| | | | 0010106 | 3 | |
| crash | | 2025-06-29 | memory freed based on uninitialized counter |
| | | | 0010107 | 2 | |
| crash | | 2025-06-29 | call of js_free on uninitialized pointer |
| | | | 0009644 | 4 | |
[Taler] libeufin-bank-ui (SPA) | feature | confirmed | 2025-06-25 | bank ui should support listing and revoking tokens |
| | | | 0009620 | 4 | 1 |
| feature | | 2025-06-22 | Restrict public instance access and replace token-based authentication with username and password |
| | | | 0009647 | | |
| feature | | 2025-06-22 | Scope in tokens / authorizations needs rework |
| | | | 0009556 | 9 | |
| feature | | 2025-06-21 | address merchant auth token weirdness |
| | | | 0009651 | 2 | |
| feature | | 2025-06-19 | When changing the instance password we may want to revoke old access tokens |
| | | | 0009572 | 1 | |
[Taler] exchange AML backoffice (SPA) | feature | | 2025-06-18 | automatic logout (est 4h - due date 5/6) |
| | | | 0009949 | | |
| feature | acknowledged | 2025-06-12 | Add control to exclude domains and IP-ranges for webhooks |
| | | | 0009693 | | |
| feature | confirmed | 2025-06-08 | clause-schnorr support untested and likely incomplete |
| | | | 0009724 | 1 | |
| minor | | 2025-06-05 | Use FaceID/TouchID to enable using the app |
| | | | 0009953 | | |
| minor | | 2025-06-05 | unexplained numeric constants in js_talercrypto_eddsa_sign |
| | | | 0009963 | | |
| minor | confirmed | 2025-06-05 | concurrency issue with using JS_GetArrayBuffer? |
| | | | 0008999 | 2 | |
| feature | | 2025-06-03 | Set limits to all variable size user inputs |
| | | | 0009950 | 1 | |
| minor | | 2025-05-20 | unchecked malloc can lead to crash |
| | | | 0009924 | | |
| minor | confirmed | 2025-05-09 | strange valgrind failure in auditordb plugin |
| | | | 0009353 | | |
| minor | confirmed | 2025-05-08 | check denomination revocation logic |
| | | | 0009141 | | |
| minor | confirmed | 2025-05-08 | Auditor SPA (reserve) reporting is missing important values |
| | | | 0009048 | 4 | |
| feature | confirmed | 2025-05-08 | introduce a default check and support vATTEST API [4h] |
| | | | 0009626 | | |
| feature | confirmed | 2025-05-07 | Add planchet collision tests to harness |
| | | | 0009523 | | |
| minor | confirmed | 2025-04-28 | Allow connecting the merchant backend to the bank revenue API via token in URI |
| | | | 0009206 | 3 | |
| major | confirmed | 2025-04-24 | nirvana for regional currency setup |
| | | | 0009026 | | |
| tweak | confirmed | 2025-04-24 | Support memory-hard password hashing method |
| | | | 0009342 | | |
[Taler] libeufin-bank-ui (SPA) | minor | confirmed | 2025-04-24 | Support locked account and token creation 2FA challenges |
| | | | 0008134 | | |
| tweak | confirmed | 2025-04-18 | wallet-core should use typed HTTP client implementations [estimate: 20h] |
| | | | 0008688 | | |
| feature | confirmed | 2025-04-18 | wallet doesn't validate exchange signing keys, doesn't use them much [estimate: 5h] |
| | | | 0007558 | 2 | |
| feature | confirmed | 2025-04-18 | bundle TLS CA certs and re-enable TLS peer+host verification for libcurl HTTP client implementation |
| | | | 0006977 | 1 | |
| feature | confirmed | 2025-04-18 | make wallet-core more resistant against node supply chain attacks |
| | | | 0009645 | | |
| major | | 2025-04-17 | Lock account on password auth failure |
| | | | 0008899 | | |
| feature | confirmed | 2025-04-17 | merchant backend should support bearer token authentication when talking to the bank |
