| #684 |
TXN-01: Rate limit lease uses separate connection causing token exhaustion
Location: orchestrator.py:446-459. Issue: Rate limiter consume_with_lease uses its own committed tra...
|
closed |
critical |
2025-12-25 02:55 |
- |
|
| #683 |
SEC-03: Artifact download endpoint lacks authentication
Location: api/blueprints/v1/artifacts.py:260. Issue: Artifacts can be downloaded by anyone who knows...
|
closed |
critical |
2025-12-25 02:55 |
- |
|
| #682 |
SEC-02: Pickle deserialization RCE vulnerability
Location: engine/rag/assistant.py:116. Issue: pickle.loads() on data from database is an RCE vector....
|
closed |
critical |
2025-12-25 02:55 |
- |
|
| #681 |
Health monitor IPC isolation fix
Fixed health_monitor app to use IPC-safe database access method (run_internal_sql) instead of direct...
|
closed |
low |
2025-12-25 01:59 |
- |
|
| #680 |
API workflow endpoints using cursor without dict_row
Bug: Several API endpoints in api/blueprints/v1/workflows.py used conn.cursor() without specifying r...
|
closed |
high |
2025-12-25 00:32 |
- |
|
| #679 |
CLI submit was not storing Python DSL source code
Bug: When submitting Python DSL workflows via CLI, the python_dsl source was not being passed to the...
|
closed |
high |
2025-12-25 00:22 |
- |
|
| #678 |
Security: Isolate Python DSL compilation in sandboxed container
CRITICAL SECURITY ISSUE: Python DSL code currently executes on API server with full access to databa...
|
closed |
critical |
2025-12-24 22:51 |
- |
|
| #677 |
Progress shows <100% for completed workflows with switch/conditional branches
When workflows use switch operators or conditional branches, unexecuted branches count against progr...
|
closed |
high |
2025-12-24 22:29 |
- |
|
| #676 |
Progress shows 93% for completed workflow due to LIMIT 50 dropping early events
When workflows have >50 events, Query 3 (LIMIT 50) drops early step_succeeded events. Example: compl...
|
closed |
high |
2025-12-24 22:08 |
- |
|
| #675 |
Progress percentage bug: branch task events inflating completed_steps count
When workflows use parallel operators (fork/join patterns), the progress.percentage can exceed 100% ...
|
closed |
high |
2025-12-24 21:56 |
- |
|
| #674 |
Implemented real-time visibility fields in GET /workflows/{id} endpoint:
1. Added current_step - shows which step is currently executing/sleeping (extracted from payload->>'step_name')
2. Added progress object with completed_steps, total_steps, percentage
3. Added activities_summary with pending/running/completed/failed counts from highway.activity_queue
4. Added last_event with event_type and timestamp
Fixed SQL query to extract step_name from JSONB payload field using payload->>'step_name' instead of non-existent column.
Tested with parallel activity workflows:
- Successfully shows 'sleeping' status with current step (wait_task1, wait_task2, etc.)
- Progress correctly shows 4/8 (50%) during execution
- Activities summary shows run=3 during execution, done=3 after completion
- Final state shows completed with 8/8 (100%)
Note: SSE/WebSocket for real-time push updates can be added in a future enhancement.
Problem: For long-running workflows, users are blind to progress during execution. They have to poll...
|
closed |
high |
2025-12-24 21:13 |
- |
|
| #673 |
Fix dict_row cursor access bugs in workflows and secrets APIs
Fixed two instances of tuple index access on dict_row cursor results:
1. api/blueprints/v1/workflow...
|
closed |
high |
2025-12-24 20:51 |
- |
|
| #672 |
RAG embedding cache moved to PostgreSQL
Fixed RAG embedding cache that was causing hundreds of /embedding requests. Changed from file-based ...
|
closed |
high |
2025-12-24 04:24 |
- |
|
| #671 |
Add OrphanDetectionService for stuck workflows
Need a background service that periodically scans for orphaned workflows where:
- workflow_run.statu...
|
closed |
high |
2025-12-24 03:30 |
- |
|
| #670 |
CRITICAL: Branch tasks must not update parent workflow_run status
Branch tasks were updating the parent workflow_run status to 'sleeping' even after the parent task h...
|
closed |
critical |
2025-12-24 03:30 |
- |
|
| #669 |
Artifact storage config bug - fallback parameter
The artifact_service.py was using config.get() with fallback= parameter which doesn't exist in our C...
|
closed |
low |
2025-12-23 21:39 |
- |
|
| #668 |
Bulkhead timeout has race condition with abandoned threads
When task times out in bulkhead, the thread may still be running. Fixed by: 1) Adding immediate erro...
|
closed |
high |
2025-12-23 20:45 |
- |
|
| #667 |
Intermediate task failures have no visibility in workflow_run
When task fails but has retries remaining, workflow_run showed no indication of failure/retry. Fixed...
|
closed |
medium |
2025-12-23 20:45 |
- |
|
| #666 |
Circuit breaker path missing workflow_run status update
When circuit breaker trips (ProtectedCallError), task is scheduled for retry but workflow_run.error ...
|
closed |
high |
2025-12-23 20:45 |
- |
|
| #665 |
cancel_task() does not update workflow_run status
AbsurdClient.cancel_task() updated absurd task to 'cancelled' but workflow_run.status was updated in...
|
closed |
critical |
2025-12-23 20:45 |
- |
|