{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "CWE-285", "owasp": "WSTG-AUTHZ"}}, {"id": "GHSA-48c2-rrv3-qjmp", "name": "yaml: GHSA-48c2-rrv3-qjmp", "shortDescription": {"text": "yaml: GHSA-48c2-rrv3-qjmp"}, "fullDescription": {"text": "yaml is vulnerable to Stack Overflow via deeply nested YAML collections"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-58qx-3vcg-4xpx", "name": "ws: GHSA-58qx-3vcg-4xpx", "shortDescription": {"text": "ws: GHSA-58qx-3vcg-4xpx"}, "fullDescription": {"text": "ws: Uninitialized memory disclosure"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-xcj6-pq6g-qj4x", "name": "vite: GHSA-xcj6-pq6g-qj4x", "shortDescription": {"text": "vite: GHSA-xcj6-pq6g-qj4x"}, "fullDescription": {"text": "Vite allows server.fs.deny to be bypassed with .svg or relative paths"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-x574-m823-4x7w", "name": "vite: GHSA-x574-m823-4x7w", "shortDescription": {"text": "vite: GHSA-x574-m823-4x7w"}, "fullDescription": {"text": "Vite bypasses server.fs.deny when using ?raw??"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-vg6x-rcgg-rjx6", "name": "vite: GHSA-vg6x-rcgg-rjx6", "shortDescription": {"text": "vite: GHSA-vg6x-rcgg-rjx6"}, "fullDescription": {"text": "Websites were able to send any requests to the development server and read the response in vite"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-9cwx-2883-4wfx", "name": "vite: GHSA-9cwx-2883-4wfx", "shortDescription": {"text": "vite: GHSA-9cwx-2883-4wfx"}, "fullDescription": {"text": "Vite's `server.fs.deny` is bypassed when using `?import&raw`"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-8jhw-289h-jh2g", "name": "vite: GHSA-8jhw-289h-jh2g", "shortDescription": {"text": "vite: GHSA-8jhw-289h-jh2g"}, "fullDescription": {"text": "Vite's `server.fs.deny` did not deny requests for patterns with directories."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-859w-5945-r5v3", "name": "vite: GHSA-859w-5945-r5v3", "shortDescription": {"text": "vite: GHSA-859w-5945-r5v3"}, "fullDescription": {"text": "Vite's server.fs.deny bypassed with /. for files under project root"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-64vr-g452-qvp3", "name": "vite: GHSA-64vr-g452-qvp3", "shortDescription": {"text": "vite: GHSA-64vr-g452-qvp3"}, "fullDescription": {"text": "Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-4w7w-66w2-5vf9", "name": "vite: GHSA-4w7w-66w2-5vf9", "shortDescription": {"text": "vite: GHSA-4w7w-66w2-5vf9"}, "fullDescription": {"text": "Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-4r4m-qw57-chr8", "name": "vite: GHSA-4r4m-qw57-chr8", "shortDescription": {"text": "vite: GHSA-4r4m-qw57-chr8"}, "fullDescription": {"text": "Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-356w-63v5-8wf4", "name": "vite: GHSA-356w-63v5-8wf4", "shortDescription": {"text": "vite: GHSA-356w-63v5-8wf4"}, "fullDescription": {"text": "Vite has an `server.fs.deny` bypass with an invalid `request-target`"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-rmmh-p597-ppvv", "name": "showdown: GHSA-rmmh-p597-ppvv", "shortDescription": {"text": "showdown: GHSA-rmmh-p597-ppvv"}, "fullDescription": {"text": "Showdown vulnerable to Regular Expression Denial of Service (ReDoS) in link/anchor parsing"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-qx2v-qp2m-jg93", "name": "postcss: GHSA-qx2v-qp2m-jg93", "shortDescription": {"text": "postcss: GHSA-qx2v-qp2m-jg93"}, "fullDescription": {"text": "PostCSS has XSS via Unescaped </style> in its CSS Stringify Output"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-3v7f-55p6-f55p", "name": "picomatch: GHSA-3v7f-55p6-f55p", "shortDescription": {"text": "picomatch: GHSA-3v7f-55p6-f55p"}, "fullDescription": {"text": "Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-mwcw-c2x4-8c55", "name": "nanoid: GHSA-mwcw-c2x4-8c55", "shortDescription": {"text": "nanoid: GHSA-mwcw-c2x4-8c55"}, "fullDescription": {"text": "Predictable results in nanoid generation when given non-integer values"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-952p-6rrq-rcjv", "name": "micromatch: GHSA-952p-6rrq-rcjv", "shortDescription": {"text": "micromatch: GHSA-952p-6rrq-rcjv"}, "fullDescription": {"text": "Regular Expression Denial of Service (ReDoS) in micromatch"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-38c4-r59v-3vqw", "name": "markdown-it: GHSA-38c4-r59v-3vqw", "shortDescription": {"text": "markdown-it: GHSA-38c4-r59v-3vqw"}, "fullDescription": {"text": "markdown-it is has a Regular Expression Denial of Service (ReDoS)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-67mh-4wv8-2f99", "name": "esbuild: GHSA-67mh-4wv8-2f99", "shortDescription": {"text": "esbuild: GHSA-67mh-4wv8-2f99"}, "fullDescription": {"text": "esbuild enables any website to send any requests to the development server and read the response"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-f886-m6hf-6m8v", "name": "brace-expansion: GHSA-f886-m6hf-6m8v", "shortDescription": {"text": "brace-expansion: GHSA-f886-m6hf-6m8v"}, "fullDescription": {"text": "brace-expansion: Zero-step sequence causes process hang and memory exhaustion"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "DKR003", "name": "Compose service `frappe` image uses the latest tag", "shortDescription": {"text": "Compose service `frappe` image uses the latest tag"}, "fullDescription": {"text": "The latest tag is mutable and can change without a code review, producing different images from the same source."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.94, "cwe": "", "owasp": ""}}, {"id": "DKC013", "name": "Database service has no persistent data volume", "shortDescription": {"text": "Database service has no persistent data volume"}, "fullDescription": {"text": "Database containers store data in the writable container layer unless a volume or bind mount is attached to the image's data directory. Recreating the container can lose state."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "DKC015", "name": "Database service has no healthcheck", "shortDescription": {"text": "Database service has no healthcheck"}, "fullDescription": {"text": "Compose starts dependent containers in dependency order, but it does not wait for a database to be ready unless a healthcheck is defined and dependents use service_healthy."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "SEC041", "name": "[SEC041] Tabnabbing \u2014 target=\"_blank\" without rel=\"noopener noreferrer\": <a target=\"_blank\"> without rel=\"noopener noref", "shortDescription": {"text": "[SEC041] Tabnabbing \u2014 target=\"_blank\" without rel=\"noopener noreferrer\": <a target=\"_blank\"> without rel=\"noopener noreferrer\" leaks window.opener to the opened page. The opened page can then run window.opener.location = 'phishing-site' and"}, "fullDescription": {"text": "Add rel=\"noopener noreferrer\" to every <a target=\"_blank\">:\n  <a href=\"...\" target=\"_blank\" rel=\"noopener noreferrer\">link</a>\nFor dynamically generated links from JS, set rel on the element before appending. Even safe-looking subdomains should harden \u2014 costs nothing."}, "properties": {"scanner": "repobility-threat-engine", "category": "security", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `generate_fees` has cognitive complexity 18 (SonarSource scale). Cognitive", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `generate_fees` has cognitive complexity 18 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 18."