Potential fix for code scanning alert no. 3: Information exposure through an exception

[GitTimeraider]

Potential fix for https://github.com/GitTimeraider/GithubBackup-docker/security/code-scanning/3

To generally fix this type of issue, never expose full exception messages or stack traces to the user. Instead, return a sanitized, generic error message (for example, "An internal error occurred"). You should still log full error details server-side so developers can diagnose the issue.

Detailed fix for this code:

• In the except Exception as e: block at line 542, replace return jsonify({'success': False, 'error': str(e)}), 500 with a generic error message such as return jsonify({'success': False, 'error': 'Internal server error'}), 500.
• No imports are needed, and logging is already set up (and error is logged via logger.error in the relevant context).
• Make sure not to leak sensitive details in any other returned result (for example, check if the internal test_backup_with_context() could return sensitive details in error strings – as it currently returns f"Error: {str(e)}").

File/Region to Change:

• app.py, lines 543 (and consider 537).

---

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[Copilot]

Pull Request Overview

This PR addresses a code scanning security alert by sanitizing error messages exposed to users to prevent information leakage through exceptions. The changes replace detailed error messages with generic messages while maintaining proper logging for debugging purposes.

• Replace specific exception details with generic error messages in user-facing responses
• Add explicit error logging before returning sanitized responses
• Ensure both the inner function and outer exception handler follow the same pattern

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}