E-1b: Fix 217 TypeScript strict errors to zero (tsc --noEmit clean).
- Remove unused vars/imports, fix type mismatches, widen interfaces
- TanStack Query v5 isLoading->isPending for mutations
- No @ts-ignore or as any introduced
E-1ab verification fixes:
- Fix audit table name mismatch (security_setting_audit -> security_settings_audit)
- Fix DockerContainer TS type (image_name->image, image_tag->tag) to match server
- Add 501 for empty binary_path in downloads
- Fix ETHOS log format in downloads error path
E-1c: Configurable timeouts + path sanitization
- Seed 6 operational timeout settings in DB (migration 030)
- Wire server to read timeout values from DB at startup
- Fallback to hardcoded defaults if DB settings missing
- Fix binary_path traversal risk in downloads handler
- Add BinaryStoragePath config (REDFLAG_BINARY_STORAGE_PATH)
- Log resolved timeout values at startup
163 tests pass (103 server + 60 agent). No regressions.
Vite build passes. TypeScript: 0 errors.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
jpetree331
5ae114df7a