679b89ae4c
Security Validation (enhance-security-validation): - JWT secret validation with entropy checking and pattern detection - CSRF protection middleware with token generation/validation - Frontend CSRF token auto-injection for DELETE/PUT/PATCH requests - MIME type validation with magic bytes detection for file uploads Error Resilience (add-error-resilience): - React ErrorBoundary component with fallback UI and retry functionality - ErrorBoundaryWithI18n wrapper for internationalization support - Page-level and section-level error boundaries in App.tsx Query Performance (optimize-query-performance): - Query monitoring utility with threshold warnings - N+1 query fixes using joinedload/selectinload - Optimized project members, tasks, and subtasks endpoints Bug Fixes: - WebSocket session management (P0): Return primitives instead of ORM objects - LIKE query injection (P1): Escape special characters in search queries Tests: 543 backend tests, 56 frontend tests passing Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
777 B
777 B
ADDED Requirements
Requirement: Optimized Relationship Loading
The system SHALL use efficient query patterns to avoid N+1 query problems when loading related entities.
Scenario: Project member list loading
- WHEN loading a project with its members
- THEN the system SHALL load all members in at most 2 database queries
- AND NOT one query per member
Scenario: Task assignee loading
- WHEN loading a list of tasks with their assignees
- THEN the system SHALL batch load assignee details
- AND NOT query each assignee individually
Scenario: Query count monitoring
- WHEN running in development mode
- THEN the system SHALL log query counts per request
- AND warn when query count exceeds threshold (e.g., 10 queries)