issues Search Results · language:Dune language:TypeScript language:JavaScript language:Java linked:pr language:JavaScript
Filter by
6.7M results
CodeQL Alert #111
Rule: actions/missing-workflow-permissions (medium) File: .github/workflows/e2e-screenshots.yml:14
Workflow runs with default (broad) token permissions. Should declare minimum required ...
in-progress
priority:low
security
mattbutlerengineering
#️⃣ 요청 유형
해당되는 항목을 선택해주세요.
- [ ] 새로운 기능 추가
- [x] 기존 기능 개선
- [ ] 성능 개선
#️⃣ 어떤 기능인가요?
추가하려는 기능 또는 개선하려는 부분에 대해 간결하게 설명해주세요.
프로필 계좌 정보 구조를 한국/일본 사용자 모두 대응할 수 있도록 확장하고, 커뮤니티 글에 작성자의 모임을 연결할 수 있도록 ...
wowai717
CodeQL Alert #99
Rule: js/resource-exhaustion (high) File: services/reservations/src/routes/events.ts:221
The SSE events endpoint may allow unbounded resource consumption — an attacker could open many ...
in-progress
priority:high
security
CodeQL Alerts #106, #107
Rule: js/missing-rate-limiting (high) Files:
- services/reservations/src/routes/confirm-attendance.ts:38
- services/reservations/src/routes/manage-reservation.ts:9
These ...
in-progress
priority:high
security
CodeQL Alert #112
Rule: js/shell-command-injection-from-environment (medium) File: scripts/regen-manifest.mjs:37
Shell command built from environment values without sanitization. An attacker who controls ...
in-progress
priority:high
security
#️⃣ 요청 유형
해당되는 항목을 선택해주세요.
- [ ] 새로운 기능 추가
- [x] 기존 기능 개선
- [ ] 성능 개선
#️⃣ 어떤 기능인가요?
추가하려는 기능 또는 개선하려는 부분에 대해 간결하게 설명해주세요.
정산, 프로필, 커뮤니티, 모임 카드 화면의 사용자 경험을 개선합니다.
계좌 정보 입력 시점을 정산 흐름에 맞게 조정하고, ...
Dependabot Alert #107
CVE-2026-53550 (medium): Quadratic-complexity DoS in merge key handling via repeated aliases.
- Package: js-yaml
- Current: =4.1.1 (direct dep in tools/cli/package.json)
- ...
in-progress
priority:medium
security
Dependabot Alerts
4 hono CVEs, all fixed by bumping to =4.12.21. Current version: 4.12.18 (via pnpm override).
| CVE | Severity | Summary |
| --- | --- | --- |
| CVE-2026-47673 | medium | JWT middleware ...
in-progress
priority:high
security
Audit finding
During the #2444 LM Studio local-agent code-path audit, the Windows CLI path can resolve to lms.cmd (for example from
npm/AppData). Node execFile does not reliably execute .cmd scripts directly ...
audited code-paths
bug
taariq
🪶 Descrição
Realizado um ajuste na configuração da requisição responsável pela obtenção dos produtos.
🔍 Motivação
Foi identificado um comportamento relacionado ao cache das requisições que poderia causar ...
bug
Lucas-Gonsalves
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.