Help Wanted

AI Summary: This issue requests the addition of file-level JSDoc comments to `apps/backend/lib/coze/index.ts`. This file serves as the public entry point for the Coze API integration module and is missing documentation, impacting API documentation generation, developer experience, and code consistency. The proposed solution involves adding a descriptive JSDoc block at the beginning of the file.

AI Summary: This issue requests the addition of file-level JSDoc comments to the `error.middleware.ts` file in the backend application. This file defines crucial API response formats and error handling middleware used throughout the backend, and the lack of documentation hinders maintainability and onboarding for new developers.

AI Summary: This issue proposes adding performance benchmarking to the CI workflow to detect regressions early. It involves benchmarking key operations across all platforms, setting up alerts for significant slowdowns, and storing historical data for trend analysis. The goal is to integrate this into the CI pipeline with minimal impact on build times.

AI Summary: This issue proposes adding dependency vulnerability scanning and Python security linting to the CI workflow. It specifically involves integrating `pip-audit` and `bandit`, configuring a quality gate, and documenting known issues, with a goal of keeping CI time impact under one minute.

AI Summary: This issue proposes adding code coverage reporting to the CI workflow. The goal is to integrate a tool like Codecov, generate reports across all platforms, set a minimum coverage threshold of 80%, and display a coverage badge in the README. This will help track test coverage and ensure code quality over time.

AI Summary: The immich-admin CLI is producing noisy output, including Node.js experimental warnings and server logs, even when simply running the `--help` command. This indicates an issue with how the CLI is initialized or how it handles its dependencies, leading to unnecessary log messages.

AI Summary: The `csv_sql` tool currently lacks a size limit for incoming queries, which can lead to memory pressure and resource exhaustion if exposed to untrusted input. The proposed solution involves adding a maximum query size constant and validation to prevent excessively large queries.

AI Summary: A high-severity cross-client data leakage vulnerability (CVE-2026-25536) exists in `@modelcontextprotocol/sdk` versions 1.10.0 through 1.25.3. This occurs when a single server instance is reused across multiple client connections, leading to incorrect routing of responses due to JSON-RPC message ID conflicts. While the project's current usage with `StdioServerTransport` is not directly affected, updating to version 1.26.0 or later is recommended for future-proofing and supply chain security.

AI Summary: The user is requesting native support for the `jiff::Timestamp` type within the `Record` derive macro. Currently, users must manually convert timestamps to microseconds, and they would prefer this conversion to be handled automatically by the crate.

AI Summary: This issue describes a circular dependency warning in Vite's `manualChunks` configuration within `apps/frontend/vite.config.ts`. The current setup incorrectly categorizes React-related libraries and other `node_modules` dependencies, leading to a `vendor -> react-vendor -> vendor` loop. The recommended fix involves removing the fallback `vendor` chunk to allow Vite to manage remaining modules automatically.