lupppig
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 5 additions & 2 deletions b/‎.github/workflows/ci.yml‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 2 deletions b/‎.gitignore‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎web/.npmrc‎
Lines changed: 1 addition & 1 deletion b/‎web/.npmrc‎
Lines changed: 1 addition & 1 deletion
@@ -54,10 +54,10 @@ jobs:
           cache-dependency-path: web/package-lock.json
 
       - name: Install dependencies
-        run: npm ci --registry=https://registry.npmjs.org/
+        run: npm ci
 
       - name: Audit dependencies
-        run: npm audit --audit-level=high --registry=https://registry.npmjs.org/
+        run: npm audit --audit-level=high
 
   # ──────────────────────────────────────────────
   # Backend
@@ -104,6 +104,9 @@ jobs:
       - uses: pypa/gh-action-pip-audit@v1.1.0
         with:
           virtual-environment: server/.venv
+          # ecdsa maintainer considers side-channel attacks out of scope (CVE-2024-23342)
+          ignore-vulns: |
+            GHSA-wj6h-64fc-37mp
 
   # ──────────────────────────────────────────────
   # CodeQL – Static Analysis (both languages)
 
@@ -14,8 +14,8 @@ dist/
 downloads/
 eggs/
 .eggs/
-lib/
-lib64/
+/lib/
+/lib64/
 parts/
 sdist/
 var/
 
@@ -1,3 +1,3 @@
 fetch-retry-maxtimeout=600000
 strict-ssl=false
-registry=http://registry.npmjs.org/
+registry=https://registry.npmjs.org/
-Original file line number
+Diff line change
 downloads/
 eggs/
 .eggs/
 -lib/
 -lib64/
 +/lib/
 +/lib64/
 parts/
 sdist/
 var/