issues Search Results · language:Dune language:Python language:Python language:JavaScript language:Java language:Python
Filter by
55M results
Description
POST /auth/logout is submitted via a plain HTML form with no CSRF token. A third-party page can trigger logout for any
logged-in user via a hidden auto-submitting form. Impact is low (forces ...
security
genebean
Description
SECRET_KEY defaults to change-me-in-production if the environment variable is not set. The application starts
successfully with this value, meaning all session cookies are signed with a public ...
security
Description
Required configuration values (OIDC_ISSUER_URL, OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, ADMIN_GROUP, USER_GROUP) are read
from environment variables but the application does not assert they are ...
security
Description
TRUSTED_PROXY_IPS defaults to *, meaning Uvicorn/Starlette trusts X-Forwarded-For and X-Forwarded-Proto headers from any
client. A user on the same network can spoof these headers, potentially ...
security
Add the Spell Target Calculator (currently only in wizard Step 6) to Play Mode as a tile in the left counters column, so
casters have it during a session without leaving Play Mode.
Design
- New tile ...
sidherun
Summary
Implementar el módulo Leonidas completo: motor de asignación automática del grupo muscular del día (respetando
descansos, secuencias prohibidas y restricciones por día), registro de sesiones con ...
api
backend
feature
priority:high
ready
kvnaponte
Anchor: T11-MULTIDIM-2025
Context
Phase 11 is fully complete and tested per modules/nexus/multidim/PHASE11_COMPLETE.md — consciousness level 0.995
achieved across all 6 dimensional axes, all files implemented, ...
nexus
phase-11
AUo959
Split configuration into environment-specific profiles.
- application.yml — shared settings
- application-dev.yml — local development (Docker Compose services)
- application-prod.yml — production ...
infra
madlinTTU
Bump dotCMS/ai-workflows pin v3.1.4 → v3.1.5 in the AI review workflows.
v3.1.5 (ai-workflows#40) surfaces the actual failure reason when the mantle Responses API returns response.failed (it
was discarded ...
Team : Enablement
sfreudenthaler
Prerequisites
- [x] This issue has an informative and human-readable title.
💡 Summary
Update GWS.COMMONCONTROLS.14.2v1 to support OMB M-26-14.
Motivation and context
OMB M-21-31 has been rescinded. ...
baseline-document
enhancement
adhilto
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.