feat: Enhance security and validation in backend

- Added helmet for security headers and configured content security policy
- Implemented CORS with a whitelist for allowed origins
- Introduced express-validator for input validation in API endpoints
- Set request size limits to prevent DoS attacks
- Added global error handling and 404 response
- Updated TypeScript configuration to use node16 module resolution
- Improved Docker Compose configuration for security and resource limits
- Created a comprehensive .env.example for environment configuration
- Implemented automated security scans in CI/CD with Trivy
- Added cleanup script for debugging ports
- Established a detailed security policy document

frontend/Dockerfile.dev

@@ -1,14 +1,21 @@
 # Frontend Development Dockerfile
+# SICHERHEITS-OPTIMIERT: Non-root User
 FROM node:18-alpine
 
+# Non-root User erstellen (node-User existiert bereits)
+RUN mkdir -p /app && chown -R node:node /app
+
 WORKDIR /app
 
+# Wechsle zu non-root User VOR Package-Installation
+USER node
+
 # Package files kopieren
-COPY package*.json ./
+COPY --chown=node:node package*.json ./
 RUN npm ci
 
 # Source code kopieren
-COPY . .
+COPY --chown=node:node . .
 
 # Port exposieren
 EXPOSE 3000