release(secrets-mcp): 0.5.10 — Web 模块化、性能与错误处理

- 拆分 web.rs 为 web/ 子模块；统一 client_ip 提取
- core: user_scope SQL 复用、env_map N+1 消除、FETCH_ALL 上限调整
- entries 列表页并行查询；PgPool 去 Arc；结构化 NotFound 等错误
- CI: SSH 私钥安全写入；crypto/hex 与依赖清理；MCP 输入长度校验
- AGENTS: API Key 明文存储设计说明

crates/secrets-core/src/service/rollback.rs

@@ -23,7 +23,6 @@ pub async fn run(
     name: &str,
     folder: Option<&str>,
     to_version: Option<i64>,
-    master_key: &[u8; 32],
     user_id: Option<Uuid>,
 ) -> Result<RollbackResult> {
     #[derive(sqlx::FromRow)]
@@ -154,8 +153,6 @@ pub async fn run(
     let snap_secret_snapshot = db::entry_secret_snapshot_from_metadata(&snap.metadata);
     let snap_metadata = db::strip_secret_snapshot_from_metadata(&snap.metadata);
 
-    let _ = master_key;
-
     let mut tx = pool.begin().await?;
 
     #[derive(sqlx::FromRow)]
@@ -167,13 +164,11 @@ pub async fn run(
         entry_type: String,
         tags: Vec<String>,
         metadata: Value,
-        #[allow(dead_code)]
-        notes: String,
     }
 
     // Lock the live entry if it exists (matched by entry_id for precision).
     let live: Option<LiveEntry> = sqlx::query_as(
-        "SELECT id, version, folder, type, tags, metadata, notes FROM entries \
+        "SELECT id, version, folder, type, tags, metadata FROM entries \
          WHERE id = $1 FOR UPDATE",
     )
     .bind(entry_id)