docs: Add v1.5.0 "Trigger" release definition

Focus: Cleanup, test coverage, and quality of life improvements

Goals:
- 90% test coverage target
- MPO format test coverage (High backlog item)
- Debug file storage cleanup (Medium backlog item)
- Filename sanitization in debug path (Medium backlog item)
- N+1 query pattern fix (Medium backlog item)
- Atomic variant generation (Medium backlog item)
- Default slug change to timestamp format (Medium backlog item)

Backlog items marked as scheduled for v1.5.0.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

docs/projectplan/BACKLOG.md

@@ -40,7 +40,7 @@
 
 ## High
 
-### MPO Format Test Coverage
+### MPO Format Test Coverage *(Scheduled: v1.5.0)*
 - **Description**: MPO conversion code exists but has no test coverage. MPO is advertised in the CHANGELOG but the handling is untested.
 - **Location**: `starpunk/media.py` lines 163-173
 - **Source**: Developer Review (M1)
@@ -60,7 +60,7 @@
 
 ## Medium
 
-### Debug File Storage Without Cleanup Mechanism
+### Debug File Storage Without Cleanup Mechanism *(Scheduled: v1.5.0)*
 - **Description**: Failed uploads are saved to `data/debug/` directory for analysis, but there is no mechanism to clean up these files. This could consume significant disk space, especially if under attack.
 - **Location**: `starpunk/media.py` lines 133-137
 - **Source**: Developer Review (M2), Architect Review (Issue 1.2.2)
@@ -69,19 +69,19 @@
   2. Implement automatic cleanup (files older than 7 days)
   3. Add disk space check or size limit (e.g., 100MB max)
 
-### Filename Not Sanitized in Debug Path (Security)
+### Filename Not Sanitized in Debug Path (Security) *(Scheduled: v1.5.0)*
 - **Description**: The original filename is used directly in the debug file path without sanitization, which could cause path traversal or special character issues.
 - **Location**: `starpunk/media.py` line 135
 - **Source**: Architect Review (Issue 1.2.3)
 - **Approach**: Sanitize filename before use: `safe_filename = "".join(c for c in filename if c.isalnum() or c in "._-")[:50]`
 
-### N+1 Query Pattern in Feed Generation
+### N+1 Query Pattern in Feed Generation *(Scheduled: v1.5.0)*
 - **Description**: In `_get_cached_notes()`, media and tags are loaded per-note in separate queries. For 50 notes, this is 100 additional database queries, degrading performance.
 - **Location**: `starpunk/routes/public.py` lines 68-74
 - **Source**: Architect Review (Issue 2.2.9)
 - **Approach**: Implement batch loading function `get_media_for_notes(note_ids: List[int])` using a single query with `WHERE note_id IN (...)`.
 
-### Transaction Not Atomic in Variant Generation
+### Transaction Not Atomic in Variant Generation *(Scheduled: v1.5.0)*
 - **Description**: Files are written to disk before database commit. If the database commit fails, orphaned files remain on disk.
 - **Location**: `starpunk/media.py` lines 404-440
 - **Source**: Architect Review (Issue 2.2.6)
@@ -93,7 +93,7 @@
 - **Source**: Architect Review (Security Assessment)
 - **Approach**: Implement Flask-Limiter or similar rate limiting middleware for upload routes.
 
-### Default Slug Change
+### Default Slug Change *(Scheduled: v1.5.0)*
 - The default slug should be a date time stamp
 - YYYYMMDDHHMMSS
 - Edge case, if the slug would somehow be a duplicate append a "-x" e.g. -1