Add Vitest security test suite and update security evaluation doc

Browse source

Set up Vitest with server (node) and client (jsdom) test projects.
79 tests across 8 files verify all Phase 0-1 security controls:
escapeHtml sanitization, DOMPurify markdown XSS prevention, CSRF
enforcement, security headers, rate limiting, auth guards, profile
field allowlist, and login anti-enumeration. Updated SECURITY_EVALUATION.md
with remediation status, implementation summary, and automated test
coverage details.

...

This commit is contained in:

Jennie Robinson Faber 2026-03-01 12:30:06 +00:00

parent d5c95ace0a

commit 29c96a207e

14 changed files with 2454 additions and 3 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

1123

package-lock.json generated

View file

File diff suppressed because it is too large Load diff