Weekly digest · public-receipt installs only

AntFleet · week ending 2026-05-18

Public activity from 2026-05-11 through 2026-05-18 UTC, pinned to this permalink.

11

reviews run

3

findings agreed

3

receipts closed

0

reactions observed

Top closures

3 of 3

securityhigh
Health endpoint exposes operational details (env var presence, raw DB error messages) to unauthenticated callers
repo ab4e09bc·PR #3·closed in 4640404
detail →
docs-gapmedium
Comment in middleware.ts misstates CSP policy ('No unsafe-inline') while code includes it
repo e24ef98c·PR #5·closed in 2f2b470
detail →
test-gaplow
Middleware test shares a single response across all `it` blocks, defeating per-test isolation
repo e24ef98c·PR #6·closed in b8546bd
detail →