-
Notifications
You must be signed in to change notification settings - Fork 22
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
Ref-update feeds over-drop distinct-owner remote rows because the wire slug is method-lossy
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:bugDefect fix — wrong or unsafe behaviorDefect fix — wrong or unsafe behaviorsev:lowCosmetic, cleanup, or nice-to-haveCosmetic, cleanup, or nice-to-havesubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#144 In Gitlawb/node;list_pins / list_anchors serve stale metadata for repos made private after push (no index reconciliation on visibility downgrade)
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#136 In Gitlawb/node;GET /ipfs/{cid} serves tree/commit objects of withheld subtrees, leaking structure get_tree protects (KTD3)
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#135 In Gitlawb/node;GET /ipfs/{cid} serves withheld DANGLING (unreachable) blobs to anon: gate uses fail-open deny-set, not fail-closed allowed-set
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#126 In Gitlawb/node;Replicated mirror rows are public with no rules: unauthenticated read of withheld repo content via bare short-DID owner
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:replicationMirror, replica, and cross-node syncMirror, replica, and cross-node syncsubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#124 In Gitlawb/node;MCP/CLI repo read tools serialize the node's error body as a fabricated result (no HTTP status check)
crate:glgl — the contributor CLIgl — the contributor CLIkind:bugDefect fix — wrong or unsafe behaviorDefect fix — wrong or unsafe behaviorsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfaceStatus: Open.#123 In Gitlawb/node;Unauthenticated metadata indexes leak private-repo data: /ipfs/pins and /arweave/anchors
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#121 In Gitlawb/node;Repo-scoped read surfaces gated by existence only, not visibility (certs, issues, labels, bounties, stars)
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#120 In Gitlawb/node;git-remote-gitlawb deadlocks on incremental (multi-round) fetch
crate:git-remotegit-remote-gitlawb — the git remote helpergit-remote-gitlawb — the git remote helperkind:bugDefect fix — wrong or unsafe behaviorDefect fix — wrong or unsafe behaviorsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfaceStatus: Open.#117 In Gitlawb/node;Owner-push enforcement is opt-in (off by default): decide the default write posture
crate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:identityDID/UCAN, http-sig auth, push authorizationDID/UCAN, http-sig auth, push authorizationStatus: Open.#118 In Gitlawb/node;git-receive-pack info/refs advertisement skips the visibility gate, leaking private repo ref metadata
crate:git-remotegit-remote-gitlawb — the git remote helpergit-remote-gitlawb — the git remote helpercrate:nodegitlawb-node — the serving node and REST APIgitlawb-node — the serving node and REST APIkind:securityVulnerability fix or hardeningVulnerability fix or hardeningsev:highMajor break or real security/trust risk, no easy workaroundMajor break or real security/trust risk, no easy workaroundsubsystem:apiNode REST API request/response surfaceNode REST API request/response surfacesubsystem:visibilityPath-scoped visibility and content withholdingPath-scoped visibility and content withholdingStatus: Open.#116 In Gitlawb/node;gl/MCP read commands send unsigned requests to visibility-gated endpoints, breaking them for private-repo owners
crate:glgl — the contributor CLIgl — the contributor CLIkind:bugDefect fix — wrong or unsafe behaviorDefect fix — wrong or unsafe behaviorsev:mediumDegraded but workaround existsDegraded but workaround existssubsystem:apiNode REST API request/response surfaceNode REST API request/response surfaceStatus: Open.#115 In Gitlawb/node;