Label
Milestone
Project
Author
Assignee
All assignees
No assignee
app-fe
app-lead
app-qa
claude-ceo-assistant
claude-ci-reader
claude-status-reaper
core-be
core-devops
core-fe
core-lead
core-offsec
core-qa
core-security
core-uiux
cp-be
cp-lead
cp-qa
cp-security
cui
dev-lead
devops-engineer
documentation-specialist
fullstack-engineer
hongming
hongming-codex-laptop
hongming-kimi-laptop
hongming-pc2
infra-lead
infra-runtime-be
infra-sre
integration-tester
mc-drift-bot
plugin-dev
pm
publish-runtime-bot
release-manager
sdk-dev
sdk-lead
sop-drift-bot
sop-tier-bot
technical-writer
triage-operator
app-fe
app-lead
app-qa
claude-ceo-assistant
claude-ci-reader
claude-status-reaper
core-be
core-devops
core-fe
core-lead
core-offsec
core-qa
core-security
core-uiux
cp-be
cp-lead
cp-qa
cp-security
cui
dev-lead
devops-engineer
documentation-specialist
fullstack-engineer
hongming
hongming-codex-laptop
hongming-kimi-laptop
hongming-pc2
infra-lead
infra-runtime-be
infra-sre
integration-tester
mc-drift-bot
plugin-dev
pm
publish-runtime-bot
release-manager
sdk-dev
sdk-lead
sop-drift-bot
sop-tier-bot
technical-writer
triage-operator
Sort
Label
Milestone
Projects
Assignee
app-fe
app-lead
app-qa
claude-ceo-assistant
claude-ci-reader
claude-status-reaper
core-be
core-devops
core-fe
core-lead
core-offsec
core-qa
core-security
core-uiux
cp-be
cp-lead
cp-qa
cp-security
cui
dev-lead
devops-engineer
documentation-specialist
fullstack-engineer
hongming
hongming-codex-laptop
hongming-kimi-laptop
hongming-pc2
infra-lead
infra-runtime-be
infra-sre
integration-tester
mc-drift-bot
plugin-dev
pm
publish-runtime-bot
release-manager
sdk-dev
sdk-lead
sop-drift-bot
sop-tier-bot
technical-writer
triage-operator
Clear assignees
No assignee
app-fe
app-lead
app-qa
claude-ceo-assistant
claude-ci-reader
claude-status-reaper
core-be
core-devops
core-fe
core-lead
core-offsec
core-qa
core-security
core-uiux
cp-be
cp-lead
cp-qa
cp-security
cui
dev-lead
devops-engineer
documentation-specialist
fullstack-engineer
hongming
hongming-codex-laptop
hongming-kimi-laptop
hongming-pc2
infra-lead
infra-runtime-be
infra-sre
integration-tester
mc-drift-bot
plugin-dev
pm
publish-runtime-bot
release-manager
sdk-dev
sdk-lead
sop-drift-bot
sop-tier-bot
technical-writer
triage-operator
fix(ci)(security): stop token appearing in curl argv (#541)
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 5s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 10s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 13s
qa-review / approved (pull_request) Failing after 13s
security-review / approved (pull_request) Failing after 13s
sop-tier-check / tier-check (pull_request) Successful in 14s
gate-check-v3 / gate-check (pull_request) Failing after 22s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 25s
CI / Detect changes (pull_request) Successful in 25s
E2E API Smoke Test / detect-changes (pull_request) Successful in 26s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 28s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 27s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 4s
CI / Platform (Go) (pull_request) Successful in 3s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 4s
CI / Canvas (Next.js) (pull_request) Successful in 5s
CI / Python Lint & Test (pull_request) Successful in 4s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 5s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 5s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 5s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
audit-force-merge / audit (pull_request) Successful in 13s
security
tier:low
fix: CWE-117 sanitized stderr
Some checks failed
publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 17s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 21s
publish-runtime-autobump / pr-validate (pull_request) Successful in 50s
E2E API Smoke Test / detect-changes (pull_request) Successful in 1m3s
sop-tier-check / tier-check (pull_request) Successful in 17s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 1m3s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 1m4s
CI / Detect changes (pull_request) Successful in 1m9s
gate-check-v3 / gate-check (pull_request) Failing after 24s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 55s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 11s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 10s
CI / Platform (Go) (pull_request) Successful in 9s
CI / Canvas (Next.js) (pull_request) Successful in 9s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 5s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 9s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
audit-force-merge / audit (pull_request) Successful in 22s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2m41s
CI / Python Lint & Test (pull_request) Successful in 7m25s
security
tier:high
fix(workspace): restore _sanitize_for_external and stderr parameter (CWE-117, closes #471)
Some checks failed
audit-force-merge / audit (pull_request) Has been skipped
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 19s
E2E Staging SaaS (full lifecycle) / E2E Staging SaaS (pull_request) Has been skipped
Harness Replays / detect-changes (pull_request) Successful in 20s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 16s
publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped
CI / Detect changes (pull_request) Successful in 1m1s
E2E API Smoke Test / detect-changes (pull_request) Successful in 56s
E2E Staging SaaS (full lifecycle) / pr-validate (pull_request) Successful in 1m0s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 1m3s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 1m1s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 26s
publish-runtime-autobump / pr-validate (pull_request) Successful in 59s
qa-review / approved (pull_request) Failing after 27s
security-review / approved (pull_request) Failing after 25s
gate-check-v3 / gate-check (pull_request) Successful in 38s
sop-tier-check / tier-check (pull_request) Successful in 25s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 1m14s
Harness Replays / Harness Replays (pull_request) Successful in 10s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 10s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 25s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 3m24s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Failing after 6m14s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 7m19s
CI / Python Lint & Test (pull_request) Successful in 8m10s
CI / Platform (Go) (pull_request) Failing after 13m48s
CI / Canvas (Next.js) (pull_request) Failing after 13m47s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
security
tier:high
tier:low
#431
by fullstack-engineer was closed 2026-05-11 15:34:40 +00:00
2 / 2
1 approval
2 change requests
4 conflicting files