Enhance security and error handling in various components by refining error catch blocks to ignore specific errors, improving code clarity and consistency across the application.

2025-12-20 15:05:49 +01:00
parent 3e956ac46b
commit d89cabdd34
42 changed files with 117 additions and 113 deletions
--- a/server/api/newsletter/groups/[id]/posts/create.post.js
+++ b/server/api/newsletter/groups/[id]/posts/create.post.js
@@ -3,7 +3,6 @@ import path from 'path'
 import { getUserFromToken, hasAnyRole } from '../../../../../utils/auth.js'
 import { randomUUID } from 'crypto'
 import { getRecipientsByGroup, getNewsletterSubscribers, generateUnsubscribeToken } from '../../../../../utils/newsletter.js'
-import { encryptObject, decryptObject } from '../../../../../utils/encryption.js'
 import nodemailer from 'nodemailer'

 // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal
@@ -81,7 +80,7 @@ async function loadLogoAsBase64() {
 }

 // Erstellt Newsletter-HTML mit Header und Footer
-async function createNewsletterHTML(post, group, unsubscribeToken = null, creatorName = null, creatorEmail = null) {
+async function createNewsletterHTML(post, group, unsubscribeToken = null, _creatorName = null, _creatorEmail = null) {
  const config = await loadConfig()
  const clubName = config.verein?.name || 'Harheimer Tischtennis-Club 1954 e.V.'
  const baseUrl = process.env.NUXT_PUBLIC_BASE_URL || 'http://localhost:3100'
--- a/server/api/newsletter/groups/[id]/posts/list.get.js
+++ b/server/api/newsletter/groups/[id]/posts/list.get.js
@@ -1,7 +1,6 @@
 import fs from 'fs/promises'
 import path from 'path'
 import { getUserFromToken, hasAnyRole } from '../../../../../utils/auth.js'
-import { encryptObject, decryptObject } from '../../../../../utils/encryption.js'

 // nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal.path-join-resolve-traversal
 // filename is always a hardcoded constant (e.g., 'newsletter-posts.json'), never user input
@@ -32,7 +31,7 @@ function isEncrypted(data) {
      return false
    }
    return false
-  } catch (e) {
+  } catch (_e) {
    return true
  }
 }
@@ -52,7 +51,7 @@ async function readPosts() {
          const plainData = JSON.parse(data)
          console.warn('Entschlüsselung fehlgeschlagen, versuche als unverschlüsseltes Format zu lesen')
          return plainData
-        } catch (parseError) {
+        } catch (_parseError) {
          console.error('Konnte Newsletter-Posts weder entschlüsseln noch als JSON lesen')
          return []
        }
--- a/server/api/newsletter/groups/public-list.get.js
+++ b/server/api/newsletter/groups/public-list.get.js
@@ -40,7 +40,7 @@ export default defineEventHandler(async (event) => {
          isLoggedIn = true
        }
      }
-    } catch (e) {
+    } catch (_e) {
      // Nicht eingeloggt - kein Problem
    }