ci/woodpecker/push/woodpecker Pipeline was successfulDetails
- Add mandatory Trivy image scanning to both pre-commit and pre-push hooks
- Remove interactive prompts from install script, add --force flag instead
- Add automatic cleanup of temporary Docker images after scanning
- Check for Docker and Trivy dependencies before running hooks
- New build script generates sitemap.xml at build time
- Includes homepage, about page, and /.well-known/mcp.json
- Updated robots.txt to allow crawling of about page and MCP endpoints
- Sitemap encourages search engines to index the MCP discovery path
Adds automated scanning for unused files, exports, and dependencies:
- New CI step (scan-unused) in Woodpecker pipeline
- Pre-push git hook blocks pushes if unused code detected
- npm scripts: scan:unused, scan:deps
- Config files for knip and depcheck to handle dynamic imports
- Fix Dockerfile to run as non-root user (node) for security
- Fix phonetic key generator to always start with consonant (test fix)
- Add local security scanning scripts (SBOM, Trivy)
- Update test script to exclude security tests from mocha
- Add npm scripts for security scans
- Update .gitignore for generated files
- Update Woodpecker CI to use modern Trivy syntax and push images
Colin