Issue search results

40.1M results (726 ms)

labtgbot/marketcap
[Stage 7][Security] Default secret/state stores in world-readable temp dir

Problem When the relevant env vars are unset, admin config, session, AI-feedback, and TON curation state persist as JSON under sys_get_temp_dir() (config/runtime.php, config/api.php). On shared hosts ...

bug

roadmap

security

stage-7-hardening

AINative-Studio/ainative-zerodb-memory-mcp
[security] Loosely pinned dependency "axios": "^1.6.0" uses ^ prefix in dependencies

WARNING: Loosely pinned dependency axios : ^1.6.0 uses ^ prefix in dependencies\n\nPillar: security\nCategory: \nData source: local\n\n## Suggestion\n\nConsider pinning axios to an exact version for ...

mollybeach/soroban-fullstack-poc
Home page interactive dApp: read snapshot + write all slots + transaction log

Home page interactive dApp: read snapshot + write all slots + transaction log Label: enhancement Summary Build the main home page (frontend/app/page.tsx) as an interactive dApp that reads the contract ...

enhancement

AINative-Studio/ainative-zerodb-memory-mcp
[security] Loosely pinned dependency "@modelcontextprotocol/sdk": "^0.5.0" uses ^ prefix in dependencies

WARNING: Loosely pinned dependency @modelcontextprotocol/sdk : ^0.5.0 uses ^ prefix in dependencies\n\nPillar: security\nCategory: \nData source: local\n\n## Suggestion\n\nConsider pinning @modelcontextprotocol/sdk ...

AINative-Studio/ainative-zerodb-memory-mcp
[security] Scanner "dep-pinning-docker" timed out after undefinedms

WARNING: Scanner dep-pinning-docker timed out after undefinedms\n\nPillar: security\nCategory: \nData source: local\n\n## Suggestion\n\nIncrease scannerTimeout in configuration or check network connectivity\n\n\n\n---\nIdentified ...

GitGitRice/pos-project
Void endpoint + lazy void for unpaid sales

Parent Part of the SumUp card payment integration. Full design contract in docs/adr/0003-pending-sale-before-payment-with-webhook-confirmation.md. What to build Two complementary mechanisms to cancel ...

enhancement

mollybeach/soroban-fullstack-poc
Wallet integration via Stellar Wallets Kit (extensions + optional WalletConnect)

Wallet integration via Stellar Wallets Kit (extensions + optional WalletConnect) Label: enhancement Summary Wire wallet connection and transaction signing using @creit-tech/stellar-wallets-kit, supporting ...

enhancement

labtgbot/marketcap
[Stage 7][Security] Weak CSP and missing X-Frame-Options

Problem functions.php:136 sets script-src self unsafe-inline unsafe-eval … (and style-src unsafe-inline ). With unsafe-inline, CSP gives essentially no XSS protection (it is what makes #186 executable); ...

enhancement

roadmap

security

stage-7-hardening

AINative-Studio/ainative-zerodb-memory-mcp
[security] Scanner "binary-artifacts" timed out after undefinedms

WARNING: Scanner binary-artifacts timed out after undefinedms\n\nPillar: security\nCategory: \nData source: local\n\n## Suggestion\n\nIncrease scannerTimeout in configuration or check network connectivity\n\n\n\n---\nIdentified ...

labtgbot/marketcap
[Stage 7][Security] Anonymous, unbounded AI insight endpoint

Problem api/ai.php:64 exposes POST /api/ai/insight anonymously, proxying to a paid, server-keyed Groq provider. The provider s advertised rate_limit is not enforced in code — only the (fail-open, UA-bypassable) ...

bug

roadmap

security

stage-7-hardening

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Filter by

State

Advanced

labtgbot/marketcap
[Stage 7][Security] Default secret/state stores in world-readable temp dir

AINative-Studio/ainative-zerodb-memory-mcp
[security] Loosely pinned dependency "axios": "^1.6.0" uses ^ prefix in dependencies

mollybeach/soroban-fullstack-poc
Home page interactive dApp: read snapshot + write all slots + transaction log

AINative-Studio/ainative-zerodb-memory-mcp
[security] Loosely pinned dependency "@modelcontextprotocol/sdk": "^0.5.0" uses ^ prefix in dependencies

AINative-Studio/ainative-zerodb-memory-mcp
[security] Scanner "dep-pinning-docker" timed out after undefinedms

GitGitRice/pos-project
Void endpoint + lazy void for unpaid sales

mollybeach/soroban-fullstack-poc
Wallet integration via Stellar Wallets Kit (extensions + optional WalletConnect)

labtgbot/marketcap
[Stage 7][Security] Weak CSP and missing X-Frame-Options

AINative-Studio/ainative-zerodb-memory-mcp
[security] Scanner "binary-artifacts" timed out after undefinedms

labtgbot/marketcap
[Stage 7][Security] Anonymous, unbounded AI insight endpoint

Learn how you can use GitHub Issues to plan and track your work.

Learn how you can use GitHub Issues to plan and track your work.

issues Search Results · language:Edge language:TypeScript language:PHP language:JavaScript language:TypeScript

Filter by

State

Advanced

40.1M results

Learn how you can use GitHub Issues to plan and track your work.

Learn how you can use GitHub Issues to plan and track your work.