Remove setPrimaryAccountSchema from email-account.validators.js and
requireOwnerOrAdmin from roleMiddleware.js — both have zero imports.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Restrict no-origin CORS bypass to development only
- Activate xss-clean middleware for input sanitization
- Add MIME type whitelist and filename sanitization to file uploads
- Reduce project upload limit from 50MB to 20MB
- Stop leaking stack traces in error responses
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add LOG_LEVEL env variable support (debug, info, warn, error)
- Default to 'info' level for production-ready logs
- Integrate Morgan HTTP logging with custom logger
- Remove console.logs and replace with custom logger
- Remove sensitive password debug logs from email service
- Remove noisy warn logs from email sync and event notifier
- Add gray color for timestamps to improve readability
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add creator info (username) to companies, projects, and notes responses
- Add company_users table for team management on companies
- Add resourceAccessMiddleware for member access control
- Members can only see resources they are directly assigned to
- Companies, projects, and todos are now filtered by user assignments
- Add personal contacts feature
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add admin-only authorization for company and projects CRUD operations
- Create requireAccountId middleware to eliminate code duplication
- Standardize error handling (use next(error) consistently)
- Change error messages to Slovak language
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Remove better-auth dependency (unused)
- Update JWT secrets to stronger values
- Add ENCRYPTION_SALT env variable for password encryption
- Add role field to createUserSchema validator
- Accept role from body in admin.controller createUser
- Fix todo filters: add priority filter, handle completed param
- Remove .env.example (merged into .env)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
