feat: implement 8 OpenSpec proposals for security, reliability, and UX improvements

## Security Enhancements (P0)
- Add input validation with max_length and numeric range constraints
- Implement WebSocket token authentication via first message
- Add path traversal prevention in file storage service

## Permission Enhancements (P0)
- Add project member management for cross-department access
- Implement is_department_manager flag for workload visibility

## Cycle Detection (P0)
- Add DFS-based cycle detection for task dependencies
- Add formula field circular reference detection
- Display user-friendly cycle path visualization

## Concurrency & Reliability (P1)
- Implement optimistic locking with version field (409 Conflict on mismatch)
- Add trigger retry mechanism with exponential backoff (1s, 2s, 4s)
- Implement cascade restore for soft-deleted tasks

## Rate Limiting (P1)
- Add tiered rate limits: standard (60/min), sensitive (20/min), heavy (5/min)
- Apply rate limits to tasks, reports, attachments, and comments

## Frontend Improvements (P1)
- Add responsive sidebar with hamburger menu for mobile
- Improve touch-friendly UI with proper tap target sizes
- Complete i18n translations for all components

## Backend Reliability (P2)
- Configure database connection pool (size=10, overflow=20)
- Add Redis fallback mechanism with message queue
- Add blocker check before task deletion

## API Enhancements (P3)
- Add standardized response wrapper utility
- Add /health/ready and /health/live endpoints
- Implement project templates with status/field copying

## Tests Added
- test_input_validation.py - Schema and path traversal tests
- test_concurrency_reliability.py - Optimistic locking and retry tests
- test_backend_reliability.py - Connection pool and Redis tests
- test_api_enhancements.py - Health check and template tests

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

openspec/changes/archive/2026-01-10-add-cycle-detection/proposal.md

@@ -0,0 +1,18 @@
+# Change: Add Cycle Detection for Task Dependencies and Formula Fields
+
+## Why
+The system currently lacks detection for circular references in task dependencies and custom field formulas. This can lead to infinite loops during Gantt chart rendering or formula calculation, potentially causing application crashes or stack overflow errors.
+
+## What Changes
+- Implement cycle detection algorithm (DFS/BFS) for task dependencies
+- Add cycle detection for formula field references
+- Return descriptive error when cycle is detected
+- Prevent saving of configurations that would create cycles
+
+## Impact
+- Affected specs: task-management, automation
+- Affected code:
+  - `backend/app/services/dependency_service.py` - Task dependency validation
+  - `backend/app/services/formula_service.py` - Formula reference validation
+  - `backend/app/api/task-dependencies/router.py` - API validation
+  - `backend/app/api/custom-fields/router.py` - Field validation

openspec/changes/archive/2026-01-10-add-cycle-detection/specs/automation/spec.md

@@ -0,0 +1,18 @@
+## ADDED Requirements
+
+### Requirement: Formula Field Cycle Prevention
+The system SHALL detect and prevent circular references in custom field formulas to avoid infinite calculation loops.
+
+#### Scenario: Formula self-reference rejected
+- **WHEN** user creates a formula field that references itself
+- **THEN** system rejects with 400 Bad Request
+- **THEN** error message indicates self-reference is not allowed
+
+#### Scenario: Formula circular reference chain rejected
+- **WHEN** user creates formula where Field A references Field B and Field B references Field A
+- **THEN** system rejects with 400 Bad Request
+- **THEN** error message includes the reference cycle path
+
+#### Scenario: Valid formula references accepted
+- **WHEN** user creates formula referencing other fields without cycles
+- **THEN** system saves the formula and calculates values correctly

openspec/changes/archive/2026-01-10-add-cycle-detection/specs/task-management/spec.md

@@ -0,0 +1,19 @@
+## ADDED Requirements
+
+### Requirement: Task Dependency Cycle Prevention
+The system SHALL detect and prevent circular dependencies between tasks to ensure Gantt charts can be properly rendered.
+
+#### Scenario: Direct circular dependency rejected
+- **WHEN** user attempts to create dependency where Task A depends on Task B and Task B depends on Task A
+- **THEN** system rejects the operation with 400 Bad Request
+- **THEN** error message includes the cycle path (e.g., "Circular dependency detected: A -> B -> A")
+
+#### Scenario: Indirect circular dependency rejected
+- **WHEN** user attempts to create dependency that would form a cycle (A -> B -> C -> A)
+- **THEN** system rejects the operation with 400 Bad Request
+- **THEN** error message includes the full cycle path
+
+#### Scenario: Valid dependency chain accepted
+- **WHEN** user creates dependencies forming a valid DAG (directed acyclic graph)
+- **THEN** system accepts and saves the dependencies
+- **THEN** Gantt chart renders correctly with proper task ordering

openspec/changes/archive/2026-01-10-add-cycle-detection/tasks.md

@@ -0,0 +1,23 @@
+# Tasks: Add Cycle Detection
+
+## 1. Task Dependency Cycle Detection
+- [x] 1.1 Implement DFS-based cycle detection algorithm in dependency_service.py
+- [x] 1.2 Add validation hook when creating/updating task dependencies
+- [x] 1.3 Return 400 Bad Request with cycle path details when detected
+- [x] 1.4 Add cycle detection check in bulk dependency operations
+
+## 2. Formula Field Cycle Detection
+- [x] 2.1 Parse formula field references to build dependency graph
+- [x] 2.2 Implement cycle detection for formula field references
+- [x] 2.3 Add validation when saving custom field formulas
+- [x] 2.4 Return descriptive error showing the cycle path
+
+## 3. Frontend Feedback
+- [x] 3.1 Display user-friendly error message when cycle detected
+- [x] 3.2 Optionally highlight the problematic dependencies in UI
+
+## 4. Testing
+- [x] 4.1 Add unit tests for cycle detection algorithm
+- [x] 4.2 Test direct circular dependency (A -> B -> A)
+- [x] 4.3 Test indirect circular dependency (A -> B -> C -> A)
+- [x] 4.4 Test formula field circular references