Skip to content

pullrequests Search Results · language:Dune language:JavaScript language:Python language:JavaScript language:Java

Filter by

182M results  (2 s)

182M results

blamejs/exceptd-skills
v0.18.2: CodeQL SAST gate + engine prototype-pollution hardening

The project now runs CodeQL static analysis (the security-extended query suite) on every push and pull request, and a clean result is a release gate — the same supply-chain assurance posture as the Ed25519 ...
  • dotCooCoo
  • 1
  • Opened 
    48 seconds ago
  • #301

nakyahara/bfaith-portal
fix: package-lock.json に sharp 依存を反映してビルド(npm ci)復旧

緊急: ビルド全停止の復旧 #306 で sharp を package.json に追加した際、package-lock.json に sharp の推移的依存(is-arrayish/color-string/simple-swizzle 等)が反映されておらず、Render のビルド(npm ci)が Missing: is-arrayish@0.3.4 from lock file で status ...
  • nakyahara
  • Opened 
    49 seconds ago
  • #310

zyascend/retail-customer-support-agent
fix: 修复 deterministic 模式 confirmation 流程

问题 DeterministicProvider.chat_with_tools() 永远不返回 tool_calls,AgentLoop 对写操作只输出空文本 → pending_action 永不创建 → confirmation 流程完全短路。 根因 AgentLoop 依赖 LLM 返回 tool_calls 来触发 _step_pending,DeterministicProvider ...
  • zyascend
  • Opened 
    49 seconds ago
  • #22

Utkarsh-patel26/Kronos
Backup before history rewrite

  • Utkarsh-patel26
  • Opened 
    52 seconds ago
  • #1

junkisai/web-app-template
Update turbo monorepo to v2.9.18

This PR contains the following updates: | Package | Change | Age | Confidence | | --- | --- | --- | --- | | turbo (source) | 2.9.14 → 2.9.18 | age | confidence | Release Notes details summary vercel/turborepo ...
  • renovate[bot]
  • Opened 
    55 seconds ago
  • #174

nextcloud/text
[main] Fix npm audit

Audit report No fixable problems found (7 unfixable, 25 only fixable manually using --force)
3. to review
dependencies
  • nextcloud-command
  • Opened 
    56 seconds ago
  • #8741

owasp-oasis/react
[Status: In Use] Medium severity CWE-353 (Missing Integrity Check) in fixtures/devtools/regression/16.7.html:18

TL;DR The script tag at line 18 loads react-cache from unpkg.com without a Subresource Integrity (SRI) hash. A compromised CDN, BGP hijack, or man-in-the-middle attack could serve malicious JavaScript. ...
  • appsecai-app[bot]
  • Opened 
    56 seconds ago
  • #27

gangiiopsdev/agentic-ai-cicd
[AI-Remediation] MEDIUM severity fix in app/main.py

🤖 AI Security Remediation 🟢 Auto-merge eligible — will merge after CI passes. 📊 Analysis - Severity: MEDIUM - Confidence: 85% - Auto-fix allowed: True 📝 Summary The application uses the subprocess ...
ai-remediation
severity-medium
  • gangiiopsdev
  • Opened 
    58 seconds ago
  • #86148

corefundev/backend
fix(R12-#91): recompute holiday features per forecast date in the recursive serve path

The recursive serve path carried the 5 holiday features frozen from the last history row → future holidays invisible. They re deterministic functions of the forecast date, exactly like the calendar features ...
  • corefundev
  • Opened 
    59 seconds ago
  • #111

ismayc/world-cup-viewer
Autofill: self-perpetuating loop chain + extract & test the core logic

Builds on the sleep-until-window scheduling (already on main) to make the autofill reliable despite GitHub s flaky scheduler, and adds a substantial test pass on the previously-untested internals. Review ...
  • ismayc
  • Opened 
    1 minute ago
  • #16