Backend hardening: structured logging, timeouts, memory leak fixes, compression, XSS fix

- Add pino structured logging with request IDs (X-Request-Id header) - Add 30s timeout to acquirePage() and renderPdf/renderUrlPdf - Add verification cache cleanup (every 15min) and rate limit cleanup (every 60s) - Read version from package.json in health endpoint - Add compression middleware - Escape currency in templates (XSS fix) - Add static asset caching (1h maxAge) - Remove deprecated docker-compose version field - Replace all console.log/error with pino logger
2026-02-16 08:27:42 +00:00 · 2026-02-16 08:27:42 +00:00 · 9541ae1826
commit 9541ae1826
parent 4833edf44c
20 changed files with 319 additions and 74 deletions
--- a/package.json
+++ b/package.json
@ -10,25 +10,28 @@
    "test": "vitest run"
  },
  "dependencies": {
+    "compression": "^1.8.1",
    "express": "^4.21.0",
    "express-rate-limit": "^7.5.0",
    "helmet": "^8.0.0",
    "marked": "^15.0.0",
    "nanoid": "^5.0.0",
    "nodemailer": "^8.0.1",
+    "pg": "^8.13.0",
+    "pino": "^10.3.1",
    "puppeteer": "^24.0.0",
    "stripe": "^20.3.1",
-    "swagger-ui-dist": "^5.31.0",
-    "pg": "^8.13.0"
+    "swagger-ui-dist": "^5.31.0"
  },
  "devDependencies": {
+    "@types/compression": "^1.8.1",
    "@types/express": "^5.0.0",
    "@types/node": "^22.0.0",
    "@types/nodemailer": "^7.0.9",
+    "@types/pg": "^8.11.0",
    "tsx": "^4.19.0",
    "typescript": "^5.7.0",
-    "vitest": "^3.0.0",
-    "@types/pg": "^8.11.0"
+    "vitest": "^3.0.0"
  },
  "type": "module"
-}
+}