Issues [highway-workflow-engine]

ID	Title	Status	Priority	Created	Due Date	Actions
#510	[ENGINE/Memory] Vault secret cache entries never proactively removed File: engine/config.py:82-83 Problem: Cache entries are checked for expiration on read but ...	closed	high	2025-12-17 14:58	-	Edit
#509	[ENGINE/Memory] Unbounded tenant config cache cleanup File: engine/config.py:593-610 Problem: The tenant config cache can grow unbounded if tenan...	closed	high	2025-12-17 14:58	-	Edit
#493	Race: Approval double-processing api/blueprints/v1/approvals.py:88-122 - Concurrent approve requests can both succeed, sending duplic...	closed	high	2025-12-17 02:57	-	Edit
#492	Performance: Synchronous subprocess blocks event loop api/blueprints/v1/workflows.py:115-122 - subprocess.run() blocks async handler for up to 10s. Stalls...	closed	high	2025-12-17 02:57	-	Edit
#491	Performance: N+1 query in queue analytics api/blueprints/v1/analytics.py:63-68 - Database query inside loop for each queue. 50 queues = 51 que...	closed	high	2025-12-17 02:57	-	Edit
#490	Performance: JWT config fetched from Vault on EVERY request api/oauth_handlers/oauth2.py:128 - get_oauth2_config() fetches 4 secrets from Vault on every authent...	closed	high	2025-12-17 02:57	-	Edit
#481	Performance: Regex not pre-compiled in activity_context.py engine/activity_context.py:151-160 - resolve_variable_references() compiles regex on every call. Hot...	closed	high	2025-12-17 02:25	-	Edit
#480	Race Condition: Circuit breaker storage singleton without lock engine/config.py:337-365 - _get_circuit_breaker_storage() creates singleton without thread-safe lock...	closed	high	2025-12-17 02:25	-	Edit
#474	Performance: Regex compiled on every call in variable_resolver.py engine/interpreters/variable_resolver.py lines 196, 207, 240 Hot path compiles regex patterns on ev...	closed	high	2025-12-17 01:42	-	Edit
#473	Race Condition: Vault cache read-modify-write without lock engine/config.py:227-285 Vault cache operations not protected by lock: 1. Cache read at line 227-24...	closed	high	2025-12-17 01:42	-	Edit
#472	Race Condition: StorageService.provider lazy init without lock engine/services/storage_service.py:67-76 StorageService.provider property uses lazy initialization ...	closed	high	2025-12-17 01:42	-	Edit
#465	Race Condition: TOCTOU in http_request.py and shell_command.py cache check Two files have Time-Of-Check-Time-Of-Use (TOCTOU) race conditions in _should_clear_cache(): 1. engi...	closed	high	2025-12-17 01:11	-	Edit
#463	Memory Leak: _active_tokens never auto-cleaned in execution_token.py engine/sandbox/execution_token.py:309,312-328 stores ExecutionToken instances in _active_tokens dict...	closed	high	2025-12-17 01:11	-	Edit
#462	Memory Leak: Unbounded _tenant_config_instances in config.py engine/config.py:584,598-605 has unbounded _tenant_config_instances dict. Each unique tenant_id cre...	closed	high	2025-12-17 01:11	-	Edit
#461	Memory Leak: Unbounded circuit breaker caches in docker/client.py, email_tool.py, llm.py Multiple files have unbounded module-level circuit breaker caches without TTL or max size limits: 1...	closed	high	2025-12-17 01:11	-	Edit
#459	HIGH: Performance - list() to tuple() conversions Unnecessary list allocations: 1. list(dict.keys())[-1] -> tuple (inline_executor.py:690,893) 2. list...	closed	high	2025-12-17 00:17	-	Edit
#456	HIGH: Activity circuit breaker cache unbounded growth File: engine/services/activity_worker.py:49 _activity_circuit_breaker_cache dict has no TTL, no max ...	closed	high	2025-12-17 00:17	-	Edit
#455	HIGH: 9 singleton race conditions without locking Multiple singletons in engine/ lack thread-safe initialization: 1. AbsurdClient (absurd_client.py:14...	closed	high	2025-12-17 00:17	-	Edit
#452	Sandbox wrapper.py JSON quoting vulnerability causes SyntaxError In sandboxed_executor.py lines 187-188, args/kwargs are embedded in single-quoted strings: ```pytho...	closed	high	2025-12-16 11:23	-	Edit
#444	P2: Mark Telemetry as Provisional Until Commit Issue #8 from review: Phantom success logs. Location: engine/sidecar_telemetry.py. Finding: autocomm...	closed	high	2025-12-16 00:56	-	Edit

Previous Page 8 of 17 Next