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "DEPCUR-NPM", "name": "npm package `@vitejs/plugin-vue` is 4 major version(s) behind (^2.0.0 -> 6.0.7)", "shortDescription": {"text": "npm package `@vitejs/plugin-vue` is 4 major version(s) behind (^2.0.0 -> 6.0.7)"}, "fullDescription": {"text": "`@vitejs/plugin-vue` is pinned/resolved at ^2.0.0 but the latest stable release on the npm registry is 6.0.7 (4 major version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise."}, "properties": {"scanner": "repobility-dependency-currency", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AIC004", "name": "Suspicious implementation file appears unreferenced", "shortDescription": {"text": "Suspicious implementation file appears unreferenced"}, "fullDescription": {"text": "A file created as a fixed/new/final/copy variant is not referenced by imports or path-like strings in the rest of the repository. This is a strong sign that an agent produced code beside the active application path."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "AUC005", "name": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or sup", "shortDescription": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "fullDescription": {"text": "No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "low", "confidence": 0.76, "cwe": "CWE-285", "owasp": "WSTG-AUTHZ"}}, {"id": "GHSA-jqfw-vq24-v9c3", "name": "vite: GHSA-jqfw-vq24-v9c3", "shortDescription": {"text": "vite: GHSA-jqfw-vq24-v9c3"}, "fullDescription": {"text": "Vite's `server.fs` settings were not applied to HTML files"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "low", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-g4jq-h2w9-997c", "name": "vite: GHSA-g4jq-h2w9-997c", "shortDescription": {"text": "vite: GHSA-g4jq-h2w9-997c"}, "fullDescription": {"text": "Vite middleware may serve files starting with the same name with the public directory"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "low", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-v6h2-p8h4-qcjw", "name": "brace-expansion: GHSA-v6h2-p8h4-qcjw", "shortDescription": {"text": "brace-expansion: GHSA-v6h2-p8h4-qcjw"}, "fullDescription": {"text": "brace-expansion Regular Expression Denial of Service vulnerability"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "low", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-vhrc-hgrq-x75r", "name": "@tiptap/extension-link: GHSA-vhrc-hgrq-x75r", "shortDescription": {"text": "@tiptap/extension-link: GHSA-vhrc-hgrq-x75r"}, "fullDescription": {"text": "@tiptap/extension-link vulnerable to Cross-site Scripting (XSS)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "low", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "DKC010", "name": "Compose service lacks no-new-privileges hardening", "shortDescription": {"text": "Compose service lacks no-new-privileges hardening"}, "fullDescription": {"text": "no-new-privileges prevents processes from gaining additional privileges through setuid binaries or file capabilities."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "DKC006", "name": "Compose service does not declare a runtime user", "shortDescription": {"text": "Compose service does not declare a runtime user"}, "fullDescription": {"text": "If the image does not define USER internally, this service may run as root."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.56, "cwe": "", "owasp": ""}}, {"id": "AIC005", "name": "Duplicate top-level symbol appears in a patch-style file", "shortDescription": {"text": "Duplicate top-level symbol appears in a patch-style file"}, "fullDescription": {"text": "A generated replacement file defining the same public function or class name as another module can mean the new logic is not actually wired into the running code."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.64, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Files named as final, fixed, copy, new, or backup are often temporary patch artifacts. They may be legitimate, but they deserve review before becoming production surface area."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 14 more): Same pattern found in 14 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 14 more): Same pattern found in 14 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class (and 40 more): Same pattern found in 40 additional files. Review if needed.", "shortDescription": {"text": "[MINED072] Python Pass Only Class (and 40 more): Same pattern found in 40 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 45 more): Same pattern found in 45 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 45 more): Same pattern found in 45 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED055", "name": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of ", "shortDescription": {"text": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1357 / A06:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "GHSA-3h5v-q93c-6h6q", "name": "ws: GHSA-3h5v-q93c-6h6q", "shortDescription": {"text": "ws: GHSA-3h5v-q93c-6h6q"}, "fullDescription": {"text": "ws affected by a DoS when handling a request with many HTTP headers"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-c27g-q93r-2cwf", "name": "vite: GHSA-c27g-q93r-2cwf", "shortDescription": {"text": "vite: GHSA-c27g-q93r-2cwf"}, "fullDescription": {"text": "launch-editor vulnerable to command injection via the crafted request on Windows"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-677m-j7p3-52f9", "name": "socket.io-parser: GHSA-677m-j7p3-52f9", "shortDescription": {"text": "socket.io-parser: GHSA-677m-j7p3-52f9"}, "fullDescription": {"text": "socket.io allows an unbounded number of binary attachments"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-mw96-cpmx-2vgc", "name": "rollup: GHSA-mw96-cpmx-2vgc", "shortDescription": {"text": "rollup: GHSA-mw96-cpmx-2vgc"}, "fullDescription": {"text": "Rollup 4 has Arbitrary File Write via Path Traversal"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-gcx4-mw62-g8wm", "name": "rollup: GHSA-gcx4-mw62-g8wm", "shortDescription": {"text": "rollup: GHSA-gcx4-mw62-g8wm"}, "fullDescription": {"text": "DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-c2c7-rcm5-vvqj", "name": "picomatch: GHSA-c2c7-rcm5-vvqj", "shortDescription": {"text": "picomatch: GHSA-c2c7-rcm5-vvqj"}, "fullDescription": {"text": "Picomatch has a ReDoS vulnerability via extglob quantifiers"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-7r86-cg39-jmmj", "name": "minimatch: GHSA-7r86-cg39-jmmj", "shortDescription": {"text": "minimatch: GHSA-7r86-cg39-jmmj"}, "fullDescription": {"text": "minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-3ppc-4f35-3m26", "name": "minimatch: GHSA-3ppc-4f35-3m26", "shortDescription": {"text": "minimatch: GHSA-3ppc-4f35-3m26"}, "fullDescription": {"text": "minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-23c5-xmqv-rm74", "name": "minimatch: GHSA-23c5-xmqv-rm74", "shortDescription": {"text": "minimatch: GHSA-23c5-xmqv-rm74"}, "fullDescription": {"text": "minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-95jq-xph2-cx9h", "name": "linkifyjs: GHSA-95jq-xph2-cx9h", "shortDescription": {"text": "linkifyjs: GHSA-95jq-xph2-cx9h"}, "fullDescription": {"text": "Linkify Allows Prototype Pollution & HTML Attribute Injection (XSS)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-5j98-mcp5-4vw2", "name": "glob: GHSA-5j98-mcp5-4vw2", "shortDescription": {"text": "glob: GHSA-5j98-mcp5-4vw2"}, "fullDescription": {"text": "glob CLI: Command injection via -c/--cmd executes matches with shell:true"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-3xgq-45jj-v275", "name": "cross-spawn: GHSA-3xgq-45jj-v275", "shortDescription": {"text": "cross-spawn: GHSA-3xgq-45jj-v275"}, "fullDescription": {"text": "Regular Expression Denial of Service (ReDoS) in cross-spawn"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-grv7-fg5c-xmjg", "name": "braces: GHSA-grv7-fg5c-xmjg", "shortDescription": {"text": "braces: GHSA-grv7-fg5c-xmjg"}, "fullDescription": {"text": "Uncontrolled resource consumption in braces"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "SEC040", "name": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that int", "shortDescription": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTM"}, "fullDescription": {"text": "For plain text: use el.textContent = data.value (auto-escapes).