Issues [highway-workflow-engine]

ID	Title	Status	Priority	Created	Due Date	Actions
#520	[API/Race] Approval double-processing - duplicate workflow signals File: api/blueprints/v1/approvals.py:88-122 Problem: Two users clicking Approve simultaneou...	closed	critical	2025-12-17 14:59	-	Edit
#519	[API/Memory] Workflow graph generation - unbounded recursion File: api/blueprints/v1/workflows.py:1283-1307, 1488-1526 Problem: Deeply nested workflows ...	closed	high	2025-12-17 14:59	-	Edit
#518	[API/Memory] Workflow list query - unbounded days filter File: api/blueprints/v1/workflows.py:814-885 Problem: User can request `?days=36500` (100 y...	closed	high	2025-12-17 14:59	-	Edit
#517	[API/Memory] DataShard table unbounded memory loading File: api/blueprints/v1/logs.py:90-119 Problem: `_read_table_to_pandas()` loads ENTIRE Data...	closed	critical	2025-12-17 14:59	-	Edit
#516	[ENGINE/Data] Sensitive keyword patterns should use frozenset Files: - engine/apps/executor.py:841 - engine/services/event_gateway_service.py:625 **Problem:...	closed	low	2025-12-17 14:59	-	Edit
#515	[ENGINE/Perf] Regex compiled inline in durable_context.py File: engine/durable_context.py:1621 Problem: Regex pattern compiled inline rather than at ...	closed	medium	2025-12-17 14:59	-	Edit
#514	[ENGINE/Perf] Regex compiled on every call in activity_context.py hot path File: engine/activity_context.py:151-160 Problem: Pattern `r"\{\{([^}]+)\}\}"` is compiled ...	closed	high	2025-12-17 14:59	-	Edit
#513	[ENGINE/Race] Sidecar telemetry singleton __init__ race File: engine/sidecar_telemetry.py:74-81 Problem: Singleton pattern with __new__ but attribu...	closed	medium	2025-12-17 14:59	-	Edit
#512	[ENGINE/Race] Tenant config cache snapshot TOCTOU race File: engine/config.py:640-661 Problem: TOCTOU between cache snapshot and cleanup - another...	closed	high	2025-12-17 14:58	-	Edit
#511	[ENGINE/Race] Circuit breaker storage singleton missing lock File: engine/config.py:337-365 Problem: Missing lock for singleton initialization. Two thre...	closed	high	2025-12-17 14:58	-	Edit
#510	[ENGINE/Memory] Vault secret cache entries never proactively removed File: engine/config.py:82-83 Problem: Cache entries are checked for expiration on read but ...	closed	high	2025-12-17 14:58	-	Edit
#509	[ENGINE/Memory] Unbounded tenant config cache cleanup File: engine/config.py:593-610 Problem: The tenant config cache can grow unbounded if tenan...	closed	high	2025-12-17 14:58	-	Edit
#508	Race: Rate limiter TOCTOU api/middleware/rate_limiter.py:22-47 - check_quota and get_tenant_stats in separate calls. Stats may...	closed	low	2025-12-17 02:58	-	Edit
#507	Memory: Workflow graph recursion no limit api/blueprints/v1/workflows.py:1283-1307 - _extract_all_tasks recursion has no depth limit. Maliciou...	closed	medium	2025-12-17 02:58	-	Edit
#506	Performance: Constant list should be tuple (tasks.py) api/blueprints/v1/tasks.py:23 - QUEUES is mutable list. FIX: Use tuple for immutability.	closed	low	2025-12-17 02:58	-	Edit
#505	Performance: Constant list should be tuple (apps.py) api/blueprints/v1/apps.py:158-167 - valid_categories is mutable list. FIX: Use tuple or frozenset fo...	closed	low	2025-12-17 02:57	-	Edit
#504	Performance: List instead of frozenset for membership (validators) api/middleware/validators.py:123 - valid_statuses is list, O(n) lookup. FIX: Use frozenset for O(1).	closed	low	2025-12-17 02:57	-	Edit
#503	Performance: Import inside function (workflows.py) api/blueprints/v1/workflows.py:77 - 'import re' inside convert_python_dsl_to_json function. FIX: Mov...	closed	low	2025-12-17 02:57	-	Edit
#502	Performance: Regex not pre-compiled (DSL main block) api/blueprints/v1/workflows.py:81-86 - re.sub() with inline pattern on every DSL conversion. FIX: Pr...	closed	low	2025-12-17 02:57	-	Edit
#501	Performance: Regex not pre-compiled (app_name) api/blueprints/v1/apps.py:147 - re.match() with inline pattern on every app creation. FIX: Pre-compi...	closed	low	2025-12-17 02:57	-	Edit

Previous Page 16 of 40 Next