highperfocused/multica
1
0
Fork 0
mirror of https://github.com/multica-ai/multica.git synced 2026-06-17 11:48:42 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
21fea91d23670002ddfafb3498b680933267e2e0
multica/server/pkg
History
Jiayuan Zhang f4016fc721 fix(server): validate workspace ownership for attachment uploads and queries (#683) 
Prevent cross-workspace attachment injection (CRIT-3) by verifying
issue_id/comment_id belong to the caller's workspace before creating
attachment records. Add workspace_id filter to ListAttachmentsByCommentIDs
query (MED-3) to prevent cross-workspace attachment data leakage.

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-11 04:33:24 +08:00
..
agent
feat(daemon): add minimum Claude Code version check (#625)
2026-04-10 16:09:56 +08:00
db
fix(server): validate workspace ownership for attachment uploads and queries (#683)
2026-04-11 04:33:24 +08:00
protocol
feat: add pin to sidebar for issues and projects (#653)
2026-04-10 19:00:25 +08:00
redact
feat(security): redact sensitive information in agent live output
2026-03-30 23:38:49 +08:00