feat: implement security, error resilience, and query optimization proposals

Security Validation (enhance-security-validation):
- JWT secret validation with entropy checking and pattern detection
- CSRF protection middleware with token generation/validation
- Frontend CSRF token auto-injection for DELETE/PUT/PATCH requests
- MIME type validation with magic bytes detection for file uploads

Error Resilience (add-error-resilience):
- React ErrorBoundary component with fallback UI and retry functionality
- ErrorBoundaryWithI18n wrapper for internationalization support
- Page-level and section-level error boundaries in App.tsx

Query Performance (optimize-query-performance):
- Query monitoring utility with threshold warnings
- N+1 query fixes using joinedload/selectinload
- Optimized project members, tasks, and subtasks endpoints

Bug Fixes:
- WebSocket session management (P0): Return primitives instead of ORM objects
- LIKE query injection (P1): Escape special characters in search queries

Tests: 543 backend tests, 56 frontend tests passing

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

backend/app/core/config.py

@@ -122,6 +122,11 @@ class Settings(BaseSettings):
     RATE_LIMIT_SENSITIVE: str = "20/minute"  # Attachments, password change, report export
     RATE_LIMIT_HEAVY: str = "5/minute"  # Report generation, bulk operations
 
+    # Development Mode Settings
+    DEBUG: bool = False  # Enable debug mode for development
+    QUERY_LOGGING: bool = False  # Enable SQLAlchemy query logging
+    QUERY_COUNT_THRESHOLD: int = 10  # Warn when query count exceeds this threshold
+
     class Config:
         env_file = ".env"
         case_sensitive = True