Enhance security and error handling in various components by refining error catch blocks to ignore specific errors, improving code clarity and consistency across the application.

2025-12-20 15:05:49 +01:00
parent 3e956ac46b
commit d89cabdd34
42 changed files with 117 additions and 113 deletions
--- a/.gitea/workflows/code-analysis.yml
+++ b/.gitea/workflows/code-analysis.yml
@@ -31,3 +31,18 @@ jobs:

      - name: Semgrep (SAST)
        run: semgrep --config p/default --error .
+
+      - name: npm audit (high+)
+        run: npm audit --audit-level=high || true
+
+      - name: OSV-Scanner (SCA)
+        run: |
+          curl -L -o osv-scanner https://github.com/google/osv-scanner/releases/latest/download/osv-scanner_linux_amd64
+          chmod +x osv-scanner
+          ./osv-scanner --lockfile package-lock.json
+
+      - name: gitleaks (Secrets Scanning)
+        run: |
+          curl -sSL https://github.com/gitleaks/gitleaks/releases/latest/download/gitleaks_linux_x64.tar.gz \
+            | tar -xz gitleaks
+          ./gitleaks detect --source . --no-git --redact --exit-code 1