fix(comment): validate receiver email format before notify

Skip reply notification sending when receiver email format is invalid, while preserving best-effort behavior and adding test coverage for invalid receiver email.

Made-with: Cursor

server/service/comment-notify/index.test.ts

@@ -86,4 +86,17 @@ describe("notifyReplyCommentCreated", () => {
       notifyReplyCommentCreated({ postId: 10, commentId: 204, parentId: 100, actorUserId: 1, replyBody: "hello" }, deps),
     ).resolves.toBeUndefined();
   });
+
+  test("接收方邮箱非法 -> 不发送", async () => {
+    const { deps, state } = createDeps();
+    deps.getReceiverProfile = async () => ({
+      email: "not-an-email",
+      username: "receiver",
+      nickname: "Receiver",
+    });
+
+    await notifyReplyCommentCreated({ postId: 10, commentId: 205, parentId: 100, actorUserId: 1, replyBody: "hello" }, deps);
+
+    expect(state.sendMailCalled).toBe(false);
+  });
 });

server/service/comment-notify/index.ts

@@ -2,6 +2,7 @@ import log4js from "logger";
 import nodemailer from "nodemailer";
 
 const logger = log4js.getLogger("COMMENT_NOTIFY");
+const EMAIL_REGEX = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
 
 type NotifyGlobalConfig = {
   enabled: boolean;
@@ -41,6 +42,10 @@ function getReason(error: unknown): string {
   return "unknown";
 }
 
+function isValidEmail(value: string): boolean {
+  return EMAIL_REGEX.test(value.trim());
+}
+
 function isSmtpConfigReady(config: NotifyGlobalConfig): boolean {
   return (
     config.enabled &&
@@ -185,6 +190,9 @@ export async function notifyReplyCommentCreated(
     if (!receiver?.email || !hasValue(receiver.email)) {
       return;
     }
+    if (!isValidEmail(receiver.email)) {
+      return;
+    }
 
     await deps.sendMail({
       toEmail: receiver.email,