GitHub's automatic security and quality scanning has identified a few potential issues in our code. Although a few of these have been published a long time ago, we should still figure out whether they're relevant and fix them up - if anything to improve our code quality.

Many of these are related, and easy to fix:

Type confusion in parsePush.ts:

https://github.com/finos/git-proxy/security/code-scanning/141
https://github.com/finos/git-proxy/security/code-scanning/140
https://github.com/finos/git-proxy/security/code-scanning/139
https://github.com/finos/git-proxy/security/code-scanning/138

Excessive workflow permissions

https://github.com/finos/git-proxy/security/code-scanning/143
https://github.com/finos/git-proxy/security/code-scanning/133
https://github.com/finos/git-proxy/security/code-scanning/132

Unpinned dependencies

https://github.com/finos/git-proxy/security/code-scanning/120
https://github.com/finos/git-proxy/security/code-scanning/113

The only one that isn't eay to fix is this one:
https://github.com/finos/git-proxy/security/code-scanning/64

Most vulnerabilities come from specific packages that don't get updated, the biggest culprit being docusaurus.

Describe the solution you'd like
We should fix these to improve GitProxy's code quality and inspire trust in potential adopters.