Test

.env.example

@@ -0,0 +1,16 @@
+# Copy this file to .env.local and fill in the real values.
+# NEVER commit .env.local to version control.
+
+# Firebase configuration
+# Obtain these values from your Firebase project settings:
+# https://console.firebase.google.com/project/_/settings/general
+NEXT_PUBLIC_FIREBASE_API_KEY=your_firebase_api_key_here
+NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=your_project_id.firebaseapp.com
+NEXT_PUBLIC_FIREBASE_PROJECT_ID=your_project_id
+NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=your_project_id.firebasestorage.app
+NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=your_messaging_sender_id
+NEXT_PUBLIC_FIREBASE_APP_ID=your_firebase_app_id
+
+# Web3Forms access key
+# Obtain this from https://web3forms.com/
+NEXT_PUBLIC_WEB3FORMS_ACCESS_KEY=your_web3forms_access_key_here

.eslintrc.json

@@ -0,0 +1,3 @@
+{
+  "extends": "next/core-web-vitals"
+}

.github/dependabot.yml

@@ -0,0 +1,13 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "weekly"
+
+

.github/workflows/release.yml

@@ -0,0 +1,44 @@
+name: Create Release
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release:
+    name: Create GitHub Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Read version from package.json
+        id: pkg
+        run: |
+          VERSION=$(node -p "require('./package.json').version")
+          echo "version=$VERSION" >> "$GITHUB_OUTPUT"
+
+      - name: Check if tag already exists
+        id: tag_check
+        run: |
+          if git ls-remote --tags origin "refs/tags/v${{ steps.pkg.outputs.version }}" | grep -q .; then
+            echo "exists=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "exists=false" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Create tag and GitHub Release
+        if: steps.tag_check.outputs.exists == 'false'
+        uses: softprops/action-gh-release@v2
+        with:
+          tag_name: v${{ steps.pkg.outputs.version }}
+          name: "NEXULEAN v${{ steps.pkg.outputs.version }}"
+          body_path: CHANGELOG.md
+          draft: false
+          prerelease: false

.gitignore

@@ -18,6 +18,7 @@ yarn-error.log*
 
 # env files
 .env*
+!.env.example
 
 # vercel
 .vercel

.npmrc

@@ -0,0 +1 @@
+@stalin-143:registry=https://npm.pkg.github.com

CHANGELOG.md

@@ -0,0 +1,46 @@
+# Changelog
+
+All notable changes to NEXULEAN are documented in this file.
+
+---
+
+## [v2.0.0] — 2026-03-11
+
+### 🚀 New Features
+
+- **Full Next.js 14 App Router** — Rebuilt from the ground up using the Next.js 14 App Router with TypeScript 5 for type-safe server and client components.
+- **Firebase Authentication** — Secure login, sign-up, and password-reset flows powered by Firebase Auth (email & password).
+- **Authenticated Dashboard** — Protected client portal accessible only to logged-in users.
+- **Cybersecurity Services Page** — Detailed breakdown of ethical hacking, penetration testing, AI-powered security, digital forensics, threat intelligence, and reverse engineering services.
+- **Projects Showcase** — Portfolio of security tools, exploits, and AI models.
+- **Secure Contact Form** — Hardened enquiry form for security assessments and consulting requests.
+- **Dark / Light Mode** — System-aware theme toggle via `next-themes`.
+- **Smooth Animations** — Page and component transitions powered by Framer Motion.
+- **shadcn/ui Component Library** — Full Radix UI-based component library integrated via shadcn/ui.
+- **Netlify Deployment** — Static export hosted on Netlify with security headers (`X-Frame-Options`, `X-Content-Type-Options`, `Referrer-Policy`).
+
+### 🛠 Tech Stack
+
+| Layer          | Technology                            |
+|----------------|---------------------------------------|
+| Framework      | Next.js 14 (App Router, static export)|
+| Language       | TypeScript 5                          |
+| Styling        | Tailwind CSS 3 + tailwindcss-animate  |
+| UI Components  | Radix UI + shadcn/ui                  |
+| Animations     | Framer Motion                         |
+| Authentication | Firebase Auth                         |
+| Icons          | Lucide React                          |
+| Forms          | React Hook Form + Zod                 |
+| Charts         | Recharts                              |
+| Deployment     | Netlify                               |
+
+### 🔒 Security
+
+- **CVE-2026-32138 fixed** — Hardcoded Firebase API keys and Web3Forms access key removed from source code. All credentials are now read from environment variables (`NEXT_PUBLIC_FIREBASE_*`, `NEXT_PUBLIC_WEB3FORMS_ACCESS_KEY`). A `.env.example` template is provided; copy it to `.env.local` and supply real values — the app throws a clear startup error when any required variable is missing.
+- Security headers configured in `netlify.toml`.
+- Private vulnerability reporting enabled via GitHub Security Advisories.
+- `.env.local` excluded from version control.
+
+---
+
+*For full project details, see [README.md](./README.md).*