feat: comprehensive code review fixes — security, performance, quality

Backend security:
- Reject Gitea webhooks when webhook_secret is empty (was silently skipping)
- Add slowapi rate limiting on login (5/min) and setup (3/min) endpoints
- Add CORS middleware with configurable origins
- Mask telegram_webhook_secret in settings API response
- Protect system-owned command template configs from regular user modification
- Increase minimum password length to 8 characters

Backend performance:
- Batch queries in _resolve_command_context (3 queries instead of 3N)
- Concurrent album fetching with asyncio.gather in immich commands
- Singleton Jinja2 SandboxedEnvironment (reuse instead of per-render creation)
- TTLCache for rate limits (bounded memory, auto-eviction)
- Optional aiohttp session reuse in send_reply/send_media_group

Backend code quality:
- Extract dispatch_helpers.py (shared link_data loading + event filtering)
- Extract database/seeds.py from main.py (490 lines → dedicated module)
- Split immich_handler.py (415 lines) into commands/immich/ subpackage
- Replace bare except blocks with logged warnings
- Add per-provider config validation (Pydantic models)
- Truncate command input to 512 chars
- Expose usage_* and desc_* slots in capabilities and variables API

Frontend security:
- CSS.escape() for user-controlled querySelector in highlight.ts
- Client-side password min 8 chars validation on setup and password change

Frontend code quality:
- Replace any types with proper interfaces across top files
- Decompose targets/+page.svelte into TargetForm + ReceiverSection
- Fix $derived.by usage, $state mutation patterns
- Add console.warn to empty catch blocks

Frontend UX:
- Auth redirect via goto() with "Redirecting..." state
- Platform-aware Ctrl/Cmd K keyboard hint
- Remove stat-card hover transform

Frontend accessibility:
- Modal: role=dialog, aria-modal, focus trap, restore focus
- EntitySelect/IconGridSelect: listbox/option roles, aria-selected/disabled

packages/server/src/notify_bridge_server/database/models.py

@@ -207,7 +207,12 @@ class TemplateSlot(SQLModel, table=True):
     )
 
     id: int | None = Field(default=None, primary_key=True)
-    config_id: int = Field(foreign_key="template_config.id", index=True)
+    config_id: int = Field(
+        foreign_key="template_config.id",
+        index=True,
+
+
+    )
     slot_name: str
     template: str = Field(default="", sa_column=Column(Text, default=""))
 
@@ -245,7 +250,12 @@ class TargetReceiver(SQLModel, table=True):
     )
 
     id: int | None = Field(default=None, primary_key=True)
-    target_id: int = Field(foreign_key="notification_target.id", index=True)
+    target_id: int = Field(
+        foreign_key="notification_target.id",
+        index=True,
+
+
+    )
     name: str = Field(default="")
     config: dict[str, Any] = Field(default_factory=dict, sa_column=Column(JSON))
     receiver_key: str = Field(default="")  # dedup key (e.g. chat_id, url, email)
@@ -283,7 +293,12 @@ class NotificationTrackerTarget(SQLModel, table=True):
         index=True,
         sa_column_kwargs={"name": "notification_tracker_id"},
     )
-    target_id: int = Field(foreign_key="notification_target.id", index=True)
+    target_id: int = Field(
+        foreign_key="notification_target.id",
+        index=True,
+
+
+    )
     tracking_config_id: int | None = Field(
         default=None, foreign_key="tracking_config.id"
     )
@@ -366,7 +381,12 @@ class CommandTemplateSlot(SQLModel, table=True):
     )
 
     id: int | None = Field(default=None, primary_key=True)
-    config_id: int = Field(foreign_key="command_template_config.id", index=True)
+    config_id: int = Field(
+        foreign_key="command_template_config.id",
+        index=True,
+
+
+    )
     slot_name: str
     locale: str = Field(default="en")
     template: str = Field(default="", sa_column=Column(Text, default=""))
@@ -399,7 +419,11 @@ class CommandTrackerListener(SQLModel, table=True):
     )
 
     id: int | None = Field(default=None, primary_key=True)
-    command_tracker_id: int = Field(foreign_key="command_tracker.id")
+    command_tracker_id: int = Field(
+        foreign_key="command_tracker.id",
+
+
+    )
     listener_type: str  # e.g. "telegram_bot"
     listener_id: int
     created_at: datetime = Field(default_factory=_utcnow)