Cole Murray
Cole Murray
Updates FastAPI minimum version from 0.90.1 to 0.120.2 across all dependency groups to address Starlette vulnerability CVE-2025-62727. This updates: - Main optional dependency - Dev dependencies - Examples dependencies -...
## Issue When running the transformers example for the Moondream2 model on Apple Silicon Macs, it failed with: ``` RuntimeError: torch.cat(): all input tensors must be on the same device....
## Summary This PR addresses a SQL injection vulnerability in the workflow search functionality by replacing string concatenation with parameterized queries. ## Changes Refactored database query construction in \`src/ai_assistant.py\` to...
### Describe the feature When running in remote environments, the patch is obtained as part of the SaveApplyPatchHook and saved to the launching environment. There is currently no similar hook...
Hello maintainers 👋, We have discovered a **high-severity security issue** in the default configuration of *knowledge_storm* that allows outbound HTTPS traffic to skip certificate validation. * Impact: Man-in-the-middle attackers on...
The policy created for the task role is hardcoded to swe-rex-deployment. This causes a failure when a log_group is specified as the taskDefinition will use the provided `logGroup` parameter, but...
Fixes hardcoded log group in AWS IAM execution role policy that prevented using custom log groups with Fargate deployments. Changes: - Add log_group parameter to get_execution_role_arn() function - Dynamically generate...
## Summary - Use environment variables instead of direct expression interpolation for workflow inputs in shell commands - Prevents potential command injection if input values contain shell metacharacters ## Context...