issues Search Results · language:Dune language:JavaScript language:Java language:Java language:JavaScript linked:pr
Filter by
3.2M results
Parent bounty: #743
Bug
POST /api/jobs currently accepts job creation requests without any bearer token. That allows anonymous callers to create
marketplace job records.
Expected
- Job listing can ...
wangedmund77-cmyk
Parent: #118 Roadmap: #117
Add a small browser app-server session controller on top of the loopback JSON-RPC client so the browser runtime can
drive the Codex app-server lifecycle as a reusable workflow ...
Doout
Parent bounty: #743
Bug
POST /api/payments can be called without an access token. That lets unauthenticated callers create payment intent
placeholders against the API.
Expected
- Payment creation ...
Parent bounty: #743
Bug
The admin routes require any valid token, but they do not check the authenticated user s role. A normal client or
freelancer token can call admin metrics.
Expected
- Admin ...
Parent bounty: #743
Bug
POST /api/auth/refresh currently ignores the request body and always mints a new token for a hard-coded user. A caller
can obtain a fresh access token without proving possession ...
Parent bounty: #743
Bug
The public registration schema accepts role: admin . Any caller can self-assign an admin role during account creation
before authorization checks exist.
Expected
- Public ...
What would you like to see?
While an agent session is active we should be able to manage the tools available to the agent. This should work by
modifying the plugins available to the aibitat agent. There ...
enhancement
feature request
shatfield4
Parent bounty: #743
Bug
The Express app currently calls cors() with no options, so every origin receives permissive CORS behavior. For an API
that will carry account, billing, messaging, and admin data, ...
Restructure results/ into per-cohort directories and add a generated zero-dep results.html dashboard
Context
The benchmark harness (Epic #2 / #4211) writes every run s scorecard to a single append-only ...
agent::closing
persona::engineer
type::story
dsj1984
The project includes a robust apiClient.js that centralizes token injection, handles base URLs, normalizes API errors,
and manages global session events. However, several critical flows (including Auth ...
bug
ArshVermaGit
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.