Exceptions

[Qoder-Undefined]

main.ts: no global exception filter — unhandled errors leak stack traces and expose internals to API consumers

Summary
The application has no global exception filter registered in main.ts. Any unhandled exception (TypeORM errors, third-party API failures, unexpected null dereferences) will return a raw NestJS error object that may include stack traces, internal file paths, and database error details to the API consumer.

Why This Matters
Leaking internal error details is a security vulnerability. It also produces inconsistent error response shapes across the API.

What Needs to Be Done
Implement a GlobalExceptionFilter that catches HttpException and all other Error types
Log unexpected errors (non-HttpException) with full stack trace server-side
Return a sanitized JSON response { statusCode, message, timestamp, path } — never expose stack traces to clients
Register via app.useGlobalFilters(new GlobalExceptionFilter()) in main.ts
Key Files
src/main.ts
New file: src/common/filters/global-exception.filter.ts
Acceptance Criteria
All unhandled exceptions return a consistent { statusCode, message, timestamp, path } response shape
Stack traces never appear in HTTP response bodies
Internal errors are logged server-side with full context
Unit tests cover HTTP and non-HTTP exception cases
Complexity: High — 200 points
closes #554

[drips-wave]

@Qoder-Undefined Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

[portableDD]

@Qoder-Undefined please resolve conflicts