-
Notifications
You must be signed in to change notification settings - Fork 25
All issues
Issue creation is restricted in this repository
Issues
is:issue state:open
is:issue state:open
Search results
Implement the reconciliation sweep the replication path already assumes as a durability backstop
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:featureNew capability or surfaceNew capability or surfacesev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:replicationMirror, replica, and cross-node syncMirror, replica, and cross-node syncsubsystem:storageBlob/object store, Arweave, IPFS, archivesBlob/object store, Arweave, IPFS, archivesStatus: Open.#218 In Gitlawb/node;Detach post-receive replication scans onto the F5 drain task (close the #174 inline-park residual)
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:bugDefect fix — wrong or unsafe behaviorDefect fix — wrong or unsafe behaviorsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:encryptionEncrypted subtrees, recipient blinding, key zeroizationEncrypted subtrees, recipient blinding, key zeroizationsubsystem:replicationMirror, replica, and cross-node syncMirror, replica, and cross-node syncStatus: Open.#217 In Gitlawb/node;icaptcha-client: no test binds new()'s empty-API-key filter, so a Some("") regression would ship green
kind:testTest coverage or harnessTest coverage or harnesssev:lowCosmetic, cleanup, or nice-to-haveCosmetic, cleanup, or nice-to-havesubsystem:apiNode REST API request/response surfaceNode REST API request/response surfaceStatus: Open.#216 In Gitlawb/node;icaptcha-client: no test binds to IcaptchaCfg::new's API-key gate, so a key-attach regression would ship green
crate:glgl — the contributor CLIgl — the contributor CLIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfaceStatus: Open.#212 In Gitlawb/node;icaptcha mock-consumed guard: swallowed dual-contact leak is invisible, and the blackhole has no tripwire test
kind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:identityDID/UCAN, http-sig auth, push authorizationDID/UCAN, http-sig auth, push authorizationStatus: Open.#211 In Gitlawb/node;Advisory-lock key uses DefaultHasher — cross-machine write exclusion can silently break across node builds
crate:coregitlawb-core — identity, certs, encrypt, DID/UCANgitlawb-core — identity, certs, encrypt, DID/UCANcrate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:bugDefect fix — wrong or unsafe behaviorDefect fix — wrong or unsafe behaviorsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:storageBlob/object store, Arweave, IPFS, archivesBlob/object store, Arweave, IPFS, archivesStatus: Open.#210 In Gitlawb/node;gl duplicates the owner-resolution helper across 4 command modules, keeping a node-DID fallback repo.rs already dropped as a bug
crate:glgl — the contributor CLIgl — the contributor CLIkind:refactorRestructure, behavior preservedRestructure, behavior preservedsev:lowCosmetic, cleanup, or nice-to-haveCosmetic, cleanup, or nice-to-havesubsystem:identityDID/UCAN, http-sig auth, push authorizationDID/UCAN, http-sig auth, push authorizationStatus: Open.#208 In Gitlawb/node;TrustedProxy IP trust is config-asserted, not peer-verified: header rotation defeats every per-IP brake
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfaceStatus: Open.#207 In Gitlawb/node;iCaptcha gate fails OPEN in enforce mode when the public key cannot load
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:encryptionEncrypted subtrees, recipient blinding, key zeroizationEncrypted subtrees, recipient blinding, key zeroizationStatus: Open.#206 In Gitlawb/node;fork_repo / create_repo orphan on-disk repos (and a spent iCaptcha proof / uploaded object) on late DB failure
kind:bugDefect fix — wrong or unsafe behaviorDefect fix — wrong or unsafe behaviorsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:attestationCertificates, anchoring, per-ref attestationCertificates, anchoring, per-ref attestationsubsystem:storageBlob/object store, Arweave, IPFS, archivesBlob/object store, Arweave, IPFS, archivesStatus: Open.#205 In Gitlawb/node;Read/fork handlers run blocking git subprocesses on the tokio runtime (no spawn_blocking, no timeout)
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:storageBlob/object store, Arweave, IPFS, archivesBlob/object store, Arweave, IPFS, archivesStatus: Open.#204 In Gitlawb/node;test(node): submit_bounty claimant gate is a vacuous guard; harden every_in_scope_mutation_has_its_gate
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:testTest coverage or harnessTest coverage or harnesssev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfaceStatus: Open.#203 In Gitlawb/node;