\nFor HTML you need to render: el.innerHTML = DOMPurify.sanitize(html).\nFor React/Vue/Svelte: stop using innerHTML; use the framework's binding.\nWhen data comes from CV/PDF parsers, sanitize at the parser boundary too."}, "properties": {"scanner": "repobility-threat-engine", "category": "xss", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `pre-commit/action` pinned to mutable ref `@v3.0.1`", "shortDescription": {"text": "Action `pre-commit/action` pinned to mutable ref `@v3.0.1`"}, "fullDescription": {"text": "`uses: pre-commit/action@v3.0.1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED126", "name": "Workflow container/services image `mariadb:10.6` unpinned", "shortDescription": {"text": "Workflow container/services image `mariadb:10.6` unpinned"}, "fullDescription": {"text": "`container/services image: mariadb:10.6` without `@sha256:...` pulls a mutable tag at workflow-run time. Treat workflow container references with the same supply-chain discipline as Dockerfile FROM lines."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "pre-commit hook `https://github.com/pre-commit/mirrors-prettier` pinned to mutable rev `v2.7.1`", "shortDescription": {"text": "pre-commit hook `https://github.com/pre-commit/mirrors-prettier` pinned to mutable rev `v2.7.1`"}, "fullDescription": {"text": "`.pre-commit-config.yaml` references `https://github.com/pre-commit/mirrors-prettier` at `rev: v2.7.1`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_update_schedule_date", "shortDescription": {"text": "Phantom test coverage: test_update_schedule_date"}, "fullDescription": {"text": "Test function `test_update_schedule_date` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.academic_term` used but never assigned in __init__", "shortDescription": {"text": "`self.academic_term` used but never assigned in __init__"}, "fullDescription": {"text": "Method `enroll_students` of class `ProgramEnrollmentTool` reads `self.academic_term`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "DKC007", "name": "Compose service contains a literal secret environment value", "shortDescription": {"text": "Compose service contains a literal secret environment value"}, "fullDescription": {"text": "Literal secrets in Compose files are committed to source and exposed through container inspection."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "critical", "confidence": 0.96, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "Missing import: `email` used but not imported", "shortDescription": {"text": "Missing import: `email` used but not imported"}, "fullDescription": {"text": "The file uses `email.something(...)` but never imports `email`. This raises NameError at runtime the first time the line executes."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/973"}, "properties": {"repository": "frappe/education", "repoUrl": "https://github.com/frappe/education", "branch": "develop"}, "results": [{"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 91325, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "GHSA-48c2-rrv3-qjmp", "level": "warning", "message": {"text": "yaml: GHSA-48c2-rrv3-qjmp"}, "properties": {"repobilityId": 91324, "scanner": "osv-scanner", "fingerprint": "710aadbcd593a94b8359990c2f2ff0e17af9f6ff3f10abb63f89ccfd7fa8e955", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-33532"], "package": "yaml", "rule_id": "GHSA-48c2-rrv3-qjmp", "scanner": "osv-scanner", "correlation_key": "vuln|yaml|CVE-2026-33532|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-58qx-3vcg-4xpx", "level": "warning", "message": {"text": "ws: GHSA-58qx-3vcg-4xpx"}, "properties": {"repobilityId": 91323, "scanner": "osv-scanner", "fingerprint": "d0243fa40a87cfba4d3c427add03786e9bcc538bc0175821afb00f88842d0d0e", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-45736"], "package": "ws", "rule_id": "GHSA-58qx-3vcg-4xpx", "scanner": "osv-scanner", "correlation_key": "vuln|ws|CVE-2026-45736|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-xcj6-pq6g-qj4x", "level": "warning", "message": {"text": "vite: GHSA-xcj6-pq6g-qj4x"}, "properties": {"repobilityId": 91321, "scanner": "osv-scanner", "fingerprint": "067d184d22df5960c38b0a52e0ca2b40516f43b6a099c17db013aba126ba0a05", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-31486"], "package": "vite", "rule_id": "GHSA-xcj6-pq6g-qj4x", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-31486|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-x574-m823-4x7w", "level": "warning", "message": {"text": "vite: GHSA-x574-m823-4x7w"}, "properties": {"repobilityId": 91320, "scanner": "osv-scanner", "fingerprint": "551f652944d2d07fdc044a5fa1a7ca8533d79d3c7092f04c99092a8410cdc223", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-30208"], "package": "vite", "rule_id": "GHSA-x574-m823-4x7w", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-30208|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-vg6x-rcgg-rjx6", "level": "warning", "message": {"text": "vite: GHSA-vg6x-rcgg-rjx6"}, "properties": {"repobilityId": 91319, "scanner": "osv-scanner", "fingerprint": "22f0ea6c0c36ac55d62d3c0f2267fdfe6decb1c6e5fbd0cd60484fd281f8f576", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-24010"], "package": "vite", "rule_id": "GHSA-vg6x-rcgg-rjx6", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-24010|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-9cwx-2883-4wfx", "level": "warning", "message": {"text": "vite: GHSA-9cwx-2883-4wfx"}, "properties": {"repobilityId": 91315, "scanner": "osv-scanner", "fingerprint": "a84fca4bb06df914f70471d0fca311a128542b4c57daff11b6a39dd7d2000506", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-45811"], "package": "vite", "rule_id": "GHSA-9cwx-2883-4wfx", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2024-45811|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-8jhw-289h-jh2g", "level": "warning", "message": {"text": "vite: GHSA-8jhw-289h-jh2g"}, "properties": {"repobilityId": 91314, "scanner": "osv-scanner", "fingerprint": "7dcd8ae74501138c63d28c3580eb7f6f944b6606d3403ac4b749858015a44b45", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-31207"], "package": "vite", "rule_id": "GHSA-8jhw-289h-jh2g", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2024-31207|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-859w-5945-r5v3", "level": "warning", "message": {"text": "vite: