Skip to content

Modernize codebase and fix security issues#1

Open
srivarshithdaladuli wants to merge 1 commit intomasterfrom
update-code-modernization
Open

Modernize codebase and fix security issues#1
srivarshithdaladuli wants to merge 1 commit intomasterfrom
update-code-modernization

Conversation

@srivarshithdaladuli
Copy link
Owner

@srivarshithdaladuli srivarshithdaladuli commented Feb 13, 2026

Summary

This PR modernizes the codebase with security fixes, better accessibility, and updated dependencies.

Changes

Security

  • Fixed critical eval() vulnerability - Replaced unsafe eval() with a custom safe expression parser that validates input and properly handles operator precedence

Dependencies

  • Updated Express from ^4.17.1 to ^4.21.0
  • Removed unnecessary path package (Node.js has a built-in path module)
  • Bumped version to 2.0.0
  • Added Node.js engine requirement (>=18.0.0)

JavaScript (script.js)

  • Refactored to use Calculator object pattern
  • Added input validation (prevents multiple operators/decimals)
  • Added keyboard support (0-9, operators, Enter, Escape, Backspace)
  • Added backspace functionality
  • Handles division by zero gracefully

HTML (index.html)

  • Added semantic <main> element
  • Added ARIA attributes for accessibility
  • Removed duplicate AdSense script tag
  • Added meta description and theme-color

CSS (style.css)

  • Added box-sizing: border-box reset
  • Improved responsive design for mobile
  • Added prefers-reduced-motion media query
  • Enhanced button hover/focus/active states
  • Updated to system font stack

Server (server.js)

  • Added /health endpoint for monitoring
  • Added graceful shutdown handling for SIGTERM signal

Testing

  • Server starts successfully
  • All files pass syntax validation

This PR was generated with Warp.

@srivarshithdaladuli @warp-agent
Modernize codebase and fix security issues
4075add 
- Update package.json: bump version to 2.0.0, update Express to ^4.21.0
- Remove unnecessary path package (Node.js has built-in path module)
- Add dev script with --watch flag for development
- Add Node.js engine requirement (>=18.0.0)

- Fix critical security issue: replace eval() with safe expression parser
- Add proper operator precedence handling in calculator
- Add input validation to prevent malicious code execution
- Add keyboard support for better usability
- Add backspace functionality

- Improve HTML semantics and accessibility (ARIA labels)
- Remove duplicate AdSense script tag
- Add meta description and theme-color

- Modernize CSS with box-sizing reset
- Add responsive design for mobile devices
- Add reduced motion media query for accessibility
- Improve button hover/focus states and transitions

- Add health check endpoint to server
- Add graceful shutdown handling for SIGTERM

Co-Authored-By: Warp <agent@warp.dev>
@vercel
Copy link

vercel bot commented Feb 13, 2026

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
calculator-using-node-js Ready Ready Preview, Comment Feb 13, 2026 9:49pm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@srivarshithdaladuli