issues Search Results · language:Edge language:Python linked:pr linked:pr language:Java language:JavaScript
Filter by
5.7M results
Reason
404 pages render Express default HTML — no app shell, no navigation, no way back. User is stranded.
Problem (H4)
Non-existent routes (e.g., /nonexistent, POST /api/users/create before the route ...
enhancement
TimK42
Summary
The prior field-array dogfood artifact showed budget pressure but did not evaluate a concrete edit-task signal set. Add
deterministic task-readiness evidence for a field-array edit so priority ...
minislively
Reason
Login form is invisible to password managers. Pages have no heading structure. Clickable elements are div instead of
button.
Problems (H2, H3, M1, M5)
- H2: Password fields lack autocomplete= ...
enhancement
Print a warning if the configure forcings is run more than once that parameters will need to be deleted out of
user_nl_mom
found by @enrico-mi
manishvenu
Reason
No security headers are set — the app is vulnerable to clickjacking, XSS reflection, and lacks a Content Security
Policy.
Problem (C4)
Current response headers:
X-Powered-By: Express
X-Content-Type-Options: ...
enhancement
Reason
Screen reader and keyboard-only users are completely locked out — all navigation uses div onclick without ARIA or
semantic HTML.
Problems (C1, C2, C3)
- C1: No nav, main, header — everything ...
enhancement
Bug
The provider-driven embedding routing path does NOT honor the privacy mode s force_local_only constraint. ISOLATED and
EPHEMERAL modes correctly force chat to local-only routes (Ollama), but the embedding ...
bug
security
UncleSaurus
Description
src/config/api.js defines a RETRYABLE_METHODS Set at line 55 to control which HTTP methods should be retried
on 502/503/504:
const RETRYABLE_METHODS = new Set([ GET , HEAD , OPTIONS , ...
shreyasfegade
Problem
Express HTTP headers are not fully secured by default.
Current Behavior
The server currently relies on default Express headers, which can expose it to vulnerabilities like XSS and
clickjacking. ...
good first issue
DebasmitaBose0
Description
api/leaderboard.js has corrupted trailing code at lines 217–219 after the valid handler function closing. The file ends
correctly at line 216 with } closing the catch block, but lines 217–219 ...
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.