51f0028883
- WebSocket upgrade now verifies user is member of the household (prevents cross-household access) - Rate limiting: invite/join 10/h, scanner 50/h, auth sign-in 10/min - WebSocket commands validated via Zod discriminatedUnion (no unsafe cast) - Removed /repair endpoint (dev artifact, bypassed tenant middleware) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>