Torsten Schulz (local) 4d5fb43ebc Enhance deploy-test.sh with functions for Node.js version management, dependency installation, and public document synchronization. Implement checks for Node.js version requirements and improve error handling for document syncing. Update environment configuration in harheimertc.test.config.cjs to support development and test environments. Modify email recipient logic in contact and email service APIs to prevent notifications in test environments. Add tests to verify behavior in test conditions.

2026-04-16 13:06:14 +02:00

..

audit-log.js

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

auth.js

Add support for multiple encryption keys in data handling

2026-01-09 09:05:05 +01:00

contact-requests.js

Implement status toggle functionality for contact requests, updating the status display and adding error handling. Enhance the UI with a new button for marking requests as completed or reopening them.

2026-03-11 21:16:03 +01:00

cookies.js

Update CMS navigation links and remove membership application page

2026-02-09 09:58:46 +01:00

email-service.js

Enhance deploy-test.sh with functions for Node.js version management, dependency installation, and public document synchronization. Implement checks for Node.js version requirements and improve error handling for document syncing. Update environment configuration in harheimertc.test.config.cjs to support development and test environments. Modify email recipient logic in contact and email service APIs to prevent notifications in test environments. Add tests to verify behavior in test conditions.

2026-04-16 13:06:14 +02:00

encryption.js

Add security comments to path handling in various scripts to clarify internal constant usage and mitigate path traversal risks. Update logging in registration and verification processes for improved clarity.

2026-04-15 20:52:38 +02:00

hibp.js

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

members.js

Refactor saveMember function to enhance duplicate member handling, allowing updates to existing duplicates and improving error handling for member existence checks.

2026-03-29 14:54:18 +02:00

news.js

Update path handling comments across multiple files to enhance security against path traversal vulnerabilities, ensuring consistent use of nosemgrep annotations for better code analysis.

2025-12-20 14:49:57 +01:00

newsletter.js

Add support for multiple encryption keys in data handling

2026-01-09 09:05:05 +01:00

passkey-recovery.js

Implement passkey recovery feature, including email link requests and registration options. Update login and registration pages to support passkey authentication, with UI enhancements for user experience. Add server-side handling for passkey registration and login, including account activation checks. Update environment configuration for passkey recovery TTL settings.

2026-01-07 18:37:01 +01:00

path-security.js

Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

2025-12-20 10:49:20 +01:00

paths.js

Apply non-major audit updates and harden path handling for Semgrep.

2026-04-15 21:00:28 +02:00

pdf-field-mapper.js

Enhance security and error handling in various components by refining error catch blocks to ignore specific errors, improving code clarity and consistency across the application.

2025-12-20 15:05:49 +01:00

pdf-form-filler.js

Enhance security and error handling in various components by refining error catch blocks to ignore specific errors, improving code clarity and consistency across the application.

2025-12-20 15:05:49 +01:00

pdf-generator-service.js

Enhance security and error handling in various components by refining error catch blocks to ignore specific errors, improving code clarity and consistency across the application.

2025-12-20 15:05:49 +01:00

rate-limit.js

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

termine.js

Apply non-major audit updates and harden path handling for Semgrep.

2026-04-15 21:00:28 +02:00

upload-validation.js

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00

webauthn-challenges.js

Enhance debug logging and Cross-Device support for Passkey Registration

2026-01-08 23:27:11 +01:00

webauthn-config.js

Enhance WebAuthn origin handling and debug logging for passkey registration

2026-01-07 22:01:28 +01:00

webauthn-encoding.js

Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.

2026-01-05 11:50:57 +01:00