pullrequests Search Results · language:Dune language:Python language:JavaScript language:JavaScript language:PHP language:Go
Filter by
184M results
!-- CURSOR_AGENT_PR_BODY_BEGIN --
Summary
Removes use of eval() when parsing the emails field in invite_users_to_challenge.
Changes
- Add parse_invite_email_list() with json.loads, comma-separated ...
RishabhJain2018
!-- CURSOR_AGENT_PR_BODY_BEGIN --
Summary
Addresses a critical account-takeover risk on the challenge invitation acceptance API.
Changes
- Restrict PATCH /accept-invitation/ to pending invitations ...
!-- CURSOR_AGENT_PR_BODY_BEGIN --
Summary
Mitigates zip slip (path traversal) when extracting challenge and submission archives.
Changes
- Add safe_extract_zip_file() in apps/base/utils.py to validate ...
!-- CURSOR_AGENT_PR_BODY_BEGIN --
Summary
Fixes stored XSS in the mathjaxBind Angular directive used for challenge HTML content.
Changes
- Replace $compile of user HTML with $sanitize and direct ...
!-- CURSOR_AGENT_PR_BODY_BEGIN --
Summary
Adds missing authorization checks on zip-based challenge creation and validation endpoints.
Changes
- Add get_challenge_host_team_membership_error() helper. ...
tseaverSee Commits and Changes for more details.
Created by img src= https://prod.download/pull-18h-svg valign= bottom / pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please ...
⤵️ pull
pull[bot]
Adds --output flag to beliefs build subcommand for file output.
driasim
VGFernandezMedina
This PR contains the following updates:
| Package | Type | Update | Change |
| --- | --- | --- | --- |
| astral-sh/setup-uv | action | minor | v8.1.0 → v8.2.0 |
[!WARNING] Some dependencies could not ...
renovate[bot]