Problem
GET /api/tasks always returns every row with no LIMIT. All filtering and sorting happen in JavaScript on the full client-side dataset. This transfers unnecessary data over the network and degrades performance as the task count grows.
Recommendation
Move filtering and sorting into SQL using query parameters and add pagination (LIMIT/OFFSET). Add indexes on due_date and created_at columns in init.js to support efficient sorting.
Location: src/routes/tasks.js line 8; src/database/init.js; public/app.js line 157
Severity: medium
Problem
GET /api/tasks always returns every row with no LIMIT. All filtering and sorting happen in JavaScript on the full client-side dataset. This transfers unnecessary data over the network and degrades performance as the task count grows.
Recommendation
Move filtering and sorting into SQL using query parameters and add pagination (LIMIT/OFFSET). Add indexes on due_date and created_at columns in init.js to support efficient sorting.
Location: src/routes/tasks.js line 8; src/database/init.js; public/app.js line 157
Severity: medium