[pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

Author: pre-commit-ci[bot]

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -47,14 +47,14 @@ body:
       label: Steps to Reproduce
       description: How can we reproduce the bug?
       placeholder: |
-        Example: 
+        Example:
         1. Go to "Upload"
         2. Click on "Select File"
         3. Choose a large file (over 100MB)
         4. Click "Upload"
         5. See error
       value: |
-        1. 
+        1.
     validations:
       required: true
 

.github/workflows/cmake-single-platform.yml

@@ -36,4 +36,3 @@ jobs:
       # Execute tests defined by the CMake configuration.
       # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail
       run: ctest -C ${{env.BUILD_TYPE}}
-

.github/workflows/datadog-synthetics.yml

@@ -34,5 +34,3 @@ jobs:
         api_key: ${{secrets.DD_API_KEY}}
         app_key: ${{secrets.DD_APP_KEY}}
         test_search_query: 'tag:e2e-tests' #Modify this tag to suit your tagging strategy
-
-

.github/workflows/go-ossf-slsa3-publish.yml

@@ -35,4 +35,3 @@ jobs:
       # =============================================================================================================
       #     Optional: For more options, see https://github.com/slsa-framework/slsa-github-generator#golang-projects
       # =============================================================================================================
-

.github/workflows/octopusdeploy.yml

@@ -1,5 +1,5 @@
 # This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by separate terms of service, 
+# They are provided by a third-party and are governed by separate terms of service,
 # privacy policy, and support documentation.
 #
 # This workflow will build and publish a Docker container which is then deployed through Octopus Deploy.
@@ -12,13 +12,13 @@
 #
 # To configure this workflow:
 #
-# 1. Decide where you are going to host your image. 
+# 1. Decide where you are going to host your image.
 #    This template uses the GitHub Registry for simplicity but if required you can update the relevant DOCKER_REGISTRY variables below.
 #
-# 2. Create and configure an OIDC credential for a service account in Octopus. 
+# 2. Create and configure an OIDC credential for a service account in Octopus.
 #    This allows for passwordless authentication to your Octopus instance through a trust relationship configured between Octopus, GitHub and your GitHub Repository.
-#    https://octopus.com/docs/octopus-rest-api/openid-connect/github-actions 
-#  
+#    https://octopus.com/docs/octopus-rest-api/openid-connect/github-actions
+#
 # 3. Configure your Octopus project details below:
 #      OCTOPUS_URL: update to your Octopus Instance Url
 #      OCTOPUS_SERVICE_ACCOUNT: update to your service account Id
@@ -42,14 +42,14 @@ jobs:
       packages: write
       contents: read
     env:
-      DOCKER_REGISTRY: ghcr.io                                # TODO: Update to your docker registry uri 
+      DOCKER_REGISTRY: ghcr.io                                # TODO: Update to your docker registry uri
       DOCKER_REGISTRY_USERNAME: ${{ github.actor }}           # TODO: Update to your docker registry username
       DOCKER_REGISTRY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}   # TODO: Update to your docker registry password
     outputs:
       image_tag: ${{ steps.meta.outputs.version }}
     steps:
       - uses: actions/checkout@v4
-      
+
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
 
@@ -64,7 +64,7 @@ jobs:
         id: meta
         uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
         with:
-          images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }} 
+          images: ${{ env.DOCKER_REGISTRY }}/${{ github.repository }}
           tags: type=semver,pattern={{version}},value=v1.0.0-{{sha}}
 
       - name: Build and push Docker image
@@ -74,7 +74,7 @@ jobs:
           context: .
           push: true
           tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}      
+          labels: ${{ steps.meta.outputs.labels }}
   deploy:
     name: Deploy
     permissions:
@@ -89,9 +89,9 @@ jobs:
       OCTOPUS_ENVIRONMENT: 'your-environment'             # TODO: update to the name of the environment to recieve the first deployment
 
     steps:
-      - name: Login to Octopus Deploy 
+      - name: Login to Octopus Deploy
         uses: OctopusDeploy/login@34b6dcc1e86fa373c14e6a28c5507d221e4de629  #v1.0.2
-        with: 
+        with:
           server: '${{ env.OCTOPUS_URL }}'
           service_account_id: '${{ env.OCTOPUS_SERVICE_ACCOUNT }}'
 
@@ -104,7 +104,7 @@ jobs:
           packages: '*:${{ needs.build.outputs.image_tag }}'
 
