beabigegg
679b89ae4c
feat: implement security, error resilience, and query optimization proposals
Security Validation (enhance-security-validation):
- JWT secret validation with entropy checking and pattern detection
- CSRF protection middleware with token generation/validation
- Frontend CSRF token auto-injection for DELETE/PUT/PATCH requests
- MIME type validation with magic bytes detection for file uploads
Error Resilience (add-error-resilience):
- React ErrorBoundary component with fallback UI and retry functionality
- ErrorBoundaryWithI18n wrapper for internationalization support
- Page-level and section-level error boundaries in App.tsx
Query Performance (optimize-query-performance):
- Query monitoring utility with threshold warnings
- N+1 query fixes using joinedload/selectinload
- Optimized project members, tasks, and subtasks endpoints
Bug Fixes:
- WebSocket session management (P0): Return primitives instead of ORM objects
- LIKE query injection (P1): Escape special characters in search queries
Tests: 543 backend tests, 56 frontend tests passing
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-11 18:41:19 +08:00
..
2026-01-11 08:37:21 +08:00
2026-01-11 18:41:19 +08:00
2026-01-11 18:41:19 +08:00
2025-12-28 23:41:37 +08:00
2025-12-28 23:41:37 +08:00
2026-01-11 08:37:21 +08:00
2026-01-11 08:37:21 +08:00
2026-01-11 08:37:21 +08:00
2025-12-28 23:41:37 +08:00
2025-12-28 23:41:37 +08:00
2025-12-30 20:52:08 +08:00
2026-01-07 21:24:36 +08:00