Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

2025-12-20 10:49:20 +01:00
parent acfa842131
commit 316cce1b26
49 changed files with 349 additions and 23 deletions
--- a/scripts/inspect-forms.js
+++ b/scripts/inspect-forms.js
@@ -64,6 +64,8 @@ async function main() {
  let pdfFiles = []
  if (fs.existsSync(uploads)) {
    pdfFiles = fs.readdirSync(uploads).filter(f => f.toLowerCase().endsWith('.pdf'))
+      // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
+      // f is from readdirSync, filtered to .pdf only, path traversal prevented
      .map(f => ({ f, mtime: fs.statSync(path.join(uploads, f)).mtimeMs }))
      .sort((a,b) => b.mtime - a.mtime)
      .map(x => x.f)