refactor(api): improve CVE to GHSA error detection and code clarity

- Use case-insensitive error matching for more reliable detection
- Add more specific status code patterns (status: 403, status code 403)
- Express 30-day duration as readable calculation (30 * 24 * 60 * 60 * 1000)
- Remove redundant inline comment
- Rename variable for clearer intent (isGitHubRateLimit -> isRateLimitOrNetworkError)

Author: jdalton

src/utils/cve-to-ghsa.mts

@@ -14,8 +14,7 @@ export async function convertCveToGhsa(
     const cacheKey = `cve-to-ghsa-${cveId}`
     const octokit = getOctokit()
 
-    // CVE to GHSA mappings don't change, cache for 30 days (in milliseconds).
-    const THIRTY_DAYS_MS = 2_592_000_000
+    const THIRTY_DAYS_MS = 30 * 24 * 60 * 60 * 1000
 
     const response = await cacheFetch(
       cacheKey,
@@ -40,16 +39,18 @@ export async function convertCveToGhsa(
     }
   } catch (e) {
     const errorCause = getErrorCause(e)
-    // Detect GitHub API rate limit errors.
-    const isGitHubRateLimit =
-      errorCause.includes('rate limit') ||
-      errorCause.includes('EPIPE') ||
-      errorCause.includes('ECONNRESET') ||
-      errorCause.includes('403')
+    const errorLower = errorCause.toLowerCase()
+    // Detect GitHub API rate limit and network errors.
+    const isRateLimitOrNetworkError =
+      errorLower.includes('rate limit') ||
+      errorLower.includes('epipe') ||
+      errorLower.includes('econnreset') ||
+      errorLower.includes('status: 403') ||
+      errorLower.includes('status code 403')
 
     return {
       ok: false,
-      message: isGitHubRateLimit
+      message: isRateLimitOrNetworkError
         ? 'GitHub API rate limit exceeded while converting CVE to GHSA. Wait an hour or set SOCKET_CLI_GITHUB_TOKEN environment variable with a personal access token for higher limits.'
         : `Failed to convert CVE to GHSA: ${errorCause}`,
     }