Issues [highway-workflow-engine]

ID	Title	Status	Priority	Created	Due Date	Actions
#528	[API/Perf] Regex compilation in hot paths - multiple locations Files: - api/blueprints/v1/steps.py:377 - search regex compiled per-request - api/blueprints/v1/...	closed	medium	2025-12-17 15:00	-	Edit
#527	[API/Perf] Sync subprocess blocks async event loop File: api/blueprints/v1/workflows.py:115-122 Problem: `subprocess.run()` is synchronous and...	closed	high	2025-12-17 15:00	-	Edit
#526	[API/Perf] JWT config fetched from Vault on EVERY request File: api/oauth_handlers/oauth2.py:115-133 Problem: `verify_jwt_token()` calls `get_oauth2_...	closed	critical	2025-12-17 15:00	-	Edit
#525	[API/Perf] N+1 query in queue analytics endpoint File: api/blueprints/v1/analytics.py:63-68 Problem: For N queues, executes N+1 queries (1 f...	closed	critical	2025-12-17 15:00	-	Edit
#524	[API/Race] App installation duplicate on concurrent request File: api/blueprints/v1/tenant_apps.py:174-200 Problem: Check for existing installation (SE...	closed	medium	2025-12-17 15:00	-	Edit
#523	[API/Race] Signal duplicate send - no idempotency File: api/blueprints/v1/signals.py:33-64 Problem: Client retries can send duplicate signals...	closed	high	2025-12-17 14:59	-	Edit
#522	[API/Race] Rate limiter TOCTOU - incorrect quota enforcement File: api/middleware/rate_limiter.py:22-47 Problem: `check_quota()` and `get_tenant_stats()...	closed	high	2025-12-17 14:59	-	Edit
#521	[API/Race] Workflow definition hash collision on concurrent submit File: api/blueprints/v1/workflows.py:236-256 Problem: Two concurrent submissions of same wo...	closed	high	2025-12-17 14:59	-	Edit
#520	[API/Race] Approval double-processing - duplicate workflow signals File: api/blueprints/v1/approvals.py:88-122 Problem: Two users clicking Approve simultaneou...	closed	critical	2025-12-17 14:59	-	Edit
#519	[API/Memory] Workflow graph generation - unbounded recursion File: api/blueprints/v1/workflows.py:1283-1307, 1488-1526 Problem: Deeply nested workflows ...	closed	high	2025-12-17 14:59	-	Edit
#518	[API/Memory] Workflow list query - unbounded days filter File: api/blueprints/v1/workflows.py:814-885 Problem: User can request `?days=36500` (100 y...	closed	high	2025-12-17 14:59	-	Edit
#517	[API/Memory] DataShard table unbounded memory loading File: api/blueprints/v1/logs.py:90-119 Problem: `_read_table_to_pandas()` loads ENTIRE Data...	closed	critical	2025-12-17 14:59	-	Edit
#516	[ENGINE/Data] Sensitive keyword patterns should use frozenset Files: - engine/apps/executor.py:841 - engine/services/event_gateway_service.py:625 **Problem:...	closed	low	2025-12-17 14:59	-	Edit
#515	[ENGINE/Perf] Regex compiled inline in durable_context.py File: engine/durable_context.py:1621 Problem: Regex pattern compiled inline rather than at ...	closed	medium	2025-12-17 14:59	-	Edit
#514	[ENGINE/Perf] Regex compiled on every call in activity_context.py hot path File: engine/activity_context.py:151-160 Problem: Pattern `r"\{\{([^}]+)\}\}"` is compiled ...	closed	high	2025-12-17 14:59	-	Edit
#513	[ENGINE/Race] Sidecar telemetry singleton __init__ race File: engine/sidecar_telemetry.py:74-81 Problem: Singleton pattern with __new__ but attribu...	closed	medium	2025-12-17 14:59	-	Edit
#512	[ENGINE/Race] Tenant config cache snapshot TOCTOU race File: engine/config.py:640-661 Problem: TOCTOU between cache snapshot and cleanup - another...	closed	high	2025-12-17 14:58	-	Edit
#511	[ENGINE/Race] Circuit breaker storage singleton missing lock File: engine/config.py:337-365 Problem: Missing lock for singleton initialization. Two thre...	closed	high	2025-12-17 14:58	-	Edit
#510	[ENGINE/Memory] Vault secret cache entries never proactively removed File: engine/config.py:82-83 Problem: Cache entries are checked for expiration on read but ...	closed	high	2025-12-17 14:58	-	Edit
#509	[ENGINE/Memory] Unbounded tenant config cache cleanup File: engine/config.py:593-610 Problem: The tenant config cache can grow unbounded if tenan...	closed	high	2025-12-17 14:58	-	Edit

Previous Page 15 of 39 Next