Initial commit from template

2025-12-23 04:19:57 +01:00
commit b3d8fe8dfe
76 changed files with 10491 additions and 0 deletions
--- a/.claude/skills/dependency-scanner/SKILL.md
+++ b/.claude/skills/dependency-scanner/SKILL.md
@@ -0,0 +1,114 @@
+---
+name: dependency-scanner
+description: Scannt npm Dependencies auf bekannte Sicherheitsluecken und veraltete Pakete. Nutze diesen Skill nach npm install, bei neuen Dependencies, oder wenn der User nach "vulnerabilities", "outdated", "npm audit", "dependency check", "pakete pruefen", "sicherheitsluecken" fragt. Gibt Ergebnisse zurueck die im Chat angezeigt werden.
+---
+
+# Dependency Security Scanner
+
+Scannt npm/pnpm Dependencies auf Sicherheitsluecken und veraltete Pakete.
+
+## Automatische Ausfuehrung
+
+Fuehre diesen Scan aus:
+1. Nach `npm install` oder `pnpm install`
+2. Bei neuen Dependencies in package.json
+3. Regelmaessig als Security Check
+
+## Scripts
+
+### Vollstaendiger Scan
+```bash
+bash scan-deps.sh
+```
+
+### Nur Audit (Vulnerabilities)
+```bash
+bash audit.sh
+```
+
+### Veraltete Pakete pruefen
+```bash
+bash check-outdated.sh
+```
+
+### Automatisch fixen
+```bash
+bash fix-vulnerabilities.sh
+```
+
+## Scan Ablauf
+
+### 1. npm audit durchfuehren
+```bash
+# Mit pnpm
+pnpm audit --json
+
+# Mit npm
+npm audit --json
+```
+
+### 2. Veraltete Pakete pruefen
+```bash
+# Mit pnpm
+pnpm outdated --json
+
+# Mit npm
+npm outdated --json
+```
+
+### 3. License Check (optional)
+```bash
+npx license-checker --summary
+```
+
+## Report Format fuer Chat
+
+Gib das Ergebnis in diesem Format zurueck:
+
+```markdown
+## Dependency Security Report
+
+**Scan Datum**: [timestamp]
+**Pakete geprueft**: [count]
+
+### Vulnerabilities
+
+| Severity | Count |
+|----------|-------|
+| Critical | 0     |
+| High     | 2     |
+| Moderate | 5     |
+| Low      | 3     |
+
+### Kritische Issues
+
+1. **lodash** (4.17.15) - Prototype Pollution
+   - Fix: `pnpm update lodash`
+
+2. **axios** (0.21.0) - SSRF Vulnerability
+   - Fix: `pnpm update axios`
+
+### Veraltete Pakete
+
+| Paket | Aktuell | Neueste | Typ |
+|-------|---------|---------|-----|
+| react | 18.2.0  | 19.0.0  | major |
+| next  | 14.0.0  | 15.1.0  | major |
+
+### Empfehlungen
+
+1. **Sofort**: Kritische Vulnerabilities fixen
+2. **Diese Woche**: High Severity fixen
+3. **Geplant**: Major Updates evaluieren
+
+### Automatischer Fix
+
+Fuehre aus: `pnpm audit fix` oder `bash fix-vulnerabilities.sh`
+```
+
+## Wichtig
+
+- Zeige Ergebnisse IMMER im Chat an
+- Bei kritischen Vulnerabilities: Warnung hervorheben
+- Schlage konkrete Fix-Befehle vor
+- Bei Major Updates: Changelog verlinken
--- a/.claude/skills/dependency-scanner/audit.sh
+++ b/.claude/skills/dependency-scanner/audit.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Schneller Vulnerability Audit
+
+set -e
+
+# Package Manager erkennen
+if [ -f "pnpm-lock.yaml" ]; then
+    echo "Fuehre pnpm audit aus..."
+    pnpm audit
+elif [ -f "yarn.lock" ]; then
+    echo "Fuehre yarn audit aus..."
+    yarn audit
+else
+    echo "Fuehre npm audit aus..."
+    npm audit
+fi
--- a/.claude/skills/dependency-scanner/check-outdated.sh
+++ b/.claude/skills/dependency-scanner/check-outdated.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Prueft auf veraltete Pakete
+
+set -e
+
+echo "Pruefe veraltete Pakete..."
