issues Search Results · language:Dune language:TypeScript language:JavaScript language:JavaScript linked:pr language:Java
Filter by
253k results
Bug
POST /users accepts any fields from req.body without filtering.
Fix
Destructure only expected fields.
/bounty $50
ref: #33
codeboost-tr
Bug
The Express app in apps/api/src/index.ts has no cors() middleware. Cross-origin requests from the web frontend will be
blocked.
Fix
Add cors package and app.use(cors()).
/bounty $50
ref: #33
Bug
In apps/api/src/routes/users.ts, the ...req.body spread happens after id: stub-user-id , so a client can override the
user ID by sending { id : malicious-id } in the POST body.
Fix
Spread req.body ...
問題
README が cmd_498 (PWA + Web Share Target API) や cmd_502 相当 (macOS launchd 対応) の追加後に更新されておらず、現状実装と齟齬がある。
修正点
- Features: PWA / Web Share Target / Android 共有メニュー対応 / macOS launchd 対応を追記
- Setup: ...
halsk
Parent bounty: #743
Problem
POST /api/messages passes req.body directly to sendMessage without any schema validation. Empty or malformed message
payloads are silently accepted.
This issue is limited ...
jojosenthusiast
Parent bounty: #743
Problem
POST /api/proposals passes req.body directly to createProposal without any schema validation. Unlike POST /api/jobs
which validates with createJobSchema.parse(req.body), proposal ...
Pre-flight Checks
- [x] I have searched existing issues and this is not a duplicate
- [x] I understand this issue needs status:approved before a PR can be opened
Problem Description
DevDeck is now ...
documentation
good first issue
help wanted
priority:p2
status:approved
tiagofur
Action: fix Target: Fix README documentation issues from last review: broken doc links, webhook endpoint documentation,
and PUT/PATCH inconsistency
Created by kaizen delivery.
kaizen:running
SevFle
Parent bounty: #743
Problem
POST /api/auth/refresh issues a new access token without reading or verifying the caller s refresh token. The controller
calls refreshToken() with no arguments; the service ...
parent: #32
작업 내용
실수로 인한 데이터 손실을 막기 위해, 초기화 버튼 클릭 시 확인 다이얼로그를 표시하고 사용자가 확인한 경우에만 초기화를 실행한다.
배경
초기화는 모든 거래 내역과 예산을 삭제하는 비가역적 동작이므로, 사용자 확인 절차가 필요하다. window.confirm 또는 간단한 커스텀 확인 UI를 사용한다.
완료 조건
...
Sub-issue
개발
bird798
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.