issues Search Results · language:Edge language:Python language:JavaScript language:JavaScript language:JavaScript linked:pr
Filter by
4.5M results
Reworks the popup UI testing so the spec (docs/uiRequirements.md) is the spine and each leaf requirement is verified by
the right kind of test.
Scope of this change (build structure + one worked example): ...
missingbulb
Problem
Public-repo hygiene gaps:
- No CONTRIBUTING.md (contributor process only lived in .claude/rules/, framed for the AI agent)
- No SECURITY.md (no vuln-reporting path; personal-data handling ...
documentation
yamakii
Summary
The gateway/bot layer can run scheduled and proactive jobs, but delivering their output back to a chat platform is far
harder than it should be. Today every delivery target must be spelled out ...
claude
enhancement
MervinPraison
Before you start
- [x] I searched existing issues and this is not a duplicate.
Problem / motivation
DeerFlow 已经通过 GuardrailMiddleware 和可插拔的 GuardrailProvider 支持 tool call 执行前授权。当前 GuardrailDecision ...
enhancement
needs-triage
Miracle778
Task ID
task_005_audit-skill-framework
Goal
Audit and improve the overall vasp-2d-monolayer skill framework before reviewing individual calculation modules and
parameters.
This task should check whether ...
review
skill
lengzixuan-lin
Problem
Gap analysis found the cold-start path was undocumented and blocked:
- .env.example only had GARMIN_DATA_DIR/GARMIN_RESULT_DIR — no Garmin credentials, so a new user cannot fetch any data
...
documentation
Two NITs from the --integrate adversarial review (#59), non-blocking:
- Protected branches hardcoded to {main, master} (engine/integrate.py DEFAULT_PROTECTED_BRANCHES). A repo whose
protected default ...
enhancement
escotilha
Two behavior-changing halves deferred from the v0.6.0 external security-audit batch (the docs/bounds halves shipped):
- F2 — runtime --api-key argv scrub. Help text now warns argv is visible in ps; ...
enhancement
--worker-skills v1 (#64) ships inline skills only — FULL_WRITE_WITH_SKILLS adds Skill but NOT Task/Workflow, so skills
can t fan out. /cto runs sequential; cto-swarm (a dynamic workflow) and /cto swarm-mode ...
enhancement
问题 / Problem
中文:verify_webhook_signature 会解析 t=...,v1=...,但只把时间戳拼入 HMAC,没有校验时间戳是否过期;任何被截获的有效 webhook 签名都可以在未来重复提交并继续返回
True。修复应增加可配置的最大时间偏移并拒绝过期签名,价值是降低重放攻击风险,保护业务事件处理的可信度和幂等成本。 English: verify_webhook_signature ...
bug
coding-loop/in-progress
coding-loop/inspected
coding-loop/managed
coding-loop/pr-created
coding-loop/ready-for-dev
saxon134
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.