GHSA-859w-5945-r5v3"}, "properties": {"repobilityId": 91313, "scanner": "osv-scanner", "fingerprint": "24d9fd834d099cb9d8565826e241c95f4d539404d459112b2e67521ca215faaf", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-46565"], "package": "vite", "rule_id": "GHSA-859w-5945-r5v3", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-46565|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-64vr-g452-qvp3", "level": "warning", "message": {"text": "vite: GHSA-64vr-g452-qvp3"}, "properties": {"repobilityId": 91312, "scanner": "osv-scanner", "fingerprint": "539b67a57a22f1533e63c8ebd2d2a6220f0acbcf39f799f81683692b434a6b6b", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-45812"], "package": "vite", "rule_id": "GHSA-64vr-g452-qvp3", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2024-45812|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-4w7w-66w2-5vf9", "level": "warning", "message": {"text": "vite: GHSA-4w7w-66w2-5vf9"}, "properties": {"repobilityId": 91311, "scanner": "osv-scanner", "fingerprint": "307b723c0cb7372b07807ccbd8d69d345647592c1a1e5b1bedc7d9e84b2b2369", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-39365"], "package": "vite", "rule_id": "GHSA-4w7w-66w2-5vf9", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2026-39365|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-4r4m-qw57-chr8", "level": "warning", "message": {"text": "vite: GHSA-4r4m-qw57-chr8"}, "properties": {"repobilityId": 91310, "scanner": "osv-scanner", "fingerprint": "db1561e0e2d7c2c49107ad4afb6bfcacc3dc780a1190c366f57dab06ab85cca4", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-31125"], "package": "vite", "rule_id": "GHSA-4r4m-qw57-chr8", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-31125|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-356w-63v5-8wf4", "level": "warning", "message": {"text": "vite: GHSA-356w-63v5-8wf4"}, "properties": {"repobilityId": 91309, "scanner": "osv-scanner", "fingerprint": "02e6a47c1270de5bda235fc0faf8cacdb86aaa7d9068514c39627accf7b23b44", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-32395"], "package": "vite", "rule_id": "GHSA-356w-63v5-8wf4", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-32395|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-rmmh-p597-ppvv", "level": "warning", "message": {"text": "showdown: GHSA-rmmh-p597-ppvv"}, "properties": {"repobilityId": 91307, "scanner": "osv-scanner", "fingerprint": "fe32e294ff47615dedc213fe315c38c1191f625234976b05fb6c5067f51b1881", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-1899"], "package": "showdown", "rule_id": "GHSA-rmmh-p597-ppvv", "scanner": "osv-scanner", "correlation_key": "vuln|showdown|CVE-2024-1899|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-qx2v-qp2m-jg93", "level": "warning", "message": {"text": "postcss: GHSA-qx2v-qp2m-jg93"}, "properties": {"repobilityId": 91304, "scanner": "osv-scanner", "fingerprint": "f6445a3d30df142eab246e6dc653722ba1e36620e23c71cc175be0b00ca43cdc", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-41305"], "package": "postcss", "rule_id": "GHSA-qx2v-qp2m-jg93", "scanner": "osv-scanner", "correlation_key": "vuln|postcss|CVE-2026-41305|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-3v7f-55p6-f55p", "level": "warning", "message": {"text": "picomatch: GHSA-3v7f-55p6-f55p"}, "properties": {"repobilityId": 91302, "scanner": "osv-scanner", "fingerprint": "9ad5c21234c694b21d5c7565068d90a9f73f9fc5a84f5f06128f4f9bff2fb6fe", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-33672"], "package": "picomatch", "rule_id": "GHSA-3v7f-55p6-f55p", "scanner": "osv-scanner", "correlation_key": "vuln|picomatch|CVE-2026-33672|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-mwcw-c2x4-8c55", "level": "warning", "message": {"text": "nanoid: GHSA-mwcw-c2x4-8c55"}, "properties": {"repobilityId": 91301, "scanner": "osv-scanner", "fingerprint": "40cb88c9e9770b5c64ba204d11465bf9f2c770586203cd8581451645901be4c0", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-55565"], "package": "nanoid", "rule_id": "GHSA-mwcw-c2x4-8c55", "scanner": "osv-scanner", "correlation_key": "vuln|nanoid|CVE-2024-55565|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-952p-6rrq-rcjv", "level": "warning", "message": {"text": "micromatch: GHSA-952p-6rrq-rcjv"}, "properties": {"repobilityId": 91297, "scanner": "osv-scanner", "fingerprint": "c0ab61c93d78d9ab87944c82eac8a56864510467224d1719db37fda4170b498b", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-4067"], "package": "micromatch", "rule_id": "GHSA-952p-6rrq-rcjv", "scanner": "osv-scanner", "correlation_key": "vuln|micromatch|CVE-2024-4067|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-38c4-r59v-3vqw", "level": "warning", "message": {"text": "markdown-it: GHSA-38c4-r59v-3vqw"}, "properties": {"repobilityId": 91296, "scanner": "osv-scanner", "fingerprint": "0e6edf41906d828159f54d2e12996a68cdc599bebb798b9d47cbee78f9e26fee", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-2327"], "package": "markdown-it", "rule_id": "GHSA-38c4-r59v-3vqw", "scanner": "osv-scanner", "correlation_key": "vuln|markdown-it|CVE-2026-2327|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-67mh-4wv8-2f99", "level": "warning", "message": {"text": "esbuild: GHSA-67mh-4wv8-2f99"}, "properties": {"repobilityId": 91293, "scanner": "osv-scanner", "fingerprint": "9edcfd792d3d73c2ccb8b9e696ac6d825b83341c1e456af5882438bbbba2c2c0", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "package": "esbuild", "rule_id": "GHSA-67mh-4wv8-2f99", "scanner": "osv-scanner", "correlation_key": "vuln|esbuild|GHSA-67MH-4WV8-2F99|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-f886-m6hf-6m8v", "level": "warning", "message": {"text": "brace-expansion: GHSA-f886-m6hf-6m8v"}, "properties": {"repobilityId": 91289, "scanner": "osv-scanner", "fingerprint": "62262b2f928a301d682481115b8a491a961bb3c25d01e61c5d02cf3ff6f0142b", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-33750"], "package": "brace-expansion", "rule_id": "GHSA-f886-m6hf-6m8v", "scanner": "osv-scanner", "correlation_key": "vuln|brace-expansion|CVE-2026-33750|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR003", "level": "warning", "message": {"text": "Compose service `frappe` image uses the latest tag"}, "properties": {"repobilityId": 91285, "scanner": "repobility-docker", "fingerprint": "7d8dcea8c825228b96e1ce742d3d51addde96e055403be2aeb31acff498ab9ed", "category": "docker", "severity": "medium", "confidence": 0.94, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Image tag is latest.", "evidence": {"image": "frappe/bench:latest", "rule_id": "DKR003", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|7d8dcea8c825228b96e1ce742d3d51addde96e055403be2aeb31acff498ab9ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/docker-compose.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "DKC013", "level": "warning", "message": {"text": "Database service has no persistent data volume"}, "properties": {"repobilityId": 91283, "scanner": "repobility-docker", "fingerprint": "09565deb170c2af78d1fb2675521f7ab3b3a33ba6d6400dc849a13464fa187c7", "category": "docker", "severity": "medium", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Database-like service does not mount a known data directory.", "evidence": {"rule_id": "DKC013", "scanner": "repobility-docker", "service": "redis", "references": ["https://docs.docker.com/engine/storage/volumes/"], "correlation_key": "fp|09565deb170c2af78d1fb2675521f7ab3b3a33ba6d6400dc849a13464fa187c7", "expected_targets": ["/data"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/docker-compose.