Issues [highway-workflow-engine]

ID	Title	Status	Priority	Created	Due Date	Actions
#564	[MEDIUM] apps.py TOCTOU in update_app/delete_app/publish_version Multiple TOCTOU race conditions in apps.py: 1) update_app(): SELECT then UPDATE without locking 2) d...	closed	medium	2025-12-17 16:32	-	Edit
#563	[API/Memory] logs.py DataFrame copies on every filter operation File: api/blueprints/v1/logs.py:392-410. Multiple filtering operations create 5+ DataFrame copies. F...	closed	medium	2025-12-17 16:30	-	Edit
#562	[API/Perf] logs.py df.iterrows() performance anti-pattern File: api/blueprints/v1/logs.py:412. df.iterrows() is notoriously slow - creates a Series for each r...	closed	medium	2025-12-17 16:30	-	Edit
#561	[API/Memory] tenant_apps.py unbounded tool list in list_available_tools File: api/blueprints/v1/tenant_apps.py:1256-1298. No pagination. Tenant with many installed apps wit...	closed	medium	2025-12-17 16:30	-	Edit
#560	[API/Race] tenant_apps.py TOCTOU in update_configuration File: api/blueprints/v1/tenant_apps.py:746-789. SELECT current config, merge, then UPDATE. Concurren...	closed	medium	2025-12-17 16:30	-	Edit
#559	[API/Race] tenant_apps.py TOCTOU in enable_app/disable_app File: api/blueprints/v1/tenant_apps.py:554-657. SELECT to check current status, then UPDATE. Concurr...	closed	medium	2025-12-17 16:30	-	Edit
#558	[API/Race] tenant_apps.py TOCTOU in upgrade_app File: api/blueprints/v1/tenant_apps.py:442-513. Multiple sequential SELECTs (current installation, t...	closed	medium	2025-12-17 16:30	-	Edit
#528	[API/Perf] Regex compilation in hot paths - multiple locations Files: - api/blueprints/v1/steps.py:377 - search regex compiled per-request - api/blueprints/v1/...	closed	medium	2025-12-17 15:00	-	Edit
#524	[API/Race] App installation duplicate on concurrent request File: api/blueprints/v1/tenant_apps.py:174-200 Problem: Check for existing installation (SE...	closed	medium	2025-12-17 15:00	-	Edit
#515	[ENGINE/Perf] Regex compiled inline in durable_context.py File: engine/durable_context.py:1621 Problem: Regex pattern compiled inline rather than at ...	closed	medium	2025-12-17 14:59	-	Edit
#513	[ENGINE/Race] Sidecar telemetry singleton __init__ race File: engine/sidecar_telemetry.py:74-81 Problem: Singleton pattern with __new__ but attribu...	closed	medium	2025-12-17 14:59	-	Edit
#507	Memory: Workflow graph recursion no limit api/blueprints/v1/workflows.py:1283-1307 - _extract_all_tasks recursion has no depth limit. Maliciou...	closed	medium	2025-12-17 02:58	-	Edit
#499	Performance: Regex compiled inside hot path (steps) api/blueprints/v1/steps.py:377 - re.compile() called on every log search request. FIX: Module-level ...	closed	medium	2025-12-17 02:57	-	Edit
#498	Memory: Days filter unbounded query DoS api/blueprints/v1/workflows.py:814-885 - No upper bound on days param. User can request days=36500 l...	closed	medium	2025-12-17 02:57	-	Edit
#497	Memory: DataShard table unbounded loading api/blueprints/v1/logs.py:90-119 - _read_table_to_pandas loads ENTIRE parquet tables. No pagination ...	closed	medium	2025-12-17 02:57	-	Edit
#496	Race: Workflow definition hash collision api/blueprints/v1/workflows.py:236-256 - Concurrent submissions of same workflow can fail. FIX: Use ...	closed	medium	2025-12-17 02:57	-	Edit
#495	Race: App installation duplicate api/blueprints/v1/tenant_apps.py:174-200 - TOCTOU in SELECT-then-INSERT. Concurrent installs cause 5...	closed	medium	2025-12-17 02:57	-	Edit
#494	Race: Signal duplicate send without idempotency api/blueprints/v1/signals.py:33-64 - Concurrent POST /signals can create duplicate signals. FIX: Add...	closed	medium	2025-12-17 02:57	-	Edit
#489	Memory: Vault cache expired entries never proactively removed engine/config.py:82 - _vault_cache entries checked on read but expired entries never proactively cle...	closed	medium	2025-12-17 02:25	-	Edit
#486	Performance: Inefficient double iteration in secret_manager cache eviction engine/services/secret_manager.py:342 - List comprehension extracts keys from already-converted list...	closed	medium	2025-12-17 02:25	-	Edit

Previous Page 4 of 12 Next