Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

scripts/set-admin-password.js

@@ -26,6 +26,8 @@ dotenv.config({ path: path.join(__dirname, '..', '.env') })
 const ADMIN_EMAIL = 'admin@harheimertc.de'
 
 // Pfade bestimmen
+// nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
+// filename is always a hardcoded constant (e.g., 'users.json'), never user input
 function getDataPath(filename) {
   const cwd = process.cwd()
   if (cwd.endsWith('.output')) {