foxerBN/crm-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hotfix: Security, performance, and code cleanup

Browse Source 
- Remove hardcoded database password fallback
- Add encryption salt validation (min 32 chars)
- Separate EMAIL_ENCRYPTION_KEY from JWT_SECRET
- Fix command injection in status.service.js (use execFileSync)
- Remove unnecessary SQL injection regex middleware
- Create shared utilities (queryBuilder, pagination, emailAccountHelper)
- Fix N+1 query problems in contact and todo services
- Merge duplicate JMAP config functions
- Add database indexes migration
- Standardize error responses with error codes

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
richardtekula
2026-01-19 07:17:23 +01:00
parent 0523087961
commit 73a3c6bf95
15 changed files with 278 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/index.js
View File

@@ -1,3 +1,4 @@
import './config/env.js';
import app from './app.js';
import { startAllCronJobs } from './cron/index.js';
import { logger } from './utils/logger.js';