       - name: Deploy Release
-        uses: OctopusDeploy/deploy-release-action@b10a606c903b0a5bce24102af9d066638ab429ac #v3.2.1 
+        uses: OctopusDeploy/deploy-release-action@b10a606c903b0a5bce24102af9d066638ab429ac #v3.2.1
         with:
           project: '${{ env.OCTOPUS_PROJECT }}'
           space: '${{ env.OCTOPUS_SPACE }}'

ABSOLUTE_FINAL_STATUS.txt

@@ -465,8 +465,8 @@ Expected Outcome: $220.6M benefits, 745% ROI, regulatory leadership positioning
 CONCLUSION
 ================================================================================
 
-The Omni-Sentinel Global AI Governance Framework is PRODUCTION READY and 
-represents the most comprehensive AI governance architecture ever implemented 
+The Omni-Sentinel Global AI Governance Framework is PRODUCTION READY and
+represents the most comprehensive AI governance architecture ever implemented
 for a Global Systemically Important Financial Institution (G-SIFI).
 
 This framework delivers:
@@ -478,15 +478,15 @@ This framework delivers:
   - 3-tier human oversight with automation bias mitigation
   - 95%+ governance persistence at 12 months
 
-All technical work is COMPLETE. All files are COMMITTED. All documentation is 
+All technical work is COMPLETE. All files are COMMITTED. All documentation is
 READY. The framework is awaiting YOUR DEPLOYMENT ACTION.
 
-Your next immediate action: Download files from /home/user/webapp/ and deploy 
-using EXECUTIVE_ONE_PAGE_SUMMARY.md or QUICK_ACTION_GUIDE.md within the next 
+Your next immediate action: Download files from /home/user/webapp/ and deploy
+using EXECUTIVE_ONE_PAGE_SUMMARY.md or QUICK_ACTION_GUIDE.md within the next
 24 hours.
 
-This framework will transform AI governance from a compliance cost center into 
-a strategic business capability delivering measurable value and positioning 
+This framework will transform AI governance from a compliance cost center into
+a strategic business capability delivering measurable value and positioning
 the organization as a global leader in responsible AI deployment.
 
 ================================================================================

CITATION.cff

@@ -20,7 +20,7 @@ abstract: >-
   The AGI Pipeline is built to facilitate seamless integration and interaction
   between different AI modules, enabling the development of sophisticated AI
   applications. Key features of the pipeline include:
-  
+
   1. Natural Language Processing (NLP):
      - Utilizes the BART (Bidirectional and Auto-Regressive Transformers) model for text summarization and other NLP tasks.
      - Provides efficient and accurate text processing capabilities.

COMPREHENSIVE_SECURITY_AUDIT_REPORT.md

@@ -1,12 +1,12 @@
 # Comprehensive Security Audit Report
 ## Critical Stack Vulnerability Assessment & Refactored Production Code
 
-**Classification:** CONFIDENTIAL - SECURITY AUDIT USE ONLY  
-**Document ID:** SEC-AUDIT-2026-002-COMPREHENSIVE  
-**Version:** 1.0  
-**Date:** 2026-01-22  
-**Auditor:** Senior Cyber-Security Architect  
-**Scope:** Node.js (Next.js 14.2.35), Python 3.x (FastAPI/Celery), Bash Scripts, Docker Infrastructure  
+**Classification:** CONFIDENTIAL - SECURITY AUDIT USE ONLY
+**Document ID:** SEC-AUDIT-2026-002-COMPREHENSIVE
+**Version:** 1.0
+**Date:** 2026-01-22
+**Auditor:** Senior Cyber-Security Architect
+**Scope:** Node.js (Next.js 14.2.35), Python 3.x (FastAPI/Celery), Bash Scripts, Docker Infrastructure
 **Distribution:** CISO, CRO, Head of Security Architecture, Development Leadership
 
 ---
@@ -47,7 +47,7 @@ This comprehensive security audit identifies **23 HIGH to CRITICAL severity vuln
 
 #### 🔴 CRITICAL FINDING #1: Prompt Injection via Unvalidated User Input
 
-**CWE-94: Improper Control of Generation of Code ('Code Injection')**  
+**CWE-94: Improper Control of Generation of Code ('Code Injection')**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H` (Score: **10.0 CRITICAL**)
 
 **Vulnerable Code (Lines 50-58):**
@@ -273,7 +273,7 @@ function encode(s: string) { return new TextEncoder().encode(s); }
 
 #### 🟠 HIGH FINDING #2: Insufficient Content Security Policy
 
-**CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')**  
+**CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N` (Score: **6.1 MEDIUM** but escalates to **7.5 HIGH** with stored XSS)
 
