0904790dca45c449295f519e150c35a2a759c867
Fixes from the code review: - #1 Wire mustChangePassword: dashboard layout redirects to a new /change-password page + /api/account/change-password (verifies current pw, re-hashes, clears the flag, refreshes the session). Provisioned admins can no longer keep the default. - #2 Assert NEXTAUTH_SECRET in production (not during build); set it on authOptions. - #3 Backup page now server-gated to admins (split into server page + client panel), matching the Updates page. - #4 Restore validates input: strict zod schema for the users table (known fields, role enum) + array checks for the rest; returns generic errors instead of String(err). No version bump/changelog — left for you to fold into the next release (you're editing those live). Not pushed, not deployed. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Description
No description provided
Languages
TypeScript
98.6%
CSS
0.5%
Shell
0.5%
Dockerfile
0.3%