fix: sanitize svg colors and secure track-user ip rate limiting

[riddhima25bet10005-a11y]

Description

Fixes #1983

This PR addresses two security issues:

1. SVG XSS Mitigation: Explicitly passes user-supplied parameters through sanitizeHexColor before injecting them into the fallback error SVG (generateNotFoundSVG), mitigating any potential risk of unescaped hex color XSS.
2. MongoDB Exhaustion/DoS Mitigation: Hardens the IP resolution logic in the /api/track-user endpoint by resolving the true client IP using Vercel's trusted headers (x-real-ip and the last IP in the x-forwarded-for chain). This effectively patches the IP-spoofing rate-limit bypass.

Pillar

• dYZ" Pillar 1 ?" New Theme Design
• dY"? Pillar 2 ?" Geometric SVG Improvement
• dY ? Pillar 3 ?" Timezone Logic Optimization
• dY>,? Other (Bug fix, refactoring, docs)

Visual Preview

N/A (Backend Security Fixes)

Checklist before requesting a review:

• I have read the CONTRIBUTING.md file.
• I have tested these changes locally (localhost:3000/api/streak?user=YOUR_USERNAME).
• I have run npm run format and npm run lint locally and resolved all errors (CI will fail otherwise).
• My commits follow the Conventional Commits format (e.g., feat(themes): ..., fix(calculate): ...).
• I have updated README.md if I added a new theme or URL parameter.
• I have started the repo.
• I have made sure that i have only one commit to merge in this PR.
• The SVG output matches the CommitPulse "premium quality" aesthetic standard (no raw elements, smooth animations, correct fonts).
• (Recommended) I joined the CommitPulse Discord community for contributor discussions, mentorship, and faster PR support.

[vercel]

@riddhima25bet10005-a11y is attempting to deploy a commit to the jhasourav07's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[Aamod007]

@riddhima25bet10005-a11y look fot pipeline error fixes

[riddhima25bet10005-a11y]

pipeline errors are fixed @Aamod007

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

⚠️ Hey @riddhima25bet10005-a11y, this PR has merge conflicts with the main branch.

Please pull the latest changes and resolve the conflicts so we can review it!

git fetch origin
git rebase origin/main
# resolve any conflicts, then:
git push --force-with-lease

Once resolved, the needs-rebase label will be removed automatically on the next check. 🙌

[github-actions]

🎉 Congratulations @riddhima25bet10005-a11y! Your PR has been successfully merged. 🚀

Thank you for contributing to CommitPulse. Your work helps us build a better tool for the community.

⚠️ Important for GSSoC Contributors:
You are strictly advised to join our Discord Server as it is mandatory for all GSSoC participants. All important announcements, point claims, and community discussions happen there.

Keep building! 💻✨