Skip to content

issues Search Results · language:Dune language:JavaScript language:Java language:JavaScript language:Python

Filter by

55.6M results  (825 ms)

55.6M results

Severity: high | Category: security | Phase: P0.10 Problem Verified: _execute_run_command runs subprocess.run(command, shell=True, env=os.environ.copy()), inheriting every secret (ANTHROPIC/OPENAI/GITHUB/E2B ...
P0-blocker-beta
priority:high
security

Severity: medium | Category: security | Phase: P0.9 Problem _register_workspace stores owner_user_id=None; list_workspaces returns registry.list_all() with full repo_path for every entry and deregister_workspace ...
P0-blocker-beta
priority:medium
security

Severity: medium | Category: security | Phase: P0.8 Problem Verified: check_workspace_exists resolves a raw client path and stats it with no enforce_workspace_allowlist call (unlike init_workspace at ...
P0-blocker-beta
priority:medium
security

Severity: high | Category: security | Phase: P0.7 Problem With no WORKSPACE_ROOT (the self-hosted default) enforce_workspace_allowlist skips its containment check, so any authenticated user can pass ...
P0-blocker-beta
priority:high
security

Severity: high | Category: security | Phase: P0.6 Problem Verified: require_scope appears only in its own definition + docstring example — used on zero routes. Every v2 router mounts a blanket Depends(require_auth) ...
P0-blocker-beta
priority:high
security

Severity: high | Category: correctness | Phase: P0.5 Problem Runtime passes the worktree path to wrapper.run(...), but the wrapper verifies with run_gates(self._workspace, ...) and quick-fixes self._workspace.repo_path ...
P0-blocker-beta
priority:high
type:bug

Severity: high | Category: data-integrity | Phase: P0.4 Problem BuiltinReactAdapter.run(...workspace_path...) never uses workspace_path; it builds ReactAgent(workspace=self._workspace) (the original ...
P0-blocker-beta
priority:high
type:bug

Severity: critical | Category: data-integrity | Phase: P0.3 Problem Verified: grep merge_back shows only the definition + docstring — zero call sites. External engines write to cf/ task_id in the worktree, ...
P0-blocker-beta
priority:high
type:bug

Severity: medium | Category: data-integrity | Phase: P0.2 Problem _persist_token_usage does Database(self.workspace.db_path); db.initialize(), which runs SchemaManager.create_schema() — creating control-plane ...
P0-blocker-beta
priority:medium
type:bug

Motivation We currently have no automated formatting enforcement. This surfaced in #29, where a contributor s ruff format run reflowed many lines unrelated to the actual change, inflating the diff and ...
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! Restrict your search to the title by using the in:title qualifier.
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! Restrict your search to the title by using the in:title qualifier.