chore(deps): bump qs from 6.14.0 to 6.14.1

.changeset/README.md

@@ -0,0 +1,24 @@
+# Changesets
+
+Hello and welcome! This folder has been automatically generated by `@changesets/cli`, a build tool that works
+with multi-package repos, or single-package repos to help you version and publish your code. You can
+find the full documentation for it [in our repository](https://github.com/changesets/changesets)
+
+We have a quick list of common questions to get you started engaging with this project in
+[our documentation](https://github.com/changesets/changesets/blob/main/docs/common-questions.md)
+
+## Adding a changeset
+
+To add a changeset, run `npm run changeset` in the root of the repository. This will prompt you to:
+
+1. Select which packages have been changed
+2. Choose the type of change (major, minor, patch)
+3. Write a summary of the changes
+
+## Publishing
+
+Changesets are automatically published when merged to the main branch via GitHub Actions.
+The release workflow will:
+
+1. Create a "Version Packages" PR that bumps versions
+2. When that PR is merged, publish the packages to npm

.github/workflows/ci.yml

@@ -2,9 +2,13 @@ name: CI
 
 on:
   push:
-    branches: [main]
+    branches: [main, master]
   pull_request:
-    branches: [main]
+    branches: [main, master]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
 
 jobs:
   build-and-test:
@@ -23,8 +27,13 @@ jobs:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'
 
+      - name: Setup Docker Compose
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y docker-compose
+
       - name: Install dependencies
-        run: npm ci
+        run: npm ci --legacy-peer-deps
 
       - name: Build all packages
         run: npm run build
@@ -49,8 +58,52 @@ jobs:
           cache: 'npm'
 
       - name: Install dependencies
-        run: npm ci
+        run: npm ci --legacy-peer-deps
 
       - name: Security audit
         run: npm audit --audit-level=high
         continue-on-error: true
+
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    needs: [build-and-test]
+    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master')
+    permissions:
+      contents: write
+      pull-requests: write
+      id-token: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          registry-url: 'https://registry.npmjs.org'
+
+      - name: Setup Docker Compose
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y docker-compose
+
+      - name: Install dependencies
+        run: npm ci --legacy-peer-deps
+
+      - name: Build all packages
+        run: npm run build
+
+      - name: Create Release Pull Request or Publish
+        id: changesets
+        uses: changesets/action@v1
+        with:
+          title: 'chore: version packages'
+          commit: 'chore: version packages'
+          publish: npm run release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.gitignore

@@ -3,10 +3,12 @@ node_modules/
 
 # Build outputs
 dist/
-lib/
 build/
 *.tsbuildinfo
 
+# Ignore lib/ in root but not in packages (source files are in packages/*/lib/)
+/lib/
+
 # IDE
 .idea/
 .vscode/

.npmrc

@@ -0,0 +1 @@
+//registry.npmjs.org/:_authToken=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