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "DKC015", "level": "warning", "message": {"text": "Database service has no healthcheck"}, "properties": {"repobilityId": 91282, "scanner": "repobility-docker", "fingerprint": "83d5730f932f2463210d8860f44108f702a905e5a594a32ff1e3534924612735", "category": "docker", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Database-like service has no Compose healthcheck.", "evidence": {"rule_id": "DKC015", "scanner": "repobility-docker", "service": "mariadb", "references": ["https://docs.docker.com/compose/how-tos/startup-order/"], "correlation_key": "fp|83d5730f932f2463210d8860f44108f702a905e5a594a32ff1e3534924612735"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/docker-compose.yml"}, "region": {"startLine": 3}}}]}, {"ruleId": "SEC041", "level": "warning", "message": {"text": "[SEC041] Tabnabbing \u2014 target=\"_blank\" without rel=\"noopener noreferrer\": <a target=\"_blank\"> without rel=\"noopener noreferrer\" leaks window.opener to the opened page. The opened page can then run window.opener.location = 'phishing-site' and the parent tab quietly navigates to attacker-controlled content (reverse tabnabbing). OWASP-classic; modern browsers default rel='noopener' for new windows but explicit attribute is still required for compatibility."}, "properties": {"repobilityId": 91278, "scanner": "repobility-threat-engine", "fingerprint": "5ec130b3ca922b488eb6bfce21678a82b709142efc89b403c366c2ebb67d749d", "category": "security", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "<a href=\"/app/Form/%s/%s\" target=\"_blank\">", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC041", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|security|token|83|sec041"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment/program_enrollment.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `generate_fees` has cognitive complexity 18 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: and=1, else=3, except=1, for=2, if=4, nested_bonus=6, or=1."}, "properties": {"repobilityId": 91273, "scanner": "repobility-threat-engine", "fingerprint": "1cb7abcce70d771d7cd13461656a3853bc5865b908d3fe25191b7da676d92f8c", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 18 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "generate_fees", "breakdown": {"if": 4, "or": 1, "and": 1, "for": 2, "else": 3, "except": 1, "nested_bonus": 6}, "complexity": 18, "correlation_key": "fp|1cb7abcce70d771d7cd13461656a3853bc5865b908d3fe25191b7da676d92f8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/fee_schedule/fee_schedule.py"}, "region": {"startLine": 162}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `@vitejs/plugin-vue` is 4 major version(s) behind (^2.0.0 -> 6.0.7)"}, "properties": {"repobilityId": 91255, "scanner": "repobility-dependency-currency", "fingerprint": "fd4d80ce368153e36d7bf21782ce9eca2b75f777b944c36eb9a21cc5bc728871", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "4 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "@vitejs/plugin-vue", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "6.0.7", "correlation_key": "fp|fd4d80ce368153e36d7bf21782ce9eca2b75f777b944c36eb9a21cc5bc728871", "current_version": "^2.0.0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `vue-router` is 1 major version(s) behind (^4.0.12 -> 5.1.0)"}, "properties": {"repobilityId": 91254, "scanner": "repobility-dependency-currency", "fingerprint": "3b45ac12ced3bf8a00f3cf23b32a8a5f32a14a8b7fa5afc514b328d47c8c2131", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "1 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "vue-router", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "5.1.0", "correlation_key": "fp|3b45ac12ced3bf8a00f3cf23b32a8a5f32a14a8b7fa5afc514b328d47c8c2131", "current_version": "^4.0.12"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `pinia` is 1 major version(s) behind (^2.1.7 -> 3.0.4)"}, "properties": {"repobilityId": 91252, "scanner": "repobility-dependency-currency", "fingerprint": "05ca41c123dea65f52f48def2475a477390f675248fb4f326338c005ac670d38", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "1 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "pinia", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "3.0.4", "correlation_key": "fp|05ca41c123dea65f52f48def2475a477390f675248fb4f326338c005ac670d38", "current_version": "^2.1.7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 91230, "scanner": "repobility-ast-engine", "fingerprint": "ce85eb6637f800ac8096fa309deb6442b3ca51abd75f53d7854d1a526938914d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ce85eb6637f800ac8096fa309deb6442b3ca51abd75f53d7854d1a526938914d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/quiz/quiz.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 91229, "scanner": "repobility-ast-engine", "fingerprint": "c6a1d3c17b022b116e6daca7d060563af32276b522e683e6d18ef724118688f4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c6a1d3c17b022b116e6daca7d060563af32276b522e683e6d18ef724118688f4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/quiz/quiz.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 91227, "scanner": "repobility-ast-engine", "fingerprint": "68f3e1ba99b3de01be90a2f93b64aefc9a09f5b3f4a9611d604cd23925b02cff", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|68f3e1ba99b3de01be90a2f93b64aefc9a09f5b3f4a9611d604cd23925b02cff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course_scheduling_tool/course_scheduling_tool.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 91201, "scanner": "repobility-ast-engine", "fingerprint": "54e487a5ff38394a2e840a90d1fb064b8aa9b8cab044f898e7a2a5f22f94e556", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|54e487a5ff38394a2e840a90d1fb064b8aa9b8cab044f898e7a2a5f22f94e556"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/billing.py"}, "region": {"startLine": 125}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 91200, "scanner": "repobility-ast-engine", "fingerprint": "a338d02abb0c4d1a463ae540bf3ff7da023a41cc1504257f17cb0672f3fe7eff", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a338d02abb0c4d1a463ae540bf3ff7da023a41cc1504257f17cb0672f3fe7eff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/billing.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 91199, "scanner": "repobility-ast-engine", "fingerprint": "aa1197aa95bd5ec4decaa6a2f4090c83cb80678f475717fb6b103b241b51810f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa1197aa95bd5ec4decaa6a2f4090c83cb80678f475717fb6b103b241b51810f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/utils.py"}, "region": {"startLine": 229}}}]}, {"ruleId": "AIC004", "level": "warning", "message": {"text": "Suspicious implementation file appears unreferenced"}, "properties": {"repobilityId": 91188, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4a67b4e25e7a9825ca1bd74d0fb19a8070be1f4e68be4d2a64dfafb1760b4dc0", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Patch-style source file has no detected inbound reference from other repository files.", "evidence": {"suffix": "update", "rule_id": "AIC004", "scanner": "repobility-ai-code-hygiene", "references": ["https://knip.dev/", "https://github.com/jendrikseipp/vulture"], "correlation_key": "fp|4a67b4e25e7a9825ca1bd74d0fb19a8070be1f4e68be4d2a64dfafb1760b4dc0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/patches/v15_0/fee_schedule_status_update.