fixes potential xss, outdated dependencies, path traversal

[shebinleo]

Changes

1. Path Traversal: In PDFBoxWrapper.js and TikaWrapper.js, the filepath is not sanitized before being passed to the java command. This could allow an attacker to read arbitrary files by providing a malicious path.
2. Potential XSS: In HTMLParser.js, the extractPages function uses $page.html() to extract HTML content, which could lead to XSS if the PDF contains malicious HTML.
3. Outdated Dependency: The brace-expansion package is outdated and has a low-severity
   vulnerability.

[github-actions]

Coverage after merging xss-protection-and-temp-dir-usage-dependency-fixes into main will be

97.27%

Coverage Report

File	Stmts	Branches	Funcs	Lines	Uncovered Lines
index.js	100%	100%	100%	100%
lib
CommandExecutor.js	84.21%	57.14%	83.33%	92%	10, 28, 34–35, 38
FileManager.js	95.45%	94.12%	71.43%	100%	42
HTMLParser.js	94.44%	66.67%	100%	100%	13
ImageProcessor.js	83.33%	100%	100%	80%	16
PDFBoxWrapper.js	91.43%	100%	83.33%	92.59%	53–54
PDFProcessor.js	98.51%	94.12%	100%	100%	82
TikaWrapper.js	100%	100%	100%	100%
config.js	100%	100%	100%	100%
errors.js	100%	100%	100%	100%

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

Coverage after merging xss-protection-and-temp-dir-usage-dependency-fixes into main will be

97.27%

Coverage Report

File	Stmts	Branches	Funcs	Lines	Uncovered Lines
index.js	100%	100%	100%	100%
lib
CommandExecutor.js	84.21%	57.14%	83.33%	92%	10, 28, 34–35, 38
FileManager.js	95.45%	94.12%	71.43%	100%	42
HTMLParser.js	94.44%	66.67%	100%	100%	13
ImageProcessor.js	83.33%	100%	100%	80%	16
PDFBoxWrapper.js	91.43%	100%	83.33%	92.59%	53–54
PDFProcessor.js	98.51%	94.12%	100%	100%	82
TikaWrapper.js	100%	100%	100%	100%
config.js	100%	100%	100%	100%
errors.js	100%	100%	100%	100%