| #784 |
HIGH: Event subscription silently overwrites existing subscription
create_event_subscription INSERT uses ON CONFLICT DO UPDATE, silently replacing existing subscriptio...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #783 |
HIGH: complete_run locks run but not task table - state inconsistency risk
complete_run locks run row with FOR UPDATE but updates task table without locking. Another process c...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #782 |
HIGH: Secret cache TTL too long at 1 hour
SecretManager uses 1-hour TTL for secret cache. If a secret is rotated in Vault, workflows use stale...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #781 |
HIGH: HeartbeatService SKIP LOCKED may cause premature task timeout
HeartbeatService uses FOR UPDATE SKIP LOCKED, skipping rows locked by workflow transaction. If workf...
|
closed |
high |
2026-01-02 03:32 |
- |
|
| #780 |
CRITICAL: cleanup_expired_rate_leases row-by-row loop has race condition
Function deletes leases and refills tokens row-by-row without atomic locking. Concurrent consume_rat...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #779 |
CRITICAL: DLQ insert without idempotency check causes duplicates
INSERT into jumper.dead_letter has no ON CONFLICT clause. If move_to_dlq is called twice (retry bug ...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #778 |
CRITICAL: sync_workflow_run_from_jumper_run trigger missing row-level lock
Trigger reads workflow_run.status without FOR UPDATE locking. Two parallel branch completions can ra...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #777 |
CRITICAL: event_gateway_service.py missing workflow_run_id on emit_event
Multiple emit_event calls in EventGatewayService lack workflow_run_id (lines 146, 189, 349). Will ca...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #776 |
CRITICAL: approval_service.py missing workflow_run_id on emit_event
ApprovalService.approve() and reject() methods emit events without passing workflow_run_id. Since mi...
|
closed |
critical |
2026-01-02 03:32 |
- |
|
| #775 |
Race condition in parallel branch wake processing causes workflow failure
When multiple parallel branches complete in rapid succession, multiple wake events are emitted. If t...
|
closed |
high |
2026-01-02 03:00 |
- |
|
| #774 |
demo-ultimate test failing: missing FINAL_2, FINAL_3 operations
The demo-ultimate test is failing with missing operations. Counter ends at 28 instead of 30. Missing...
|
closed |
high |
2026-01-02 02:46 |
- |
|
| #773 |
workflow_run.status not updated when task starts running
When a workflow is submitted, workflow_run.status is set to 'pending' but never updated to 'running'...
|
closed |
high |
2026-01-02 02:00 |
- |
|
| #772 |
Platform tenants not exempt from rate limits causing bootstrap failure
Bootstrap failed in production due to rate limits. _platform and platform tenants get identical rate...
|
closed |
high |
2026-01-02 01:43 |
- |
|
| #771 |
MEDIUM: Wake event state corruption during simultaneous timeout and event
Issue #6 from audit: When timeout and event arrive simultaneously, set_run_sleeping_without_reschedu...
|
closed |
medium |
2026-01-02 00:58 |
- |
|
| #770 |
HIGH: Event await/emit race condition for infinite timeout waits
Issue #5 from audit: Race window between await_event event check and wait registration. If emit_even...
|
closed |
high |
2026-01-02 00:58 |
- |
|
| #769 |
MEDIUM: claim_task() should filter by tenant_id for multi-tenant isolation
Issue #3 from audit: claim_task() SQL function doesn't filter by tenant_id. Tasks have tenant_id col...
|
closed |
medium |
2026-01-02 00:57 |
- |
|
| #768 |
VERIFIED: HeartbeatService/TimeoutService fix already in place
Issue #759 already implemented: HeartbeatService extends claim_expires_at on each heartbeat (lines 2...
|
closed |
low |
2026-01-02 00:53 |
- |
|
| #767 |
CRITICAL: Multi-tenant isolation gap in checkpoint queries
jumper_client.py:947-959 has unsafe fallback allowing queries without tenant_id filter. Cross-tenant...
|
closed |
critical |
2026-01-02 00:53 |
- |
|
| #766 |
CRITICAL: TOCTOU in orchestrator task claiming
orchestrator.py:520-530 checks claimed_by but not state='claimed'. Between claim_task() and UPDATE (...
|
closed |
critical |
2026-01-02 00:53 |
- |
|
| #765 |
CRITICAL: State machine violation in _fail_run() unconditional reset
orchestrator.py:1117-1122 unconditionally sets state='running' without checking current state or cla...
|
closed |
critical |
2026-01-02 00:53 |
- |
|