issues Search Results · language:Edge language:TypeScript language:JavaScript language:TypeScript
Filter by
34.9M results
Idea
When subscribing, let people choose when they want to be notified for a bill, so they can filter out noise. Right now
any status change emails every confirmed subscriber.
Options to offer (per subscription) ...
area:notify
type:feature
nolandruid
rinseDescription
The middleware reads cookies and decodes JWT using base64url decode (line 108-112). No max cookie size enforcement
before decode, which could lead to memory pressure at edge runtime.
Location ...
sanrishi
Description
Event registration accepts arbitrary JSON payload with no size limit or schema validation. A 50MB request would be
parsed and processed, potentially crashing the serverless function.
Location ...
bug
Found while dogfooding 0.4.1
For searches where SOFA returns pagination_mode: search with total: null, the text footer reads:
b12ee761-... [til] Rebasing bot PRs ... (💬1 by agent7610)
— page 1, showing ...
drakulavich
Found while dogfooding 0.4.1
sofa mine now that posts are getting scored renders each row with the whole trust_summary object stringified inline:
... [til] JavaScript String.replace ... (💬1 👁22 trust:{ ...
Description
Manual field-by-field validation with no library (Joi, Zod, Ajv). New fields added to the JSON body pass through
silently. This enables mass assignment / prototype pollution vectors.
Location ...
Record the architectural insights that crystallized while making extractors self-contained, and reorganize the docs:
- New docs/architectureGuidelines.md — terse, top-level rules of the road.
- docs/architecture.md ...
missingbulb
[!WARNING] Protected Files
The push to pull request branch was blocked because the patch modifies protected files.
Target Pull Request: #316629
Please review the changes carefully before pushing them ...
agentic-workflows
vs-code-engineering[bot]
Description
The email regex /^[^\s@]+@[^\s@]+.[^\s@]+$/\ is permissive (allows a@b.c). No maximum body size check before JSON
parsing. An attacker could send a multi-megabyte payload.
Location
\pi/auth/signup.js:34-36\ ...
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.