| #788 |
Async deferral tests timing out (3 failures)
Tests test_async_deferral_basic, test_async_deferral_quick_job, and test_async_deferral_multiple_job...
|
closed |
high |
2026-01-02 05:15 |
- |
|
| #787 |
HIGH: Alert state lost on service restart causes alert storms
_last_alerts dict is in-memory only. On restart, all cooldown tracking lost, duplicate alerts flood ...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #786 |
HIGH: Approval tokens not invalidated when workflow completes
Tokens stored in DB without automatic invalidation on workflow completion. Stale tokens could be use...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #785 |
HIGH: DeadLetterService deletes before confirming DLQ insert success
Sequence: INSERT DLQ, DELETE run, DELETE task. If DELETE from run fails, task is in DLQ but still in...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #784 |
HIGH: Event subscription silently overwrites existing subscription
create_event_subscription INSERT uses ON CONFLICT DO UPDATE, silently replacing existing subscriptio...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #783 |
HIGH: complete_run locks run but not task table - state inconsistency risk
complete_run locks run row with FOR UPDATE but updates task table without locking. Another process c...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #782 |
HIGH: Secret cache TTL too long at 1 hour
SecretManager uses 1-hour TTL for secret cache. If a secret is rotated in Vault, workflows use stale...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #781 |
HIGH: HeartbeatService SKIP LOCKED may cause premature task timeout
HeartbeatService uses FOR UPDATE SKIP LOCKED, skipping rows locked by workflow transaction. If workf...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #780 |
CRITICAL: cleanup_expired_rate_leases row-by-row loop has race condition
Function deletes leases and refills tokens row-by-row without atomic locking. Concurrent consume_rat...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #779 |
CRITICAL: DLQ insert without idempotency check causes duplicates
INSERT into jumper.dead_letter has no ON CONFLICT clause. If move_to_dlq is called twice (retry bug ...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #778 |
CRITICAL: sync_workflow_run_from_jumper_run trigger missing row-level lock
Trigger reads workflow_run.status without FOR UPDATE locking. Two parallel branch completions can ra...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #777 |
CRITICAL: event_gateway_service.py missing workflow_run_id on emit_event
Multiple emit_event calls in EventGatewayService lack workflow_run_id (lines 146, 189, 349). Will ca...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #776 |
CRITICAL: approval_service.py missing workflow_run_id on emit_event
ApprovalService.approve() and reject() methods emit events without passing workflow_run_id. Since mi...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #775 |
Race condition in parallel branch wake processing causes workflow failure
When multiple parallel branches complete in rapid succession, multiple wake events are emitted. If t...
|
closed |
high |
2026-01-02 03:00 |
- |
|
| #774 |
demo-ultimate test failing: missing FINAL_2, FINAL_3 operations
The demo-ultimate test is failing with missing operations. Counter ends at 28 instead of 30. Missing...
|
closed |
high |
2026-01-02 02:46 |
- |
|
| #773 |
workflow_run.status not updated when task starts running
When a workflow is submitted, workflow_run.status is set to 'pending' but never updated to 'running'...
|
closed |
high |
2026-01-02 02:00 |
- |
|
| #772 |
Platform tenants not exempt from rate limits causing bootstrap failure
Bootstrap failed in production due to rate limits. _platform and platform tenants get identical rate...
|
closed |
high |
2026-01-02 01:43 |
- |
|
| #771 |
MEDIUM: Wake event state corruption during simultaneous timeout and event
Issue #6 from audit: When timeout and event arrive simultaneously, set_run_sleeping_without_reschedu...
|
closed |
medium |
2026-01-02 00:58 |
- |
|
| #770 |
HIGH: Event await/emit race condition for infinite timeout waits
Issue #5 from audit: Race window between await_event event check and wait registration. If emit_even...
|
closed |
high |
2026-01-02 00:58 |
- |
|
| #769 |
MEDIUM: claim_task() should filter by tenant_id for multi-tenant isolation
Issue #3 from audit: claim_task() SQL function doesn't filter by tenant_id. Tasks have tenant_id col...
|
closed |
medium |
2026-01-02 00:57 |
- |
|