Merge develop into master (April 7) #1697

	name: Backend Checks

	permissions:
	contents: read
	security-events: write

	on:
	pull_request:
	branches: ['master', 'develop']
	paths:
	- 'Servers/**'
	push:
	branches: ['master', 'develop']
	paths:
	- 'Servers/**'

	jobs:
	security-audit:
	name: Security Audit
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: Servers

	steps:
	- uses: actions/checkout@v6

	- name: Set up Node
	uses: actions/setup-node@v6
	with:
	node-version: '20'

	- name: Install dependencies
	run: npm ci

	- name: Run npm audit
	run: npm audit --audit-level=high
	continue-on-error: true

	- name: Run npm audit (JSON output for review)
	run: npm audit --json > ../audit-results.json \|\| true

	- name: Upload audit results
	uses: actions/upload-artifact@v7
	with:
	name: backend-npm-audit-results
	path: audit-results.json
	retention-days: 30

	lint-and-build:
	name: Lint and Build
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: Servers

	steps:
	- uses: actions/checkout@v6

	- name: Set up Node
	uses: actions/setup-node@v6
	with:
	node-version: '20'

	- name: Install dependencies
	run: npm ci

	- name: TypeScript type check
	run: npm run build

	- name: Run tests
	run: npm test

	dependency-review:
	name: Dependency Review
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request'
	steps:
	- uses: actions/checkout@v6

	- name: Dependency Review
	uses: actions/dependency-review-action@v4
	continue-on-error: true
	with:
	fail-on-severity: high
	deny-licenses: GPL-3.0, AGPL-3.0

Provide feedback