issues Search Results · language:Dune language:Python language:TypeScript language:JavaScript language:Python
Filter by
56.7M results
attwad来源:2026-06-13 六分区安全审查(Medium)。行号经当前代码复核。
问题
预览渲染挂 rehype-raw 但无 rehype-sanitize,原始 HTML 仅靠 React/defaultUrlTransform 隐式兜底,缺显式白名单过滤。
位置
- frontend/src/components/DocCodePreview.tsx:15 import rehypeRaw,:399 ...
area:frontend
bug
security-audit
severity:medium
lyty1997
Problem
When no data exists, users may encounter blank screens or generic messages.
Current empty states provide limited guidance and can make the application feel unfinished.
Proposed Solution
Create ...
good first issue
gssoc:approved
level:beginner
type:feature
type:UI
type:UX
gopaljilab
来源:2026-06-13 六分区安全审查(Medium)。行号经当前代码复核。
问题
精修失败(熔断 fail-fast 快速返回原文)时 used_refiner 仍为 True,导致以 失败的极短耗时 record_llm 污染 RateController 吞吐桶,令其误判 LLM 极快、后续段长决策失真。
位置
- backend/docrestore/pipeline/pipeline.py:1909-1921 ...
area:llm
area:pipeline
bug
security-audit
severity:medium
来源:2026-06-13 六分区安全审查(Medium)。行号经当前代码复核。
问题
多子目录任务在 code 模式 / PPT 模式 / 关精修 / 全缓存 resume 等 根本不调云端 LLM 的路径,仍走 warmup 冷启动、wait_cold_start 白等最长 60s。
位置
- backend/docrestore/pipeline/pipeline.py:700-711(_process_tree ...
area:pipeline
bug
security-audit
severity:medium
来源:2026-06-13 六分区安全审查(Medium)。行号经当前代码复核。含原审查 M9(cancel 不 await)残留。
问题
用户取消任务不发终结进度帧 → 已订阅的 WS 客户端永久挂起。
cancel_task 抢先 _finalize(FAILED) 赢得终态竞争,但自身从不 publish_progress;随后 run_task 的 CancelledError handler ...
area:api
area:pipeline
bug
security-audit
severity:medium
来源:2026-06-13 六分区安全审查(Medium)。行号经当前代码复核。
问题
诊断子进程无内存上限;且 killpg 后第二次 communicate() 无 timeout,可永久阻塞诊断线程。
位置
- backend/docrestore/processing/code_diagnostics.py:42 — 注释明确 不设 RLIMIT_AS (避免误伤 rustc,但也无任何内存上限)。 ...
area:processing
bug
security-audit
severity:medium
작업 내용
입양 상세(adoption/{id}) 하단 고정 CTA 바를 피그마 btn layout 디자인에 맞춰 반응형으로 정비한다.
상태별 스펙
- 모바일(1654:148608): px-16 py-16, 가운데 정렬, 하트(48) + 노란 버튼(h-48, 가득)
- 탭(1654:148637): px-48 py-12, 우측 정렬, 하트(48) + ...
heeyoung123
来源:2026-06-13 六分区安全审查(Medium)。行号经当前代码复核。
问题
单个 aiosqlite 连接被所有协程共享,无锁串行化;多语句事务的 commit 边界可被并发协程的 commit() 提前打断。
位置
- backend/docrestore/persistence/database.py:146 — self._db = await aiosqlite.connect(...) ...
area:persistence
bug
security-audit
severity:medium
Trivy mendeteksi celah keamanan HIGH pada Docker image bookslib-books-service. Harap diperiksa namun pipeline akan tetap
dilanjutkan untuk saat ini.
earthwrld
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.