issues Search Results · language:Edge language:Python language:JavaScript language:JavaScript language:JavaScript is:public
Filter by
41.2M results
Summary
The GitHub OAuth login flow does not use the state parameter for its intended purpose (CSRF protection). This makes the
login flow vulnerable to a login CSRF / session-fixation style attack, allowing ...
piush365
Context
After we have written local snapshots of Google Places and OpenStreetMap data, we want to merge that data, Deduplicating
data, and prioritizing data sources when there are conflicts.
Note: This ...
Data
MattClarke131
~50 files in one components/ folder. Group by responsibility; co-locate the pre-auth components (HowItWorks,
SignInModal, landing sections) under components/marketing/. Also consider renaming the .landing-page ...
frontend
tech-debt
AndresL230
[P2-I] components/OnboardingFlow.tsx (36 KB) is an unused older onboarding with the old landing DNA, not imported by the
active route. Delete (or fold any good ideas into the active flow). Deferred from ...
frontend
tech-debt
[P2-G] The only persistent motion in the product is pre-auth (mesh blobs sapling-blob, landing-card-float, shimmer — all
infinite). Reduce to one or two finite, purposeful moments. Deferred from token-unification ...
design-debt
frontend
[P1-D] app/pending/page.tsx is a bare centered flex (no card, no shell). Give it the app surfaces (.card) and add a
brief you re in confirmation so beta→pending isn t glow→silence. Deferred from token-unification ...
design-debt
frontend
[P1-C] components/screens/Onboarding.tsx is color-correct but structurally orphaned (centered card in a radial void,
hard-coded px, bespoke type scale). Adopt --pad-* + the shell type scale; render inside ...
design-debt
frontend
Problem
When the authentication token expires, the user is not automatically redirected to the login page. This creates a poor
user experience where:
- Users attempt to use features without realizing ...
PorthoGamesBR
[P1-E] Replace the duplicated inline 24px warm-gradient box in the beta modal (app/(public)/page.tsx) and
components/SignInModal.tsx with one shared component backed by --surface-hero / --surface-hero-shadow. ...
design-debt
frontend
[P0-B] Replace the rounded-full beta pill + infinite beta-glow with the app button language (rectangular, --r-sm, solid
--brand-forest); convert the perpetual glow to a single finite entrance using --brand-glow. ...
design-debt
frontend
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.