Skip to content

[Automated] Weekly code-review report — 2026-06-29 #163

Description

@github-actions

Weekly Code-Review Report — 2026-06-29

Commit: unknown · Generated by scripts/weekly-code-review.sh

This report aggregates slow-moving signals that per-PR CI does not
catch. Each section lists raw findings; triage is a maintainer call.

Unused code (knip)

  • Unused binaries: 0
  • Unused catalog: 0
  • Unused dependencies: 3
  • Unused devDependencies: 0
  • Unused duplicates: 5
  • Unused enumMembers: 8
  • Unused exports: 88
  • Unused files: 26
  • Unused namespaceMembers: 0
  • Unused optionalPeerDependencies: 0
  • Unused types: 188
  • Unused unlisted: 7
  • Unused unresolved: 0

Rust advisories (cargo-audit)

  • openhuman core — vulnerabilities: 5, warnings: 5
    • lopdf@0.38.0 — RUSTSEC-2026-0187: Stack overflow in lopdf via deeply nested PDF objects
    • postgres-protocol@0.6.11 — RUSTSEC-2026-0180: Panic decoding a malformed hstore value allows denial of service
    • postgres-protocol@0.6.11 — RUSTSEC-2026-0179: Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of service
    • quinn-proto@0.11.14 — RUSTSEC-2026-0185: Remote memory exhaustion in quinn-proto from unbounded out-of-order stream reassembly
    • tokio-postgres@0.7.17 — RUSTSEC-2026-0178: Panic on a DataRow with fewer fields than columns allows denial of service
  • Tauri shell — vulnerabilities: 4, warnings: 18
    • postgres-protocol@0.6.11 — RUSTSEC-2026-0180: Panic decoding a malformed hstore value allows denial of service
    • postgres-protocol@0.6.11 — RUSTSEC-2026-0179: Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of service
    • quinn-proto@0.11.14 — RUSTSEC-2026-0185: Remote memory exhaustion in quinn-proto from unbounded out-of-order stream reassembly
    • tokio-postgres@0.7.17 — RUSTSEC-2026-0178: Panic on a DataRow with fewer fields than columns allows denial of service

TODO / FIXME backlog

  • Open markers (TODO/FIXME/XXX/HACK) across src/ + app/src/: 23

Runbook


Run log: https://github.com/ElioNeto/openhuman/actions/runs/28365325325

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions