Weekly Code-Review Report — 2026-06-22
Commit: unknown · Generated by scripts/weekly-code-review.sh
This report aggregates slow-moving signals that per-PR CI does not
catch. Each section lists raw findings; triage is a maintainer call.
Unused code (knip)
- Unused binaries: 0
- Unused catalog: 0
- Unused dependencies: 6
- Unused devDependencies: 0
- Unused duplicates: 8
- Unused enumMembers: 8
- Unused exports: 105
- Unused files: 30
- Unused namespaceMembers: 0
- Unused optionalPeerDependencies: 0
- Unused types: 247
- Unused unlisted: 8
- Unused unresolved: 0
Rust advisories (cargo-audit)
- openhuman core — vulnerabilities: 3, warnings: 5
postgres-protocol@0.6.11 — RUSTSEC-2026-0180: Panic decoding a malformed hstore value allows denial of service
postgres-protocol@0.6.11 — RUSTSEC-2026-0179: Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of service
tokio-postgres@0.7.17 — RUSTSEC-2026-0178: Panic on a DataRow with fewer fields than columns allows denial of service
- Tauri shell — vulnerabilities: 3, warnings: 17
postgres-protocol@0.6.11 — RUSTSEC-2026-0180: Panic decoding a malformed hstore value allows denial of service
postgres-protocol@0.6.11 — RUSTSEC-2026-0179: Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of service
tokio-postgres@0.7.17 — RUSTSEC-2026-0178: Panic on a DataRow with fewer fields than columns allows denial of service
TODO / FIXME backlog
- Open markers (TODO/FIXME/XXX/HACK) across
src/ + app/src/: 25
Runbook
Run log: https://github.com/sanil-23/openhuman/actions/runs/27950887930
Weekly Code-Review Report — 2026-06-22
Commit:
unknown· Generated byscripts/weekly-code-review.shThis report aggregates slow-moving signals that per-PR CI does not
catch. Each section lists raw findings; triage is a maintainer call.
Unused code (knip)
Rust advisories (cargo-audit)
postgres-protocol@0.6.11— RUSTSEC-2026-0180: Panic decoding a malformedhstorevalue allows denial of servicepostgres-protocol@0.6.11— RUSTSEC-2026-0179: Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of servicetokio-postgres@0.7.17— RUSTSEC-2026-0178: Panic on aDataRowwith fewer fields than columns allows denial of servicepostgres-protocol@0.6.11— RUSTSEC-2026-0180: Panic decoding a malformedhstorevalue allows denial of servicepostgres-protocol@0.6.11— RUSTSEC-2026-0179: Unbounded SCRAM iteration count allows a malicious server to cause CPU-exhaustion denial of servicetokio-postgres@0.7.17— RUSTSEC-2026-0178: Panic on aDataRowwith fewer fields than columns allows denial of serviceTODO / FIXME backlog
src/+app/src/: 25Runbook
live in
docs/WEEKLY-CODE-REVIEW.md.Run log: https://github.com/sanil-23/openhuman/actions/runs/27950887930