HIGH:
- Add missing import RadioSongRequestFormRequest (fixes crash on POST)
- Add Purify XSS sanitization for article full_story
- Fix duplicate radio API routes (/api/radio vs /api/radio/v2)
- Add try-catch guards in InstallationController for missing records
MEDIUM:
- Fix N+1: eager load comments.user in ArticleController::show()
- Fix GuestbookController authorization logic
- Remove dead doSetup() method and duplicate route
- Extract shared HasRadioDefaults trait (remove code duplication)
- Use named routes in ForceStaffTwoFactorMiddleware
- Fix WebsiteHelpCenterTicket::isOpen() (no permission leak)
- Enable on WebsiteHelpCenterTicket (matches schema)
- Replace WebsiteTeam::all()->pluck() with direct pluck()
- Replace CatalogPage::all()->pluck() with direct pluck()
- Replace WebsiteBadge::all() with direct pluck()
- Add throttle middleware to guestbook store, logo-generator, radio embed
LOW:
- Remove unused imports
- Remove dead /inertia-test route
- Consolidate cache keys in RadioController
- Rewrite .gitignore in English with proper patterns for build artifacts, storage files, and IDE files
- Remove tracked build assets (hash-based) and storage files from git
- Update LICENSE copyright to 2026 Remco (Epicnabbo)
- Fix clone URLs in README (remove placeholder gitea-server)
- Sync docs/INSTALL.md with README installation guide
root