ComputerAnything · cheloniixd · Jan 20, 2026 · Jan 20, 2026 · Jan 20, 2026 · Jan 20, 2026
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -93,6 +93,7 @@ jobs:
           push: false
           load: true
           tags: blog-backend:scan
+          no-cache: true
 
       - name: Build frontend image for scanning
         uses: docker/build-push-action@v5
@@ -102,6 +103,7 @@ jobs:
           push: false
           load: true
           tags: blog-frontend:scan
+          no-cache: true
 
       # Scan application libraries - BLOCKS pipeline on vulnerabilities
       - name: Run Trivy scanner on backend - Application Libraries

diff --git a/TODO.md b/TODO.md
@@ -158,7 +158,7 @@
   JWT_ACCESS_TOKEN_EXPIRES=14400
 
   RESEND_API_KEY=<YOUR_RESEND_API_KEY>
-  MAIL_DEFAULT_SENDER=noreply@computeranything.dev
+  MAIL_DEFAULT_SENDER=noreply@notifications.computeranything.dev
   CONTACT_FORM_RECIPIENTS=contact@computeranything.dev
 
   ADMIN_EMAIL=admin@computeranything.dev

diff --git a/backend/config.py b/backend/config.py
@@ -25,7 +25,7 @@ class Config:
 
     # Email Configuration (Resend API)
     RESEND_API_KEY = os.environ.get('RESEND_API_KEY')
-    MAIL_DEFAULT_SENDER = os.environ.get('MAIL_DEFAULT_SENDER', 'noreply@computeranything.dev')
+    MAIL_DEFAULT_SENDER = os.environ.get('MAIL_DEFAULT_SENDER', 'noreply@notifications.computeranything.dev')
 
     # Admin Email (for security alerts)
     ADMIN_EMAIL = os.environ.get('ADMIN_EMAIL')

diff --git a/backend/requirements.txt b/backend/requirements.txt
@@ -1,3 +1,6 @@
+# Security overrides - MUST be first to take precedence
+jaraco.context==6.1.0
+
 # Core Flask
 Flask==2.3.3
 Flask-SQLAlchemy==3.0.5

diff --git a/backend/utils/email.py b/backend/utils/email.py
@@ -16,7 +16,7 @@ def send_email(to: str | list[str], subject: str, html: str, from_email: str | N
         to: Email address or list of email addresses
         subject: Email subject
         html: HTML content of the email
-        from_email: Sender email (defaults to noreply@computeranything.dev)
+        from_email: Sender email (defaults to noreply@notifications.computeranything.dev)
         reply_to: Reply-to email address (optional)
 
     Returns:
@@ -48,7 +48,7 @@ def send_email(to: str | list[str], subject: str, html: str, from_email: str | N
             f"[DEVELOPMENT MODE] Email NOT sent - logged instead:\n"
             f"  To: {to}\n"
             f"  Subject: {subject}\n"
-            f"  From: {from_email or 'noreply@computeranything.dev'}\n"
+            f"  From: {from_email or 'noreply@notifications.computeranything.dev'}\n"
             f"  Reply-To: {reply_to or 'N/A'}\n"
         )
 
@@ -80,7 +80,7 @@ def send_email(to: str | list[str], subject: str, html: str, from_email: str | N
 
         # Get from email
         if from_email is None:
-            from_email = 'noreply@computeranything.dev'
+            from_email = 'noreply@notifications.computeranything.dev'
 
         # Ensure to is a list
         if isinstance(to, str):

diff --git a/docs/security/SECURITY.md b/docs/security/SECURITY.md
@@ -777,7 +777,7 @@ FRONTEND_URL=https://blog.computeranything.dev
 # backend/utils/email.py:85-118
 def send_email(to: str, subject: str, html: str):
     params = {
-        "from": "Computer Anything Blog <noreply@computeranything.dev>",
+        "from": "Computer Anything Blog <noreply@notifications.computeranything.dev>",
         "to": [to],
         "subject": subject,
         "html": html,