issues Search Results · language:Edge language:TypeScript language:JavaScript language:Java language:JavaScript linked:pr
Filter by
258k results
Bug: Missing Authentication on Payment Route
The /api/payments route does not require authentication.
File: apps/api/src/routes/paymentRoutes.js
Fix: Add authMiddleware to the POST route.
Duplicate ...
lucahermes444-arch
Security: Unrestricted CORS Policy
The Express app uses cors() with no configuration, allowing requests from any origin.
File: apps/api/src/app.js
Fix: Configure CORS with an explicit allowlist, reading ...
Bug description
Summary
celery 5.5.2 is affected by CVE-2026-37000 — task message deserialization allows an authenticated broker to execute
arbitrary code via a crafted task payload.
Required change ...
bug
claude-autofix
benjiandvince
Objective
Add a menu sorting control that works together with the active category, search query, and combined filters.
Tasks
- Define typed sorting options for featured items and price.
- Add an ...
area: accessibility
area: data
area: react
area: responsive
area: typescript
priority: medium
type: feature
alxnrocha
Bug: Missing Input Validation on Search Query
Description: The GET /api/search endpoint passes req.query.q directly to the search service without validation or length
limits.
File: apps/api/src/controllers/searchController.js ...
Problem
Changes to package files can mismatch lockfiles if dependencies are not checked for integrity.
Current Behavior
Dependencies are installed directly using npm ci but lockfile validation is not ...
enhancement
needs-review
KGFCH2
Is there an existing issue for this?
- [x] I have searched the existing issues
What happened?
Inside the useEffect hook, a native browser new Image() instance is created, and an img.onload event listener ...
type:bug
type:design
type:refactor
Puneethteja
배경
GitHub Actions 환경값은 개별 secret을 여러 개 만드는 방식보다, 로컬 .env를 기준으로 한 단일 dotenv secret이 운영과 검증 흐름을 맞추기 쉽습니다. 현재 저장소는
EASYSUBWAY_ENV secret을 사용하는 구조가 들어가 있지만, 이후 workflow가 늘어날 때 개별 EASYSUBWAY_* secret을 다시 추가하지 ...
AquilaXk
Siwon-ChoiProblem
First-time PR contributors do not receive automated links to contributing documentation, which can slow down review
feedback loops.
Current Behavior
Welcome bot only exists for issues.
Why ...
enhancement
needs-review
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.