Audit enferno/static folder using retire js

[apodacaduron]

Jira Issue

1. [Add links to jira issues]

Description

Issue

We have static JavaScript libraries in enferno/static/js/ that are manually maintained. The package.json exists but is rarely updated and not actively used, making it difficult to track vulnerabilities in our static libraries.

Solution

Add a GitHub Actions workflow (fe-js-audit.yml) to automatically scan our static JS libraries using Retire.js.

This ensures we catch known vulnerabilities in the libraries we actually use, independent of the outdated package.json.

Checklist

• Tests added/updated
• Documentation updated (if needed)
• New strings prepared for translations

API Changes (if applicable)

• Permissions checked
• Endpoint tests added

Additional Notes

[Any other relevant information]

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch js-scan-workflow

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[level09]

This is great. since we can now scan our static libs, let's phase out and clean all npm/package.json related files.