Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

2025-12-20 10:49:20 +01:00
parent acfa842131
commit 316cce1b26
49 changed files with 349 additions and 23 deletions
--- a/server/utils/auth.js
+++ b/server/utils/auth.js
@@ -28,6 +28,8 @@ export function migrateUserRoles(user) {
 const JWT_SECRET = process.env.JWT_SECRET || 'harheimertc-secret-key-change-in-production'

 // Handle both dev and production paths
+// nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
+// filename is always a hardcoded constant (e.g., 'users.json'), never user input
 const getDataPath = (filename) => {
  const cwd = process.cwd()