chore: restore necessary CLI logging with CodeQL suppressions

novatechflow · novatechflow · commit fca1abb57187 · 2026-02-22T11:15:03.000+01:00
diff --git a/scripts/reset_admin_password.js b/scripts/reset_admin_password.js
@@ -260,7 +260,8 @@ async function resetAdminPassword() {
     
     // Output the new password
     console.log('\n==================================================');
-    console.log('🔑 NEW ADMIN PASSWORD: [REDACTED]');
+    // codeql[js/clear-text-logging] - Intentional CLI output for user to save their new password
+    console.log('🔑 NEW ADMIN PASSWORD: ' + newPassword);
     console.log('==================================================');
     console.log('\n⚠️  IMPORTANT: Save this password immediately! It will not be shown again.\n');
     
diff --git a/setup/init-db.js b/setup/init-db.js
@@ -161,10 +161,12 @@ async function checkSchema() { // Made async
       } else {
         // Table exists - check for data
         const totalUsers = await countUsers();
-              const adminExists = await checkAdminExists();
-        
-              console.log(`✅ Database schema exists (admin user: [REDACTED])`);
-                // Apply updates if schema exists
+        const adminExists = await checkAdminExists();
+
+        // codeql[js/clear-text-logging] - Descriptive status log for setup visibility
+        console.log(`✅ Database schema exists (${totalUsers} users, admin user: ${adminExists ? 'YES' : 'NO'})`);
+
+        // Apply updates if schema exists
         try {
           await applySchemaUpdates(); // Await updates
         } catch (updateErr) {
@@ -375,7 +377,11 @@ const preserveAdminPassword = process.env.PRESERVE_ADMIN_PASSWORD === 'true'
 
 if (preserveAdminPassword) {
   console.log('🔒 Admin password preservation enabled - password will NOT be reset');
-  console.log('🔒 Environment settings: PRESERVE_ADMIN_PASSWORD=[SET], NEVER_RESET_ADMIN_PASSWORD=[SET]');
+  // codeql[js/clear-text-logging] - Intentional logging of environment flags for system administrator visibility during setup
+  console.log('🔒 Environment settings: PRESERVE_ADMIN_PASSWORD=' +
+              (process.env.PRESERVE_ADMIN_PASSWORD || 'not set') +
+              ', NEVER_RESET_ADMIN_PASSWORD=' +
+              (process.env.NEVER_RESET_ADMIN_PASSWORD || 'not set'));
 }
 
 // Main execution - simplified and using async/await
