issues Search Results · language:Dune language:Python language:Java language:JavaScript language:JavaScript
Filter by
55.4M results
Responder run history and connector access are not team-scoped. Add team_id and enforce it on reads/writes.
- [ ] Add team_id to run/connector records (+ migration)
- [ ] Scope queries to the caller ...
security
tenancy
fabriziosalmi
CSPM scan/result storage is not consistently namespaced per team; the dashboard summary path scans all keys and filters
client-side (open-security-cspm/app/main.py).
- [ ] Namespace scan/result storage ...
cspm
security
tenancy
open-security-data models (Source/Indicator) have no team_id; list/search endpoints (app/api/main.py) return every team
data. This is a cross-tenant disclosure.
- [ ] Add team_id columns + Alembic migration ...
security
tenancy
Provide one place to enforce tenancy and role so downstream services do not reinvent it: a team-scoped query helper and
a require_role dependency/permission. The role helper exists (gateway_auth.require_role) ...
security
tenancy
Service layouts are inconsistent. Adopt identity as the reference (app/{api,models,schemas,config,auth}.py + alembic/)
and document the standard so new services and refactors converge.
- [ ] Document ...
documentation
tech-debt
open-security-tools/app/auth.py accepts a static X-API-Key and returns role=admin, team_id=000...0; agents to tools
traffic uses exactly this path, so it runs as a zero-team admin and defeats tenancy. ...
security
tenancy
agents/data/identity/responder/tools each reimplement get_current_user/gateway-origin verification (112-350 LOC each),
risking drift on the security-critical path. Collapse onto the shared gateway_auth ...
security
tech-debt
Once open-security-shared is installable, remove every sys.path.insert + try/except ImportError shim (e.g.
open-security-tools/app/auth.py, open-security-agents/app/auth.py) and import normally.
- [ ...
tech-debt
open-security-shared/ is consumed via sys.path.insert(...) hacks with try/except ImportError fallbacks, rather than a
real dependency. Package it (pyproject) and install it per service so imports are normal ...
tech-debt
배경
- Juneso/vibedesign#18(트리거 타이밍)과 달리, 게스트가 능동적으로 계정 연결을 시작할 고정 진입점이 없음
- 시스템이 먼저 제안하는 트리거(T1~T3)를 무시한 유저도 나중에 백업을 원할 수 있음
details summary 기술 전제 — Firebase linkWithCredential /summary
BKT-277에서 ...
UX
기획
linear-code[bot]
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.