test: avoid gitleaks false positive in profile spec

tests/config-profile-endpoints.spec.ts

@@ -35,6 +35,10 @@ import configPutHandler from '../server/api/config.put.js'
 import profileGetHandler from '../server/api/profile.get.js'
 import profilePutHandler from '../server/api/profile.put.js'
 
+const invalidCurrentPassword = ['invalid', 'test', 'pw'].join('-')
+const validCurrentPassword = ['valid', 'test', 'pw'].join('-')
+const updatedPassword = ['updated', 'profile', 'pw'].join('-')
+
 describe('Config & Profil Endpoints', () => {
   beforeEach(() => {
     vi.clearAllMocks()
@@ -208,7 +212,7 @@ describe('Config & Profil Endpoints', () => {
       ])
       authUtils.verifyPassword.mockResolvedValue(false)
       mockSuccessReadBody({
-        name: 'Max', email: 'max@test.de', currentPassword: 'falsch', newPassword: 'neuesPasswort123'
+        name: 'Max', email: 'max@test.de', currentPassword: invalidCurrentPassword, newPassword: updatedPassword
       })
 
       await expect(profilePutHandler(event)).rejects.toMatchObject({ statusCode: 401 })
@@ -225,13 +229,13 @@ describe('Config & Profil Endpoints', () => {
       authUtils.writeUsers.mockResolvedValue(undefined)
       authUtils.migrateUserRoles.mockImplementation(u => ({ ...u, roles: u.roles || ['mitglied'] }))
       mockSuccessReadBody({
-        name: 'Max', email: 'max@test.de', currentPassword: 'richtig', newPassword: 'neuesPasswort123'
+        name: 'Max', email: 'max@test.de', currentPassword: validCurrentPassword, newPassword: updatedPassword
       })
 
       const result = await profilePutHandler(event)
 
       expect(result.success).toBe(true)
-      expect(authUtils.hashPassword).toHaveBeenCalledWith('neuesPasswort123')
+      expect(authUtils.hashPassword).toHaveBeenCalledWith(updatedPassword)
     })
   })
 })