlWhitespaceSensitivity: 'css',
+  insertPragma: false,
+  jsxSingleQuote: false,
+  proseWrap: 'preserve',
+  quoteProps: 'as-needed',
+  requirePragma: false,
+  vueIndentScriptAndStyle: false,
+
+  // Override for markdown files
+  overrides: [
+    {
+      files: '*.md',
+      options: {
+        printWidth: 100,
+        proseWrap: 'always',
+      },
+    },
+    {
+      files: '*.{json,yml,yaml}',
+      options: {
+        printWidth: 120,
+      },
+    },
+  ],
+};