 **Vulnerability:**
@@ -340,7 +340,7 @@ export const config = {
 
 #### 🟠 HIGH FINDING #3: Weak Regular Expression for PII Detection (ReDoS Risk)
 
-**CWE-1333: Inefficient Regular Expression Complexity (ReDoS)**  
+**CWE-1333: Inefficient Regular Expression Complexity (ReDoS)**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H` (Score: **7.5 HIGH**)
 
 **Vulnerable Code (Line 4):**
@@ -512,7 +512,7 @@ export { redactPII };
 
 #### 🔴 CRITICAL FINDING #4: Hardcoded Credentials & Environment Variable Exposure
 
-**CWE-798: Use of Hard-coded Credentials**  
+**CWE-798: Use of Hard-coded Credentials**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` (Score: **9.8 CRITICAL**)
 
 **Vulnerable Code (Lines 1-35):**
@@ -919,7 +919,7 @@ if __name__ == "__main__":
 
 #### 🔴 CRITICAL FINDING #5: Path Traversal in File Upload
 
-**CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')**  
+**CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N` (Score: **8.1 HIGH**)
 
 **Vulnerable Code (Lines 323-328):**
@@ -948,7 +948,7 @@ curl -X POST http://api.example.com/process/ \
 
 #### 🔴 CRITICAL FINDING #6: SQL Injection Risk (Hypothetical - No DB in Current Code)
 
-**CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')**  
+**CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` (Score: **9.8 CRITICAL**)
 
 **Scenario:** If user authentication is moved to SQL database (future implementation)
@@ -1012,7 +1012,7 @@ def get_user_secure(username: str):
 
 #### 🔴 CRITICAL FINDING #7: Command Injection in Bash Scripts
 
-**CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')**  
+**CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H` (Score: **10.0 CRITICAL**)
 
 **Vulnerable Bash Pattern:**
@@ -1154,7 +1154,7 @@ main "$@"
 
 #### 🟠 HIGH FINDING #8: Running Container as Root
 
-**CWE-250: Execution with Unnecessary Privileges**  
+**CWE-250: Execution with Unnecessary Privileges**
 **CVSS v3.1 Vector:** `AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H` (Score: **8.8 HIGH**)
 
 **Vulnerable Dockerfile:**
@@ -1225,7 +1225,7 @@ CMD ["node", "server.js"]
 
 #### 🟠 HIGH FINDING #9: Outdated Next.js Version with Known Vulnerabilities
 
-**CWE-1104: Use of Unmaintained Third Party Components**  
+**CWE-1104: Use of Unmaintained Third Party Components**
 **CVSS v3.1 Vector:** `AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N` (Score: **6.1 MEDIUM** but escalates with CVEs)
 
 **Current Dependencies:**
@@ -1351,23 +1351,23 @@ npm update next react react-dom
 
 This security audit demonstrates compliance with:
 
-✅ **NIST 800-53 R5** (SI-10, AC-3, IA-5, SC-8, SC-13, SI-15, SI-16)  
-✅ **GDPR** (Art. 25, 32, 33)  
-✅ **PRA SS1/23** (§4.2 Model Risk Governance)  
-✅ **EU AI Act** (Art. 15 Cybersecurity Requirements)  
+✅ **NIST 800-53 R5** (SI-10, AC-3, IA-5, SC-8, SC-13, SI-15, SI-16)
+✅ **GDPR** (Art. 25, 32, 33)
+✅ **PRA SS1/23** (§4.2 Model Risk Governance)
+✅ **EU AI Act** (Art. 15 Cybersecurity Requirements)
 ✅ **OWASP Top 10 2021** (A01:2021-Broken Access Control, A03:2021-Injection, A05:2021-Security Misconfiguration)
 
-**Audit Certification:**  
+**Audit Certification:**
 The refactored codebase mitigates **44 distinct CWE vulnerabilities** across Node.js, Python, Bash, and Docker infrastructure. All CRITICAL and HIGH severity findings have been addressed with production-ready secure code implementations.
 
 ---
 
 **End of Report**
 
-**Classification:** CONFIDENTIAL - SECURITY AUDIT USE ONLY  
-**Document Control:** Version 1.0 — Approved for CISO Review  
-**Next Audit Date:** 2026-04-22 (90-day cycle)  
-**Auditor:** Senior Cyber-Security Architect  
+**Classification:** CONFIDENTIAL - SECURITY AUDIT USE ONLY
+**Document Control:** Version 1.0 — Approved for CISO Review
+**Next Audit Date:** 2026-04-22 (90-day cycle)
+**Auditor:** Senior Cyber-Security Architect
 **Approvers:** CISO, CRO, Head of Security Architecture, VP of Engineering
 
 **For inquiries, contact:** security-architecture@globalbank.com