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AUC005", "level": "note", "message": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "properties": {"repobilityId": 91326, "scanner": "repobility-access-control", "fingerprint": "c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e", "category": "auth", "severity": "low", "confidence": 0.76, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django"], "correlation_key": "fp|c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e"}}}, {"ruleId": "GHSA-jqfw-vq24-v9c3", "level": "note", "message": {"text": "vite: GHSA-jqfw-vq24-v9c3"}, "properties": {"repobilityId": 91318, "scanner": "osv-scanner", "fingerprint": "ff7938d4c7d45f8d1e6fa0315be388ff5b5cdd36ee9e66233e1695e173e1ad8d", "category": "dependency", "severity": "low", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-58752"], "package": "vite", "rule_id": "GHSA-jqfw-vq24-v9c3", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-58752|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-g4jq-h2w9-997c", "level": "note", "message": {"text": "vite: GHSA-g4jq-h2w9-997c"}, "properties": {"repobilityId": 91317, "scanner": "osv-scanner", "fingerprint": "c64584c405f6e714ae3d2a03f492038a806bed516c65937e3c89f479a61e862a", "category": "dependency", "severity": "low", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-58751"], "package": "vite", "rule_id": "GHSA-g4jq-h2w9-997c", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2025-58751|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-v6h2-p8h4-qcjw", "level": "note", "message": {"text": "brace-expansion: GHSA-v6h2-p8h4-qcjw"}, "properties": {"repobilityId": 91290, "scanner": "osv-scanner", "fingerprint": "7b2280aa232dc4988c23ecf1a364636009cc141d2b3e61927899a92aa5388efd", "category": "dependency", "severity": "low", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-5889"], "package": "brace-expansion", "rule_id": "GHSA-v6h2-p8h4-qcjw", "scanner": "osv-scanner", "correlation_key": "vuln|brace-expansion|CVE-2025-5889|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-vhrc-hgrq-x75r", "level": "note", "message": {"text": "@tiptap/extension-link: GHSA-vhrc-hgrq-x75r"}, "properties": {"repobilityId": 91288, "scanner": "osv-scanner", "fingerprint": "003cfba5b7796249c9c5bf424fc5177a1ef7901c1a89558806881b2dfe07f9f4", "category": "dependency", "severity": "low", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-14284"], "package": "@tiptap/extension-link", "rule_id": "GHSA-vhrc-hgrq-x75r", "scanner": "osv-scanner", "correlation_key": "vuln|tiptap/extension-link|CVE-2025-14284|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKC010", "level": "note", "message": {"text": "Compose service lacks no-new-privileges hardening"}, "properties": {"repobilityId": 91287, "scanner": "repobility-docker", "fingerprint": "377aae65d0b7f548e472e563cbf67d9759390c4c502fe64ecbc916c96c3689e0", "category": "docker", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "App-like service has no security_opt no-new-privileges setting.", "evidence": {"rule_id": "DKC010", "scanner": "repobility-docker", "service": "frappe", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|377aae65d0b7f548e472e563cbf67d9759390c4c502fe64ecbc916c96c3689e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/docker-compose.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "DKC006", "level": "note", "message": {"text": "Compose service does not declare a runtime user"}, "properties": {"repobilityId": 91286, "scanner": "repobility-docker", "fingerprint": "e12d506283d99dcc682e27a771065d5809cca87453189c215bcb8b3df70c6a8c", "category": "docker", "severity": "low", "confidence": 0.56, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Service has no user setting and Repobility could not prove the image runs non-root.", "evidence": {"rule_id": "DKC006", "scanner": "repobility-docker", "service": "frappe", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|e12d506283d99dcc682e27a771065d5809cca87453189c215bcb8b3df70c6a8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/docker-compose.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "DKC015", "level": "note", "message": {"text": "Database service has no healthcheck"}, "properties": {"repobilityId": 91284, "scanner": "repobility-docker", "fingerprint": "09c60a9f82cc350686f99fc01a97d0f8ae7d0d324e84315c89b64af605fb13fe", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Database-like service has no Compose healthcheck.", "evidence": {"rule_id": "DKC015", "scanner": "repobility-docker", "service": "redis", "references": ["https://docs.docker.com/compose/how-tos/startup-order/"], "correlation_key": "fp|09c60a9f82cc350686f99fc01a97d0f8ae7d0d324e84315c89b64af605fb13fe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/docker-compose.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `schedule_course` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, if=3, nested_bonus=3, while=1."}, "properties": {"repobilityId": 91272, "scanner": "repobility-threat-engine", "fingerprint": "cedcbe3c7700f04e26507bc4b7cb5707111c771f4ead90dab15dd5c0a55ffae3", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "schedule_course", "breakdown": {"if": 3, "while": 1, "except": 1, "nested_bonus": 3}, "complexity": 8, "correlation_key": "fp|cedcbe3c7700f04e26507bc4b7cb5707111c771f4ead90dab15dd5c0a55ffae3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course_scheduling_tool/course_scheduling_tool.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `add_quiz_activity` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, else=1, except=1, for=1, if=1, nested_bonus=3, ternary=1."}, "properties": {"repobilityId": 91271, "scanner": "repobility-threat-engine", "fingerprint": "a5d2ec0a2c0f0bb7d6eabdf2d41ba0a5b15962063e53ccc5593a09595ed32276", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "add_quiz_activity", "breakdown": {"if": 1, "for": 1, "elif": 1, "else": 1, "except": 1, "ternary": 1, "nested_bonus": 3}, "complexity": 9, "correlation_key": "fp|a5d2ec0a2c0f0bb7d6eabdf2d41ba0a5b15962063e53ccc5593a09595ed32276"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course_enrollment/course_enrollment.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "DEPCUR-NPM", "level": "note", "message": {"text": "npm package `postcss` is minor version(s) behind (^8.4.5 -> 8.5.15)"}, "properties": {"repobilityId": 91257, "scanner": "repobility-dependency-currency", "fingerprint": "6e5bae5271ee7cf584856f8683084e4c485c11d147204b08173ca2fb4abce8a6", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "postcss", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "8.5.15", "correlation_key": "fp|6e5bae5271ee7cf584856f8683084e4c485c11d147204b08173ca2fb4abce8a6", "current_version": "^8.4.5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "note", "message": {"text": "npm package `autoprefixer` is minor version(s) behind (^10.4.2 -> 10.5.0)"}, "properties": {"repobilityId": 91256, "scanner": "repobility-dependency-currency", "fingerprint": "38c1f4dd5ae8af3aa43f23a42399abbbb782023ad1effae0c4bfbca90f8c4e41", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "autoprefixer", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "10.5.0", "correlation_key": "fp|38c1f4dd5ae8af3aa43f23a42399abbbb782023ad1effae0c4bfbca90f8c4e41", "current_version": "^10.4.2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "note", "message": {"text": "npm