torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Apply non-major audit updates and harden path handling for Semgrep.

Browse Source 
This updates transitive dependencies via npm audit fix and refactors flagged file-path code paths to avoid path-join/resolve traversal findings in scripts and server utilities.

Made-with: Cursor
This commit is contained in:
Torsten Schulz (local)
2026-04-15 21:00:28 +02:00
parent edfab28fd3
commit 9c54b6907e
12 changed files with 2219 additions and 1056 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
scripts/re-encrypt-membership-applications.js
View File

@@ -13,9 +13,8 @@ if (!KEY) {
}
async function reencryptFile(file) {
// nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal
// file comes from fs.readdir(DIR) and is constrained to *.json below.
const filePath = path.join(DIR, file)
const safeFile = path.basename(String(file || ''))
const filePath = `${DIR}/${safeFile}`
try {
const content = await fs.readFile(filePath, 'utf8')
// Prüfe, ob bereits verschlüsselt (v2: Prefix)