hastebin

Commit Graph

Author	SHA1	Message	Date
Colin	edc1680f1c	Add unused code/dependency scanning with knip and depcheck ci/woodpecker/push/woodpecker Pipeline failed Details Adds automated scanning for unused files, exports, and dependencies: - New CI step (scan-unused) in Woodpecker pipeline - Pre-push git hook blocks pushes if unused code detected - npm scripts: scan:unused, scan:deps - Config files for knip and depcheck to handle dynamic imports	2026-01-23 09:04:57 -05:00
Colin	618a2c1ff7	Security improvements and local testing scripts ci/woodpecker/push/woodpecker Pipeline failed Details - Fix Dockerfile to run as non-root user (node) for security - Fix phonetic key generator to always start with consonant (test fix) - Add local security scanning scripts (SBOM, Trivy) - Update test script to exclude security tests from mocha - Add npm scripts for security scans - Update .gitignore for generated files - Update Woodpecker CI to use modern Trivy syntax and push images	2026-01-21 10:21:55 -05:00

Author

SHA1

Message

Date

Colin

edc1680f1c

Add unused code/dependency scanning with knip and depcheck

ci/woodpecker/push/woodpecker Pipeline failed Details

Adds automated scanning for unused files, exports, and dependencies:
- New CI step (scan-unused) in Woodpecker pipeline
- Pre-push git hook blocks pushes if unused code detected
- npm scripts: scan:unused, scan:deps
- Config files for knip and depcheck to handle dynamic imports

2026-01-23 09:04:57 -05:00

Colin

618a2c1ff7

Security improvements and local testing scripts

ci/woodpecker/push/woodpecker Pipeline failed Details

- Fix Dockerfile to run as non-root user (node) for security
- Fix phonetic key generator to always start with consonant (test fix)
- Add local security scanning scripts (SBOM, Trivy)
- Update test script to exclude security tests from mocha
- Add npm scripts for security scans
- Update .gitignore for generated files
- Update Woodpecker CI to use modern Trivy syntax and push images

2026-01-21 10:21:55 -05:00

2 Commits