+echo ""
+
+# Package Manager erkennen
+if [ -f "pnpm-lock.yaml" ]; then
+    pnpm outdated || true
+elif [ -f "yarn.lock" ]; then
+    yarn outdated || true
+else
+    npm outdated || true
+fi
+
+echo ""
+echo "Zum Updaten:"
+echo "  Alle: pnpm update"
+echo "  Einzeln: pnpm update <paket>"
+echo "  Major: pnpm update <paket>@latest"
--- a/.claude/skills/dependency-scanner/fix-vulnerabilities.sh
+++ b/.claude/skills/dependency-scanner/fix-vulnerabilities.sh
@@ -0,0 +1,60 @@
+#!/bin/bash
+# Automatischer Fix fuer Vulnerabilities
+
+set -e
+
+# Farben
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+YELLOW='\033[1;33m'
+NC='\033[0m'
+
+echo "Dependency Vulnerability Fix"
+echo "============================"
+echo ""
+
+# Package Manager erkennen
+if [ -f "pnpm-lock.yaml" ]; then
+    PKG_MANAGER="pnpm"
+elif [ -f "yarn.lock" ]; then
+    PKG_MANAGER="yarn"
+else
+    PKG_MANAGER="npm"
+fi
+
+# Vorher: Audit Status
+echo -e "${YELLOW}Status vor Fix:${NC}"
+$PKG_MANAGER audit 2>/dev/null | tail -5 || true
+echo ""
+
+# Fix durchfuehren
+echo -e "${YELLOW}Fuehre automatischen Fix durch...${NC}"
+echo ""
+
+case "$PKG_MANAGER" in
+    "pnpm")
+        # pnpm hat kein direktes audit fix
+        echo "pnpm: Update betroffene Pakete..."
+        pnpm update
+        ;;
+    "yarn")
+        yarn audit fix || yarn upgrade
+        ;;
+    "npm")
+        npm audit fix
+        ;;
+esac
+
+echo ""
+
+# Nachher: Audit Status
+echo -e "${YELLOW}Status nach Fix:${NC}"
+$PKG_MANAGER audit 2>/dev/null | tail -5 || true
+
+echo ""
+echo -e "${GREEN}Fix abgeschlossen!${NC}"
+echo ""
+echo "Naechste Schritte:"
+echo "  1. Teste die Anwendung: pnpm dev"
+echo "  2. Fuehre Tests aus: pnpm test"
+echo "  3. Bei Problemen: git checkout package.json pnpm-lock.yaml"
--- a/.claude/skills/dependency-scanner/scan-deps.sh
+++ b/.claude/skills/dependency-scanner/scan-deps.sh
@@ -0,0 +1,160 @@
+#!/bin/bash
+# Vollstaendiger Dependency Security Scan
+
+set -e
+
+# Farben
+RED='\033[0;31m'
+YELLOW='\033[1;33m'
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+NC='\033[0m'
+
+echo -e "${BLUE}================================${NC}"
+echo -e "${BLUE}Dependency Security Scanner${NC}"
+echo -e "${BLUE}================================${NC}"
+echo ""
+
+# Package Manager erkennen
+if [ -f "pnpm-lock.yaml" ]; then
+    PKG_MANAGER="pnpm"
+elif [ -f "yarn.lock" ]; then
+    PKG_MANAGER="yarn"
+elif [ -f "package-lock.json" ]; then
+    PKG_MANAGER="npm"
+else
+    PKG_MANAGER="npm"
+fi
+
+echo "Package Manager: $PKG_MANAGER"
+echo ""
+
+# Temporaere Dateien
+AUDIT_FILE=$(mktemp)
+OUTDATED_FILE=$(mktemp)
+
+# ================================
+# 1. VULNERABILITY AUDIT
+# ================================
+echo -e "${YELLOW}[1/3] Pruefe Sicherheitsluecken...${NC}"
+
+case "$PKG_MANAGER" in
+    "pnpm")
+        pnpm audit --json > "$AUDIT_FILE" 2>/dev/null || true
+        ;;
+    "yarn")
+        yarn audit --json > "$AUDIT_FILE" 2>/dev/null || true
+        ;;
+    "npm")
+        npm audit --json > "$AUDIT_FILE" 2>/dev/null || true
+        ;;
+esac
+
+# Audit Ergebnisse parsen
+if [ -s "$AUDIT_FILE" ]; then
