pullrequests Search Results · language:Dune language:TypeScript language:JavaScript language:HTML language:Java language:Python
Filter by
288M results
概要
おいokamo、Geminiが生成したコードにセキュリティ的にヤバい部分とバグが複数あったので直したぞ。
修正内容
🔴 [セキュリティ・高] SQLインジェクション相当の脆弱性を修正 (Issue #1)
app/actions.ts の query_bigquery ツールコール処理に、SQL バリデーションが一切なかった。プロンプトインジェクションで LLM が DROP TABLE ...
okamoto53515606
What
Adds a new flavour of dataset to the elicitation harness — items that are tasks to be judged, not concepts to be liked —
and runs the Gemma-3 series through them.
Datasets (N=40, pulled from HuggingFace) ...
jonathanbostock
What changed
Add a KEYLESS source for a country profile s keyExports / importDependence via OEC (oec.world; BACI/HS trade,
CEPII-cleaned UN Comtrade), so trade structure is available without the Comtrade ...
Kignit
Problem
Option B wired the cloud specialists to fetch live data (proven in the agentAuditEntries trail: AG-001 read 152 POs,
AG-003 read 13 MOs, AG-007 read OKRs/KPIs — all live). Yet the **in-app concierge ...
dawingroup
Despachos / Entregas — separar facturación de entrega
Resuelve el caso real del cliente: se factura 50 bultos de cemento, el cliente retira 20 y días después recoge los 30
restantes (ya facturados). Permite ...
dobladorafm-erp
Bumps the three flagged actions to their latest majors (all run on Node 24): actions/checkout v4→v6, actions/setup-node
v4→v6, actions/upload-artifact v4→v7, in both ci.yml and release.yml. The v4 versions ...
bilalahamad0
See Commits and Changes for more details.
Created by img src= https://prod.download/pull-18h-svg valign= bottom / pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please ...
⤵️ pull
pull[bot]
Summary
Final, exhaustive pass over every logo placement in the codebase.
New asset
- public/logo/maqam-lockup-light.svg — arch + Maqam wordmark in cream #FAF8F4 for dark backgrounds (was missing) ...
muj-hk
Swaps Jonathan Follett into Tala Habbab s slot in the concept homepage s 3×3 team grid (keeps the
first-nine-photographed logic, just substitutes one person). Verified the rendered grid shows Jon and not ...
MyStarrySpace
Bumps github/codeql-action from 2.1.36 to 4.36.1. details summary Release notes /summary p em Sourced from a href=
https://github.com/github/codeql-action/releases github/codeql-action s releases /a . ...
dependencies
github_actions
dependabot[bot]