package `qalendar` is minor version(s) behind (^3.6.1 -> 3.9.0)"}, "properties": {"repobilityId": 91253, "scanner": "repobility-dependency-currency", "fingerprint": "067fd5d709556bd13bbd1e18e8832c93d2b9146f3acd8537ce495cbf28525a57", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "qalendar", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "3.9.0", "correlation_key": "fp|067fd5d709556bd13bbd1e18e8832c93d2b9146f3acd8537ce495cbf28525a57", "current_version": "^3.6.1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "note", "message": {"text": "npm package `feather-icons` is minor version(s) behind (^4.28.0 -> 4.29.2)"}, "properties": {"repobilityId": 91250, "scanner": "repobility-dependency-currency", "fingerprint": "f47af075ed7b54bbf7badaf48332fc490759606447358d4ff7810c2946bcf3cc", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "feather-icons", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "4.29.2", "correlation_key": "fp|f47af075ed7b54bbf7badaf48332fc490759606447358d4ff7810c2946bcf3cc", "current_version": "^4.28.0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC005", "level": "note", "message": {"text": "Duplicate top-level symbol appears in a patch-style file"}, "properties": {"repobilityId": 91198, "scanner": "repobility-ai-code-hygiene", "fingerprint": "026c0a1ed6e5c6ed663def78b2a577c6bfa96b5d6917e96a8d283760599f73f9", "category": "quality", "severity": "low", "confidence": 0.64, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Patch-style file defines a top-level symbol also defined in another source file.", "evidence": {"symbol": "execute", "rule_id": "AIC005", "scanner": "repobility-ai-code-hygiene", "references": ["https://github.com/jendrikseipp/vulture", "https://knip.dev/"], "duplicate_file": "education/education/report/absent_student_report/absent_student_report.py", "correlation_key": "fp|026c0a1ed6e5c6ed663def78b2a577c6bfa96b5d6917e96a8d283760599f73f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/patches/v15_0/fee_schedule_status_update.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91197, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b889092d46f3ab214c4bd15138d98d28e0b93f77cde80ff26b4afaffa215f76b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "frontend/src/components/AttendanceDetail.vue", "duplicate_line": 14, "correlation_key": "fp|b889092d46f3ab214c4bd15138d98d28e0b93f77cde80ff26b4afaffa215f76b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/src/pages/Fees.vue"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91196, "scanner": "repobility-ai-code-hygiene", "fingerprint": "28d77f5938e38ee5c0e0d42ede0559cfd988fc1e5db70dabc984f160fd5af0b3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/report/student_monthly_attendance_sheet/student_monthly_attendance_sheet.js", "duplicate_line": 9, "correlation_key": "fp|28d77f5938e38ee5c0e0d42ede0559cfd988fc1e5db70dabc984f160fd5af0b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/src/components/Calendar.vue"}, "region": {"startLine": 113}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91195, "scanner": "repobility-ai-code-hygiene", "fingerprint": "da305a277dfa4da6805a3fbb9a1a878d6a2223e9be678a3e8f8107090791aba3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/report/absent_student_report/absent_student_report.py", "duplicate_line": 1, "correlation_key": "fp|da305a277dfa4da6805a3fbb9a1a878d6a2223e9be678a3e8f8107090791aba3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/report/student_batch_wise_attendance/student_batch_wise_attendance.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91194, "scanner": "repobility-ai-code-hygiene", "fingerprint": "71a0b727bed817eaf42c43701e0519dc2beb33b91fe04e0d505e21b95d7fc44c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/report/course_wise_assessment_report/course_wise_assessment_report.py", "duplicate_line": 72, "correlation_key": "fp|71a0b727bed817eaf42c43701e0519dc2beb33b91fe04e0d505e21b95d7fc44c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/report/final_assessment_grades/final_assessment_grades.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91193, "scanner": "repobility-ai-code-hygiene", "fingerprint": "916746256cb7f9ffec4ab28e2e8193b3a00cc9d409f0b82c6279eb7e8cd59b20", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/doctype/article/article.js", "duplicate_line": 15, "correlation_key": "fp|916746256cb7f9ffec4ab28e2e8193b3a00cc9d409f0b82c6279eb7e8cd59b20"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/quiz/quiz.js"}, "region": {"startLine": 28}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91192, "scanner": "repobility-ai-code-hygiene", "fingerprint": "579abd8c3179438d22dc91481f20b6645c4568a15ac84e1e1fc7cf175f427661", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/doctype/fee_schedule/fee_schedule.js", "duplicate_line": 7, "correlation_key": "fp|579abd8c3179438d22dc91481f20b6645c4568a15ac84e1e1fc7cf175f427661"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/fees/fees.js"}, "region": {"startLine": 32}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91191, "scanner": "repobility-ai-code-hygiene", "fingerprint": "17502dfdd46a3604529e427b5251e32365050c99a6ca86bfc497ab3084ba2889", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/doctype/fee_structure/fee_structure.js", "duplicate_line": 11, "correlation_key": "fp|17502dfdd46a3604529e427b5251e32365050c99a6ca86bfc497ab3084ba2889"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/fees/fees.js"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91190, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bea70de805fd58954fcd0a0e83690621a8c9efdbb09fca1f6cc35c237f3f5e6f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/doctype/fee_schedule/fee_schedule.js", "duplicate_line": 152, "correlation_key": "fp|bea70de805fd58954fcd0a0e83690621a8c9efdbb09fca1f6cc35c237f3f5e6f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/fee_structure/fee_structure.js"}, "region": {"startLine": 201}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 91189, "scanner": "repobility-ai-code-hygiene", "fingerprint": "332f427ac6c8e1ca5673f6fbed67e669444bbe3d321ca9f9a3a2d9c2a4e4be24", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "education/education/doctype/assessment_plan/assessment_plan.js", "duplicate_line": 32, "correlation_key": "fp|332f427ac6c8e1ca5673f6fbed67e669444bbe3d321ca9f9a3a2d9c2a4e4be24"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/assessment_result/assessment_result.js"}, "region": {"startLine": 7}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 91187, "scanner": "repobility-ai-code-hygiene", "fingerprint": "53d949b2ed5317faa2e941c9fb5e1c5183049c9d2ac6af07d5c6a3006cb97f76", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "update", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|53d949b2ed5317faa2e941c9fb5e1c5183049c9d2ac6af07d5c6a3006cb97f76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/patches/v15_0/fee_schedule_status_update.