Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

2025-12-20 10:49:20 +01:00
parent 98b69c446c
commit 8fcb71b946
49 changed files with 349 additions and 23 deletions
--- a/scripts/find-membership-values.js
+++ b/scripts/find-membership-values.js
@@ -6,6 +6,8 @@ async function main() {
  const uploads = path.join(process.cwd(), 'public', 'uploads')
  const files = fs.existsSync(uploads) ? fs.readdirSync(uploads).filter(f => f.toLowerCase().endsWith('.pdf')) : []
  if (files.length === 0) { console.log('no pdfs'); return }
+  // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
+  // files are from readdirSync, filtered to .pdf only, path traversal prevented
  files.sort((a,b) => fs.statSync(path.join(uploads,b)).mtimeMs - fs.statSync(path.join(uploads,a)).mtimeMs)
  const latest = path.join(uploads, files[0])
  console.log('Inspecting', latest)