issues Search Results · language:Edge language:Python linked:pr linked:pr language:Java language:JavaScript
Filter by
5.8M results
Diagnosis
serve() finally joins purge_thread (5s) and waits for writer.stop() (10s), but does not join the 6+ worker threads
(cache, long, warm) or the tracemalloc snapshotter. All daemon=True so process ...
audit-2026-06-12
audit-tier-2
threading
sgaduuw
Diagnosis
The purge thread calls cache._direct_purge_expired() directly, opening a SessionLocal() session on the shared pool. This
is the last write path outside the WriterThread (acknowledged in CONTEXT.md ...
audit-2026-06-12
audit-tier-2
threading
Diagnosis
_SITEMAP_GAP_LOGGED is a bare module-level bool; _maybe_warn_sitemap_targets_dropped() reads, checks, then writes global
_SITEMAP_GAP_LOGGED; _SITEMAP_GAP_LOGGED = True without a lock. Intent ...
audit-2026-06-12
audit-tier-2
threading
🐛 Issue: RAG safety detector prompt injection bypass via paraphrasing
Labels
security · testing · safety · NLP
Severity
🔴 Hard
Easy / Medium / Hard Classification
🔴 Hard
Why (Impact Reasoning)
...
level3
nsoc26
Eshajha19
Diagnosis
stop() sets _stopped = True under _stop_lock. submit() reads _stopped without holding the lock. Under free-threading a
thread calling submit() concurrently with stop() can see stale False, enqueue ...
audit-2026-06-12
audit-tier-2
threading
Problem
Some query functions in database operations constructed dynamic strings for table or session filtering, creating SQL
injection risks.
Current Behavior
Raw SQL strings are formatted dynamically ...
NSoC'26
KGFCH2
Diagnosis
ReadSessionPool.session() releases _closed_lock before yielding. close() can call engine.dispose() while a warm worker
holds an active session checked out from the pool. Connections invalidated ...
audit-2026-06-12
audit-tier-2
threading
背景
实验性功能需要统一 Feature Flag 治理,默认开启稳定能力、可关闭实验模块。
来源:post-v1.7.0-action-plan.zh-cn.md — P3-3
需求
- [ ] Advisor、Profile、Forecast、Local AI、Merchant Mining 均有独立 flag
- [ ] application.yml 文档化默认值
- [ ...
area:backend
priority:p3
type:tech-debt
xiaxinyu
Diagnosis
_TYPES: dict[str, type] and _TAGS: dict[type, str] are module-level dicts populated by register(). Today all register()
calls run at import time (serialized by Python s import lock), so safe. ...
audit-2026-06-12
audit-tier-1
threading
Diagnosis
repo = Repo(str(repo_path)) with no with block and no explicit repo.close(). The generator is consumed via
ProcessPoolExecutor.map; if the consumer aborts mid-walk (exception, timeout, cancel) ...
audit-2026-06-12
audit-tier-1
threading
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.