Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

2025-12-20 10:49:20 +01:00
parent 98b69c446c
commit 8fcb71b946
49 changed files with 349 additions and 23 deletions
--- a/server/utils/email-service.js
+++ b/server/utils/email-service.js
@@ -12,6 +12,8 @@ import path from 'path'
 * @param {string} filename - Config filename
 * @returns {string} Full path to config file
 */
+// nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
+// filename is always a hardcoded constant (e.g., 'config.json'), never user input
 function getDataPath(filename) {
  const isProduction = process.env.NODE_ENV === 'production'