[CHORE] Vite define() warning: process.env exposure

## Problem

During frontend build, vite emits a security warning:
```
The `define` option contains an object with "PATH" for "process.env" key. It looks like you may have passed the entire `process.env` object to `define`, which can unintentionally expose all environment variables. This poses a security risk and is discouraged.
```

## Root Cause

`frontend/vite.config.js` line 19-21:
```js
define: {
  "process.env": process.env
}
```

This passes the entire `process.env` to Vite's `define`, exposing all host env vars to the bundle.

## Proposed Fix

Use a whitelist of required env vars:
```js
define: {
  "process.env.NODE_ENV": JSON.stringify(process.env.NODE_ENV || "production")
  // Add other specific vars as needed
}
```

Or use `vite-plugin-environment` for proper env var handling.

## Acceptance Criteria

- [ ] `cd frontend && npx vite build` runs without the PATH/process.env warning
- [ ] No functionality broken (verify frontend tests pass)
- [ ] Bundle still has access to required env vars at build time

## Aufwand

~15-30 min

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[CHORE] Vite define() warning: process.env exposure #108

Problem

Root Cause

Proposed Fix

Acceptance Criteria

Aufwand

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[CHORE] Vite define() warning: process.env exposure #108

Description

Problem

Root Cause

Proposed Fix

Acceptance Criteria

Aufwand

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions