-
Notifications
You must be signed in to change notification settings - Fork 285
Pull requests: ritesh-1918/HELPDESK.AI
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
fix: wire up AuditLoggerMiddleware + audit admin/profile mutations (#…
#3434
opened Jul 8, 2026 by
Nancy-3012
Loading…
test: add privilege escalation tests for master_admin role assignment and cross-tenant access
#3432
opened Jul 8, 2026 by
Aryanbansal-05
Loading…
fix: enforce SSL certificate verification in OAuth provider, replace hardcoded CERT_NONE
#3431
opened Jul 8, 2026 by
Aryanbansal-05
Loading…
fix(high): CSRF cookie missing HttpOnly flag enables token theft via XSS
#3428
opened Jul 7, 2026 by
namann5
Contributor
Loading…
fix(critical): SAML signature bypass - remove lax fallback allowing forged assertions
#3427
opened Jul 7, 2026 by
namann5
Contributor
Loading…
2 tasks done
feat: enforce master_admin and company_admin authorization on platfor…
#3423
opened Jul 6, 2026 by
Daksh7785
Loading…
fix(auth): implement refresh token rotation endpoint
#3421
opened Jul 6, 2026 by
Daksh7785
Loading…
5 tasks done
fix: secure root endpoint to serve static HTML from file
#3419
opened Jul 6, 2026 by
Daksh7785
Loading…
6 tasks done
fix(security): add HTTP security headers middleware
#3417
opened Jul 6, 2026 by
Daksh7785
Loading…
6 tasks done
fix(security): add MIME-type and size validation to OCR endpoint
#3415
opened Jul 6, 2026 by
Daksh7785
Loading…
6 tasks done
feat(security): add automated secret scanning in CI and pre-commit hook
#3413
opened Jul 6, 2026 by
Daksh7785
Loading…
6 tasks done
fix(auth): enforce supabase least privilege and RLS for user-facing r…
#3411
opened Jul 6, 2026 by
Daksh7785
Loading…
6 tasks done
fix(auth): implement brute-force protection and account lockout
#3409
opened Jul 6, 2026 by
Daksh7785
Loading…
6 tasks done
fix(auth): apply rate limiting to authentication routes
#3407
opened Jul 6, 2026 by
Daksh7785
Loading…
6 tasks done
fix: narrow credentialed CORS permissions
#3402
opened Jul 5, 2026 by
saurabhhhcodes
Contributor
Loading…
fix: move mobile backend URL into Expo config
#3401
opened Jul 5, 2026 by
saurabhhhcodes
Contributor
Loading…
fix: remove client-side AI provider key usage
#3400
opened Jul 5, 2026 by
saurabhhhcodes
Contributor
Loading…
fix(security): implement double-submit cookie CSRF protection
#3399
opened Jul 5, 2026 by
Daksh7785
Loading…
fix: add rate limiting to auth endpoints
#3398
opened Jul 5, 2026 by
saurabhhhcodes
Contributor
Loading…
fix(security): restrict CORS wildcard methods and headers
#3396
opened Jul 5, 2026 by
Daksh7785
Loading…
6 tasks done
chore: stop tracking local cache and editor files
#3394
opened Jul 5, 2026 by
saurabhhhcodes
Contributor
Loading…
Previous Next
ProTip!
Updated in the last three days: updated:>2026-07-07.