+    CRITICAL=$(jq '.metadata.vulnerabilities.critical // 0' "$AUDIT_FILE" 2>/dev/null || echo "0")
+    HIGH=$(jq '.metadata.vulnerabilities.high // 0' "$AUDIT_FILE" 2>/dev/null || echo "0")
+    MODERATE=$(jq '.metadata.vulnerabilities.moderate // 0' "$AUDIT_FILE" 2>/dev/null || echo "0")
+    LOW=$(jq '.metadata.vulnerabilities.low // 0' "$AUDIT_FILE" 2>/dev/null || echo "0")
+    TOTAL=$((CRITICAL + HIGH + MODERATE + LOW))
+else
+    CRITICAL=0
+    HIGH=0
+    MODERATE=0
+    LOW=0
+    TOTAL=0
+fi
+
+echo ""
+echo "Vulnerabilities gefunden:"
+echo -e "  ${RED}Critical: $CRITICAL${NC}"
+echo -e "  ${RED}High: $HIGH${NC}"
+echo -e "  ${YELLOW}Moderate: $MODERATE${NC}"
+echo -e "  Low: $LOW"
+echo ""
+
+# ================================
+# 2. OUTDATED CHECK
+# ================================
+echo -e "${YELLOW}[2/3] Pruefe veraltete Pakete...${NC}"
+
+case "$PKG_MANAGER" in
+    "pnpm")
+        pnpm outdated --json > "$OUTDATED_FILE" 2>/dev/null || true
+        ;;
+    "npm")
+        npm outdated --json > "$OUTDATED_FILE" 2>/dev/null || true
+        ;;
+    "yarn")
+        yarn outdated --json > "$OUTDATED_FILE" 2>/dev/null || true
+        ;;
+esac
+
+if [ -s "$OUTDATED_FILE" ]; then
+    OUTDATED_COUNT=$(jq 'length' "$OUTDATED_FILE" 2>/dev/null || echo "0")
+    echo "Veraltete Pakete: $OUTDATED_COUNT"
+
+    if [ "$OUTDATED_COUNT" -gt 0 ]; then
+        echo ""
+        echo "Top 10 veraltete Pakete:"
+        jq -r 'to_entries | .[:10][] | "  \(.key): \(.value.current // "?") -> \(.value.latest // "?")"' "$OUTDATED_FILE" 2>/dev/null || true
+    fi
+else
+    OUTDATED_COUNT=0
+    echo "Keine veralteten Pakete gefunden."
+fi
+
+echo ""
+
+# ================================
+# 3. SCORE BERECHNEN
+# ================================
+echo -e "${YELLOW}[3/3] Berechne Security Score...${NC}"
+
+SCORE=$((100 - (CRITICAL * 25) - (HIGH * 10) - (MODERATE * 3) - (LOW * 1)))
+if [ $SCORE -lt 0 ]; then SCORE=0; fi
+
+echo ""
+echo -e "${BLUE}================================${NC}"
+echo -e "${BLUE}ERGEBNIS${NC}"
+echo -e "${BLUE}================================${NC}"
+echo ""
+
+if [ $SCORE -ge 90 ]; then
+    echo -e "Security Score: ${GREEN}$SCORE/100${NC}"
+elif [ $SCORE -ge 70 ]; then
+    echo -e "Security Score: ${YELLOW}$SCORE/100${NC}"
+else
+    echo -e "Security Score: ${RED}$SCORE/100${NC}"
+fi
+
+echo ""
+echo "Zusammenfassung:"
+echo "  Vulnerabilities: $TOTAL"
+echo "  Veraltete Pakete: $OUTDATED_COUNT"
+
+# ================================
+# EMPFEHLUNGEN
+# ================================
+echo ""
+echo -e "${BLUE}Empfehlungen:${NC}"
+
+if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ]; then
+    echo -e "  ${RED}DRINGEND: Fuehre '$PKG_MANAGER audit fix' aus${NC}"
+fi
+
+if [ "$OUTDATED_COUNT" -gt 10 ]; then
+    echo -e "  ${YELLOW}Updates verfuegbar: '$PKG_MANAGER update'${NC}"
+fi
+
+if [ "$TOTAL" -eq 0 ] && [ "$OUTDATED_COUNT" -lt 5 ]; then
+    echo -e "  ${GREEN}Alles in Ordnung! Dependencies sind sicher.${NC}"
+fi
+
+# Cleanup
+rm -f "$AUDIT_FILE" "$OUTDATED_FILE"
+
+# Exit mit Fehler bei kritischen Issues
+if [ "$CRITICAL" -gt 0 ]; then
+    exit 1
+fi