The ValidationPipe import was commented out and not being used in the code. This commit removes the unused import to clean up the code and avoid potential confusion. The Logger import remains active and is still in use.
- Remove helmet security middleware and related CSP configuration
- Disable global validation pipe by commenting it out
- Fix type assertion in FieldValueService by removing unnecessary cast
- Changes made to simplify configuration and reduce strict validation during development
Added PATCH to the list of allowed HTTP methods in the API location block to support partial updates to resources. This aligns with RESTful API conventions and enables clients to modify specific fields without sending a full resource representation.
- Added `https://cdn.jsdelivr.net` to the `connect-src` directive in both Content-Security-Policy and X-Content-Security-Policy headers to allow connections to the CDN.
- Removed the duplicate Content-Security-Policy meta tag from the frontend/index.html file to avoid redundancy and potential conflicts.
