issues Search Results · language:Dune language:JavaScript language:Java language:JavaScript linked:pr language:Java
Filter by
3.2M results
Parent bounty: #743
Bug
The /jobs/[id] page renders the raw route id and generic placeholder copy. Job cards link to known mock job ids, but the
detail route does not show the matching job title or budget ...
wangedmund77-cmyk
Parent bounty: #743
Bug
GET /api/search passes any q value directly into the search service. Extremely long query strings can consume avoidable
request and service work and make future database-backed ...
Parent bounty: #743
Bug
POST /api/uploads returns a 201 success response even when no file is attached. That makes failed uploads
indistinguishable from successful uploads for API clients.
Expected ...
Parent bounty: #743
Bug
POST /api/jobs currently accepts job creation requests without any bearer token. That allows anonymous callers to create
marketplace job records.
Expected
- Job listing can ...
Parent bounty: #743
Bug
POST /api/payments can be called without an access token. That lets unauthenticated callers create payment intent
placeholders against the API.
Expected
- Payment creation ...
Parent bounty: #743
Bug
The admin routes require any valid token, but they do not check the authenticated user s role. A normal client or
freelancer token can call admin metrics.
Expected
- Admin ...
Parent bounty: #743
Bug
POST /api/auth/refresh currently ignores the request body and always mints a new token for a hard-coded user. A caller
can obtain a fresh access token without proving possession ...
Parent bounty: #743
Bug
The public registration schema accepts role: admin . Any caller can self-assign an admin role during account creation
before authorization checks exist.
Expected
- Public ...
What would you like to see?
While an agent session is active we should be able to manage the tools available to the agent. This should work by
modifying the plugins available to the aibitat agent. There ...
enhancement
feature request
shatfield4
Parent bounty: #743
Bug
The Express app currently calls cors() with no options, so every origin receives permissive CORS behavior. For an API
that will carry account, billing, messaging, and admin data, ...
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.