issues Search Results · language:Edge language:Python language:JavaScript language:Python language:Python language:Java
Filter by
17.6M results
--accent-dim light = #a8794d computes to 3.38:1 on --bg (#f5f1e8) and 3.60:1 on --paper (#fbf8f1) — below 4.5:1 for the
small mono text it labels.
Used for: diagram inner label (HomeDiagram.vue), scope-column ...
a11y
design-audit
p1
nficano
--faint dark = #5f5949 on --bg #110f0c computes to 2.74:1 — fails even the 3:1 UI/large-text floor. Worst contrast
offender on the site.
Used for: same faint roles as the light variant, in dark theme. ...
a11y
design-audit
p0
--faint light = #756e62 on --bg #f5f1e8 computes to 4.47:1 — below the 4.5:1 AA floor for normal text.
Used for: right-rail TOC sub-items, home step indices, faint markers (app/components/DocsToc.vue, ...
a11y
design-audit
p0
sitemap.sources points at /api/__sitemap__/urls and @nuxtjs/seo provides robots. Confirm both actually emit on the
production build (not just dev).
Acceptance criteria
- / site /robots.txt and / site ...
design-audit
p3
seo
No social cards exist (ogImage.enabled = false). Add dynamic, GitHub-style per-page social cards using the Nuxt SEO /
nuxt-og-image module.
Fix
- Enable ogImage; create a branded card component (Inkwell ...
design-audit
p1
seo
@nuxtjs/seo is installed and site.{url,name,description} is set, but per-page social meta is incomplete and ogImage is
disabled (see SEO-2).
Findings
- nuxt.config.ts: ogImage: { enabled: false }. ...
design-audit
p1
seo
严重程度:High
文件:go-service/internal/redis/redis.go:89-91
问题描述
Unlock 直接使用 DEL 命令删除锁 key,不验证调用者是否为锁的持有者。锁值始终为 1 无唯一标识符。
影响
并发请求可互相窃取锁
建议修复
锁值使用 UUID 生成,DEL 前先比较锁值
go
high
rayyen0902
dougv8Duplicate Check
- [x] I have searched the opened issues and there are no duplicates
Describe the requested feature
Currently, TabBar doesn t support ink_color change.
I can t just replace Button ...
feature request
Iaw4tch
严重程度:Critical
文件:go-service/internal/sse/broker.go:101
问题描述
broker.go 中直接拼接用户输入的 session_id 到 SSE 响应,攻击者可通过 URL 参数注入 JavaScript。
影响
通过 SSE 连接的 XSS 攻击
建议修复
使用 json.Marshal 序列化 sessionID
critical
go
security
sse
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.