feat: rebrand Hemmelig to paste.es for cloudhost.es

- Set Spanish as default language with ephemeral/encrypted privacy focus - Translate all user-facing strings and legal pages to Spanish - Replace Norwegian flag with Spanish flag in footer - Remove Hemmelig/terces.cloud links, add cloudhost.es sponsorship - Rewrite PrivacyPage: zero data collection, ephemeral design emphasis - Rewrite TermsPage: Spanish law, RGPD, paste.es/CloudHost.es references - Update PWA manifest, HTML meta tags, package.json branding - Rename webhook headers to X-Paste-Event / X-Paste-Signature - Update API docs title and contact to paste.es / cloudhost.es Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-24 09:30:19 +01:00
commit bc9f96cbd4
268 changed files with 45773 additions and 0 deletions
--- a/.github/workflows/trivy.yaml
+++ b/.github/workflows/trivy.yaml
@@ -0,0 +1,51 @@
+name: Trivy - Scan
+on:
+    schedule:
+        # https://crontab.guru/daily
+        - cron: '0 0 * * *'
+    pull_request:
+jobs:
+    scan_repository:
+        name: Scan the repository
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@v4
+
+            - name: Run Trivy vulnerability scanner in repo mode
+              uses: aquasecurity/trivy-action@0.28.0
+              with:
+                  scan-type: 'fs'
+                  ignore-unfixed: true
+                  format: 'sarif'
+                  output: 'trivy-results.sarif'
+                  severity: 'CRITICAL'
+
+            - name: Upload Trivy scan results to GitHub Security tab
+              uses: github/codeql-action/upload-sarif@v3
+              with:
+                  sarif_file: 'trivy-results.sarif'
+
+    scan_vulnerabilities:
+        name: Scan the docker image
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@v4
+
+            - name: Build an image from Dockerfile
+              run: |
+                  docker build -t docker.io/hemmeligorg/hemmelig:${{ github.sha }} .
+
+            - name: Run Trivy vulnerability scanner
+              uses: aquasecurity/trivy-action@0.28.0
+              with:
+                  image-ref: 'docker.io/hemmeligorg/hemmelig:${{ github.sha }}'
+                  format: 'sarif'
+                  output: 'trivy-results.sarif'
+
+            - name: Upload Trivy scan results to GitHub Security tab
+              uses: github/codeql-action/upload-sarif@v3
+              if: always()
+              with:
+                  sarif_file: 'trivy-results.sarif'