80ffb6b62f
All checks were successful
CI Pipeline / Rust Format Check (push) Successful in 5s
CI Pipeline / Clippy Lints (push) Successful in 50s
CI Pipeline / Rust Unit Tests (push) Successful in 1m8s
CI Pipeline / Security Audit (push) Successful in 4s
CI Pipeline / Frontend Lint & Type Check (push) Successful in 14s
CI Pipeline / Build .deb & Release (push) Has been skipped
* feat(security): replace hardcoded admin password with in-app bootstrap (issue #8) Replace the publicly-known Argon2id hash in 002_seed_admin.sql with a clearly-invalid placeholder that cannot validate any password (fail-closed). On first startup, pm-web detects the placeholder and generates a random 24-character alphanumeric password, hashes it with Argon2id, and UPDATEs the admin row. The plaintext password is printed once to stderr (visible in systemd journal). This eliminates the need for a separate hash_password binary, shell script SQL injection risk, and password leakage in shell variables. Closes #8 * fix(security): rustfmt compliance for bootstrap function * fix(security): add trailing commas to match arms per rustfmt