-
Notifications
You must be signed in to change notification settings - Fork 0
Issues
is:issue state:open
is:issue state:open
Issue creation is restricted in this repository
Search results
bug(pipes): serialize NaN/Inf as null instead of opaque 500 "json: unsupported value: NaN"
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewarearea/pipesNamed query pipesNamed query pipesbugSomething isn't workingSomething isn't workingStatus: Open.#365 In Wave-RF/WaveHouse;bug/feat(pipes): WH_PIPES_DIR bootstrap can't declare allowed_roles/params (lands admin-only); inline empty default
{{name:}}treated as requiredarea/pipesNamed query pipesNamed query pipesarea/policyAccess control policies (Hasura-style)Access control policies (Hasura-style)bugSomething isn't workingSomething isn't workingenhancementNew feature or requestNew feature or requestStatus: Open.#363 In Wave-RF/WaveHouse;SSE/live-query yields no events for tables populated by a ClickHouse MATERIALIZED VIEW (only ingest-API writes republish to NATS)
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewarearea/ingestIngest pipeline (Bento, batching, DLQ)Ingest pipeline (Bento, batching, DLQ)enhancementNew feature or requestNew feature or requestStatus: Open.#362 In Wave-RF/WaveHouse;feat(api): first-class multi-statement DDL/migration application (provision a tenant without direct ClickHouse access)
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewareenhancementNew feature or requestNew feature or requestStatus: Open.#361 In Wave-RF/WaveHouse;bug(infra): CH merge-failure loop fills disk via system logs → embedded NATS can't boot → bare 502
area/infraCI, build, deploy, Docker, releaseCI, build, deploy, Docker, releasearea/observabilityMetrics, logs, traces, health, profilingMetrics, logs, traces, health, profilingbugSomething isn't workingSomething isn't workingStatus: Open.#360 In Wave-RF/WaveHouse;Separate management-plane auth from data-plane auth (platform operator credential)
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewarearea/policyAccess control policies (Hasura-style)Access control policies (Hasura-style)breaking-changeBreaking change to public API, CLI, or configBreaking change to public API, CLI, or configenhancementNew feature or requestNew feature or requestStatus: Open.#359 In Wave-RF/WaveHouse;feat(api): trusted-proxy-aware client IP in traces & logs (+ gate trace-context propagation)
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewarearea/observabilityMetrics, logs, traces, health, profilingMetrics, logs, traces, health, profilingdocumentationImprovements or additions to documentationImprovements or additions to documentationenhancementNew feature or requestNew feature or requestsecuritySecurity-sensitive issue or fixSecurity-sensitive issue or fixStatus: Open.#333 In Wave-RF/WaveHouse;epic(security): pre-authz existence oracles / info-leak — order authorization before existence checks
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewarearea/policyAccess control policies (Hasura-style)Access control policies (Hasura-style)breaking-changeBreaking change to public API, CLI, or configBreaking change to public API, CLI, or configenhancementNew feature or requestNew feature or requestsecuritySecurity-sensitive issue or fixSecurity-sensitive issue or fixStatus: Open.#327 In Wave-RF/WaveHouse;epic(security): pre-launch DoS / resource-exhaustion hardening (global request + resource budget on /v1)
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewarearea/ingestIngest pipeline (Bento, batching, DLQ)Ingest pipeline (Bento, batching, DLQ)area/observabilityMetrics, logs, traces, health, profilingMetrics, logs, traces, health, profilingarea/queryStructured query AST, SQL builderStructured query AST, SQL builderbreaking-changeBreaking change to public API, CLI, or configBreaking change to public API, CLI, or configenhancementNew feature or requestNew feature or requestsecuritySecurity-sensitive issue or fixSecurity-sensitive issue or fixStatus: Open.#326 In Wave-RF/WaveHouse;security(streaming): applyStreamPolicy passes non-EventMessage / empty table_name payloads through unfiltered (fail-open)
area/apiHTTP handlers, routing, middlewareHTTP handlers, routing, middlewarearea/observabilityMetrics, logs, traces, health, profilingMetrics, logs, traces, health, profilingarea/policyAccess control policies (Hasura-style)Access control policies (Hasura-style)bugSomething isn't workingSomething isn't workingsecuritySecurity-sensitive issue or fixSecurity-sensitive issue or fixStatus: Open.#323 In Wave-RF/WaveHouse;security(query): InjectPermissionFilters splices the RLS predicate by first-substring match — crafted alias/column misplaces it
area/policyAccess control policies (Hasura-style)Access control policies (Hasura-style)area/queryStructured query AST, SQL builderStructured query AST, SQL builderbugSomething isn't workingSomething isn't workingsecuritySecurity-sensitive issue or fixSecurity-sensitive issue or fixStatus: Open.#322 In Wave-RF/WaveHouse;security(pipes): cache key includes the inlined {{limit}} — varied numeric param bypasses cache/singleflight into uncapped aggregations
area/cacheLocal / shared / tiered cachingLocal / shared / tiered cachingarea/pipesNamed query pipesNamed query pipesenhancementNew feature or requestNew feature or requestsecuritySecurity-sensitive issue or fixSecurity-sensitive issue or fixStatus: Open.#321 In Wave-RF/WaveHouse;