CHANGELOG.md

@@ -0,0 +1,154 @@
+# lindas-stack-libraries Changelog
+
+**Repository:** SwissFederalArchives/lindas-stack-libraries
+**Description:** LINDAS Stack Libraries - Monorepo containing shared RDF libraries for the LINDAS ecosystem
+
+---
+
+## December 2025
+
+### 2025-12-12
+
+**`803b6ab` - Add webpack build for yasgui and increase max response size**
+- Added webpack build configuration for YASGUI
+- Increased maximum response size limits
+
+### 2025-12-11
+
+**`af114d3` - Fix @lindas/shacl-test line endings and permissions for Linux compatibility**
+- Fixed line endings for cross-platform compatibility
+- Fixed file permissions for Linux execution
+
+**`fae60b6` - Add docker-compose to release job**
+- Added Docker Compose to release workflow
+
+**`601dba5` - Combine CI and Release workflows into single pipeline**
+- Consolidated CI and release into single workflow
+
+**`f0c863c` - Add docker-compose setup to Release workflow**
+- Added Docker setup for testing
+
+**`390cc19` - Fix snapshot test name for renamed package**
+- Fixed test references after package rename
+
+**`d9ba42b` - Add docker-compose setup to CI workflow**
+- Added Docker setup for CI testing
+
+**`8c43c72` - Update wait-on to v9 for Node 22 compatibility**
+- Updated wait-on for Node.js 22 support
+
+**`2a25f7a` - Fix TypeScript test type errors in rdf-parser-csvw-xlsx**
+- Fixed TypeScript type errors
+
+**`5453070` - Add basic tests and configure automated npm publishing**
+- Added test suite
+- Configured automated npm publishing
+
+**`1d684de` - Publish packages @lindas/env@3.0.5 and @lindas/env-node@3.0.3**
+- Published updated environment packages
+
+**`4afb108` - Fix TypeScript module resolution and update CI workflows**
+- Fixed module resolution issues
+
+**`e964954` - Fix security vulnerabilities by replacing vulnerable xlsx dependency**
+- **Security Fix:** Replaced xlsx with exceljs
+- Fixed Prototype Pollution (GHSA-4r6h-8v6p-xvw6)
+- Fixed ReDoS vulnerability (GHSA-5pgg-2g8v-p4x9)
+
+**`af5d4ae` - Fix approvals flag quoting to prevent empty string argument**
+- Fixed CLI flag handling
+
+**`decbeb3` - Fix shacl-test scripts to use explicit node and bash commands for npm compatibility**
+- Fixed npm script compatibility
+
+**`3ba5095` - Fix @lindas/shacl-test line endings and permissions for Linux compatibility**
+- Cross-platform compatibility fixes
+
+**`233b9ff` - Fix @lindas/env browser compatibility by using readable-stream and util polyfills**
+- Added browser compatibility for environment package
+
+### 2025-12-10
+
+**`8ea3e5f` - Convert clownface from submodule to regular package files**
+- Integrated clownface into monorepo as regular package
+
+### 2025-12-09
+
+**`20f6824` - Fix vue-graph-layout build with ESM-compatible config files**
+- Fixed ESM module compatibility in vue-graph-layout
+
+**`4e4ef97` - Fix security vulnerabilities in rdf-parser-csvw-xlsx and vue-graph-layout**
+- **Security Fixes:**
+  - rdf-parser-csvw-xlsx: xlsx -> exceljs (Prototype Pollution, ReDoS)
+  - vue-graph-layout: Vue CLI -> Vite (webpack-dev-server CVEs)
+
+**`c7cc1f6` - Add rdf-parser-csvw-xlsx and fix clownface for monorepo**
+- Added @lindas/rdf-parser-csvw-xlsx package
+- Fixed clownface for monorepo structure
+
+**`c3d027e` - Bump @lindas/shacl-test to 0.1.3**
+- Version bump for SHACL test package
+
+**`ac43ec3` - Fix async/await in shorten-report.js for createPlaygroundUrl**
+- Fixed async function handling
+
+**`05224f2` - Update spex to use @lindas packages instead of @zazuko**
+- Migrated spex to @lindas packages
+
+**`1f04229` - Fix spex package to use @lindas dependencies instead of @zazuko**
+- Updated spex dependencies
+
+### 2025-12-08
+
+**`23d52d0` - Fix security vulnerabilities with npm overrides and package updates**
+- Applied npm overrides for security fixes:
+  - ip: 2.0.1 (CVE-2024-29415)
+  - braces: 3.0.3 (CVE-2024-4068)
+  - micromatch: 4.0.8 (ReDoS fix)
+  - ssh2: 1.16.0 (CVE-2024-47534)
+
+**`ca749bc` - Initial setup of lindas-stack-libraries monorepo**
+- Initial monorepo configuration
+- Set up npm workspaces
+
+---
+
+## Packages Included
+
+| Package | Description |
+|---------|-------------|
+| @lindas/env | RDF environment for browser and Node.js |
+| @lindas/env-node | Node.js-specific RDF environment |
+| @lindas/env-core | Core RDF environment |
+| @lindas/clownface | Graph traversal library for RDF |
+| @lindas/shacl-test | SHACL validation testing utilities |
+| @lindas/rdf-parser-csvw-xlsx | CSVW parser with Excel support |
+| @lindas/vue-graph-layout | Vue component for graph visualization |
+| @lindas/spex | SPARQL execution utilities |
+
+---
+
+## Summary
+
+### Security Fixes
+- Replaced vulnerable xlsx with exceljs (Prototype Pollution, ReDoS)
+- Replaced Vue CLI with Vite (webpack-dev-server CVEs)
+- Applied npm overrides for ip, braces, micromatch, ssh2 vulnerabilities
+
+### Package Migration
+- All packages migrated from @zazuko to @lindas namespace
+- Integrated clownface into monorepo
+
+### Cross-Platform Compatibility
+- Fixed line endings and permissions for Linux
+- Fixed Windows path handling
+- Added browser polyfills for environment package
+
+### CI/CD
+- Consolidated CI and Release workflows
+- Added Docker Compose testing
+- Configured automated npm publishing
+
+---
+
+*Last updated: 2025-12-15*

add-build-scripts.js

@@ -0,0 +1,38 @@
+const fs = require('fs');
+const path = require('path');
+
+const packagesDir = path.join(__dirname, 'packages');
+
+// Packages that have TypeScript and need build scripts
+const packagesToUpdate = fs.readdirSync(packagesDir).filter(pkg => {
+  const tsconfigPath = path.join(packagesDir, pkg, 'tsconfig.json');
+  return fs.existsSync(tsconfigPath);
+});
+
+console.log('Packages with tsconfig.json:', packagesToUpdate);
+
+for (const pkg of packagesToUpdate) {
+  const packageJsonPath = path.join(packagesDir, pkg, 'package.json');
+  if (!fs.existsSync(packageJsonPath)) {
+    console.log(`Skipping ${pkg} - no package.json`);
+    continue;
+  }
+
+  const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+
+  if (!packageJson.scripts) {
+    packageJson.scripts = {};
+  }
+
+  // Add build script if it doesn't exist
+  if (!packageJson.scripts.build) {
+    packageJson.scripts.build = 'tsc';
+    console.log(`Added build script to ${pkg}`);
+  } else {
+    console.log(`${pkg} already has build script: ${packageJson.scripts.build}`);
+  }
+
+  fs.writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2) + '\n');
+}
+
+console.log('Done!');