issues Search Results · language:Dune language:Python language:JavaScript language:JavaScript language:Java language:Python
Filter by
55M results
Problem
The only reverse-proxy config terminates plain HTTP; all TLS and security headers are commented out, yet the app is
documented to run under https://dev.podcaststudiohub.me.
Evidence
- deployment/nginx/podcastfy.conf:17-20 ...
area-deployment
area-security
blocker
priority-p1
release-audit
frankbria
Problem
apps/api/.env contains real-format, live provisioned secrets (not placeholders).
Evidence
- apps/api/.env:21-32 — GEMINI_API_KEY (AIzaSy...), full OPENAI_API_KEY (sk-proj-...), ELEVENLABS_API_KEY ...
area-security
blocker
priority-p1
release-audit
Gap Analysis - Operations
No chaos testing framework for resilience.
Impact
Cannot validate system resilience to failures.
Proposed Solution
Add chaos testing utilities.
Priority: Low | Effort: L ...
enhancement
observability
anchapin
Problem
Two SSRF vectors: (A) content-source URLs are validated only for scheme+netloc, then fetched server-side and their BODY
stored (read-SSRF); (B) webhook distribution targets are validated only ...
area-security
blocker
priority-p1
release-audit
Problem
verify_jwt_token validates only signature/expiry and returns the payload with no type check; the access path accepts any
validly-signed token.
Evidence
- apps/api/src/services/auth_service.py:101-122 ...
area-auth
area-security
blocker
priority-p1
release-audit
Gap Analysis - Operations
No cost tracking for cloud/HPC resources.
Impact
Cannot monitor campaign costs.
Proposed Solution
Add cost estimation and tracking.
Priority: Medium | Effort: L
enhancement
observability
Problem
The live Celery generation path calls the installed engine with kwargs that podcastfy 0.4.1 s generate_podcast() does
not accept.
Evidence
- apps/api/src/tasks/podcast_generation.py:116-126 ...
area-generation
blocker
bug
critical
priority-p0
release-audit
Gap Analysis - Operations
No resource quota enforcement.
Impact
Cannot limit resource usage per campaign.
Proposed Solution
Add resource quota configuration.
Priority: Low | Effort: M
enhancement
observability
Gap Analysis - Operations
No rate limiting on API endpoints.
Impact
Resource exhaustion risk in shared deployments.
Proposed Solution
Add rate limiting middleware.
Priority: Low | Effort: S
enhancement
observability
Gap Analysis - Operations
No ability to pause and resume campaigns.
Impact
Cannot temporarily stop campaigns without losing progress.
Proposed Solution
Add pause/resume commands.
Priority: Medium ...
enhancement
observability
oss-replacement
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.