issues Search Results · language:B4X language:C++ language:TypeScript language:TypeScript language:JavaScript linked:pr
Filter by
5.8M results
Bug
The /api/notifications route currently allows unauthenticated callers to list and create notifications. Notification
data is account-scoped by nature, so the route should require the same bearer-token ...
sureshchouksey8
Describe the bug
In src/components/auth/ProtectedRoute.js, the route protection logic relies entirely on the isAuthenticated() context
state to block unauthenticated users.
However, React Context state ...
bug
enoshdev
Created scoped issue for #743. The notification service currently builds new notifications as { id: generated, read:
false, ...payload }, so a request body can override both the generated notification ...
orenodinner
see https://github.com/shaftoe/pi-deepseek-usage/actions/runs/26708232157/job/78713495748
shaftoe
Summary
Make the default o command palette feel more like a Vomnibar by showing useful bookmark suggestions even before the user
types.
Acceptance criteria
- Empty all-source palette searches can ...
DaikiMiwa
Security: Unauthenticated notification creation endpoint
Description: The API exposes POST /api/notifications without auth middleware, allowing unauthenticated users to create
notifications.
File: apps/api/src/routes/notificationRoutes.js ...
MikeGarciaAGM
Describe the bug
In src/utils/fetchWithTimeout.js, the fetch configuration spreads ...options but explicitly overwrites the signal
property with its own internal controller.signal.
Because of this, if ...
bug
Summary
Chroxy s PTY-keystroke driver for multi-question AskUserQuestion forms has a 0/7 production success rate in the last 24h
of chroxy.log on a live dogfood machine. All 7 multi-question forms emitted ...
bug
from-review
blamechris
Security: Unauthenticated message posting endpoint
Description: The API exposes POST /api/messages without auth middleware, allowing unauthenticated users to create
messages.
File: apps/api/src/routes/messageRoutes.js ...
Bug Description
In backend/controllers/taskController.js, the updateTask function passes raw req.body directly into MongoDB s $set
operator without whitelisting allowed fields. An authenticated user can ...
vipul674
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.