cortictechnology / cait Goto Github PK

The blocks connected to the first disabled block are still enabled, this will cause an execution error. All blocks should be disabled when they are out of setup or main block.

On some computer system, the user cannot access the Visual Programming Interface through the device's hostname in the browser but can access by typing the IP directly. Need to investigate the cause of this.

The visual programming interface should alert the user when an exception occurs so that the user can modify their program to address the problem.

CAIT currently supports English and French. User should be able to switch between these languages from the main page.

User should be able to start a new project by pressing the new project icon, if there are blocks in the workspace, they have the option to save or discard

The snippet blocks are outdated and need to be fixed in order to work properly.

The current style can be hard to see in some scene, need to find a better way to display text.

Only pi user can load the samples currently, need to provide these samples for every user.

After finished the installation of Docker from the setup_cait scripts, the docker service cannot be launched, causing the failures of subsequent steps in the script.

Hello cait developers,

We are a cybersecurity research group from the CISPA Helmholtz Center for Information Security and Ca’ Foscari University of Venice. We recently conducted an analysis of the session management used in your web application as part of our research. We have discovered a security vulnerability that we believe requires your attention.

Vulnerability Description:

After our analysis, we have identified that your application is using a hard-coded secret key that is leaked through GitHub. If operators who install your web application do not change this secret key, they are vulnerable to cookie forgeries. The cookie forgery attack allows an attacker, knowing the key used to sign a cookie, to forge new arbitrary cookies to impersonate and take over other accounts.

Recommendation for Mitigation:

To address this vulnerability and enhance the security posture of your web application, we highly recommend setting the secret key from an environment variable. If the environment file is not shared on GitHub then this would force operators of your application to create their own key upon installation, forcing them to set their own secure secret key.

We hope this notification helps improve your security. Should you have further questions or comments on this feel free to answer this thread or reach out to [email protected].

Kind regards,
Florian Hantke

Users should be able to try out CAIT easily by doing a simple apt-get install.

The code currently generated is a simple imperative style. For better readability, the code should be more structured.

In safari browser, login and logout don't work. After typing user account during login, it will ask for a username and password again. After pressing the logout button, nothing happenss

Similar to the training script for nlp models, need a script to remove previous model

The RASA installed in the image cannot be launched. This is due to an issue related to tensorflow-addons not able to find some libraries. Need to investigate this and fix the problem

There are 2 ways to play audio in CAIT: through a normal 3.5mm speaker or, through the speaker on a Lego EV3 hub. User should be able to select which device to use when playing audio. This can be done by creating a parameter block such that the user can use that block to set the audio device.

Currently, some English strings are hard-coded into the HTML and javascript files, need to pull them out and organize them into string tables. Some works have been done for French and Chinese languages, need to standardize this approach.