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 91280, "scanner": "repobility-threat-engine", "fingerprint": "a8b09bd24dbf188e713f7f5600408d6ec5811055aeccb40d89b67c95302f3e46", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a8b09bd24dbf188e713f7f5600408d6ec5811055aeccb40d89b67c95302f3e46"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/src/stores/user.js"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 91279, "scanner": "repobility-threat-engine", "fingerprint": "d2414099606c34fc73a9ec70be26688b3b7604423e1dd76dd7feedd4ad475a09", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d2414099606c34fc73a9ec70be26688b3b7604423e1dd76dd7feedd4ad475a09"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/src/stores/student.js"}, "region": {"startLine": 24}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 20 more): Same pattern found in 20 additional files. Review if needed."}, "properties": {"repobilityId": 91274, "scanner": "repobility-threat-engine", "fingerprint": "c042fe62eead079db5c4546f4a3bb017c524dda018829964964a5752d3f2abf3", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 20 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "add_quiz_activity", "breakdown": {"if": 1, "for": 1, "elif": 1, "else": 1, "except": 1, "ternary": 1, "nested_bonus": 3}, "aggregated": true, "complexity": 9, "correlation_key": "fp|c042fe62eead079db5c4546f4a3bb017c524dda018829964964a5752d3f2abf3", "aggregated_count": 20}}}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 14 more): Same pattern found in 14 additional files. Review if needed."}, "properties": {"repobilityId": 91270, "scanner": "repobility-threat-engine", "fingerprint": "60d3535791d57daecb7571f76beae1cc0e0c1ff976eb68234272a7f7e7d25fca", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 14 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 14 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|60d3535791d57daecb7571f76beae1cc0e0c1ff976eb68234272a7f7e7d25fca"}}}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class (and 40 more): Same pattern found in 40 additional files. Review if needed."}, "properties": {"repobilityId": 91266, "scanner": "repobility-threat-engine", "fingerprint": "cca5d9c564858aa3ff9b5ecb087853f581c5d4cc2090b7326d5e5ce56899224f", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 40 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|cca5d9c564858aa3ff9b5ecb087853f581c5d4cc2090b7326d5e5ce56899224f", "aggregated_count": 40}}}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 91265, "scanner": "repobility-threat-engine", "fingerprint": "6a4631ff7a91999c6138498480f19c1c86fd3e8cb72300d2b4f030d26b071ff5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6a4631ff7a91999c6138498480f19c1c86fd3e8cb72300d2b4f030d26b071ff5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/assessment_group/assessment_group.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 91264, "scanner": "repobility-threat-engine", "fingerprint": "0b667ab9505a6ec0dacb3e70ea48fbdea7f0ba45bf0b0783207e2d8d4f83a4f7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0b667ab9505a6ec0dacb3e70ea48fbdea7f0ba45bf0b0783207e2d8d4f83a4f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/assessment_criteria_group/assessment_criteria_group.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 91263, "scanner": "repobility-threat-engine", "fingerprint": "6174e4a515bada7f906a09b84c7f477a54298bf0c2461bcc369c249ced9343a2", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6174e4a515bada7f906a09b84c7f477a54298bf0c2461bcc369c249ced9343a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/__init__.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 45 more): Same pattern found in 45 additional files. Review if needed."}, "properties": {"repobilityId": 91262, "scanner": "repobility-threat-engine", "fingerprint": "1129ab4f52ac299e8d72bb096716a495edddf4d4646266045eca46ebbf71a5b6", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 45 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|1129ab4f52ac299e8d72bb096716a495edddf4d4646266045eca46ebbf71a5b6", "aggregated_count": 45}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 91261, "scanner": "repobility-threat-engine", "fingerprint": "0a6876557e404618ae7d12be9a6ccd8955e66f5ae066e7c26ee2767265e6fb2c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0a6876557e404618ae7d12be9a6ccd8955e66f5ae066e7c26ee2767265e6fb2c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/assessment_criteria_group/assessment_criteria_group.py"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 91260, "scanner": "repobility-threat-engine", "fingerprint": "f00222eafb0c547cbfe65b05a6847af5862053ae5269eeb5881ae618eed36d38", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f00222eafb0c547cbfe65b05a6847af5862053ae5269eeb5881ae618eed36d38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/article/article.py"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 91259, "scanner": "repobility-threat-engine", "fingerprint": "069ec637e48f422dd1306e962d21a242fd810bb33bc1edfb7125b33ff1e2b2ae", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|069ec637e48f422dd1306e962d21a242fd810bb33bc1edfb7125b33ff1e2b2ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/__init__.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED055", "level": "none", "message": {"text": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "properties": {"repobilityId": 91258, "scanner": "repobility-threat-engine", "fingerprint": "6acd496b4424481240b15941cd5875c945b0bb5029fee67fa2e4a75fbbad4d56", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "npm-install-no-lockfile", "owasp": "A06:2021", "cwe_ids": ["CWE-1357"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348030+00:00", "triaged_in_corpus": 12, "observations_count": 317602, "ai_coder_pattern_id": 42}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6acd496b4424481240b15941cd5875c945b0bb5029fee67fa2e4a75fbbad4d56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/helper/install.sh"}, "region": {"startLine": 10}}}]}, {"ruleId": "DEPCUR-NPM", "level": "none", "message": {"text": "npm package `frappe-ui` is patch version(s) behind (^0.1.17 -> 0.1.278)"}, "properties": {"repobilityId": 91251, "scanner": "repobility-dependency-currency", "fingerprint": "d5b947958bd3203bf11d2ce605042d07021750b6014de23cad5397857c6cac18", "category": "dependency", "severity": "info", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "patch version(s) behind", "signal": "currency", "cwe_ids": [], "package": "frappe-ui", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "0.1.278", "correlation_key": "fp|d5b947958bd3203bf11d2ce605042d07021750b6014de23cad5397857c6cac18", "current_version": "^0.1.17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "none", "message": {"text": "npm package `dayjs` is patch version(s) behind (^1.11.10 -> 1.11.21)"}, "properties": {"repobilityId": 91249, "scanner": "repobility-dependency-currency", "fingerprint": "6cf5cca03a7eb3f4712616da10ff75f8a0b6a5ed0f5dd7274bd58a9ba27c277e", "category": "dependency", "severity": "info", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "patch version(s) behind", "signal": "currency", "cwe_ids": [], "package": "dayjs", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "1.11.21", "correlation_key": "fp|6cf5cca03a7eb3f4712616da10ff75f8a0b6a5ed0f5dd7274bd58a9ba27c277e", "current_version": "^1.11.10"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-3h5v-q93c-6h6q", "level": "error", "message": {"text": "ws: GHSA-3h5v-q93c-6h6q"}, "properties": {"repobilityId": 91322, "scanner": "osv-scanner", "fingerprint": "6e40cd0b15a51778fcac7716f85a9e4a427809f7956e09c58e5d06b97c42b2b4", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-37890"], "package": "ws", "rule_id": "GHSA-3h5v-q93c-6h6q", "scanner": "osv-scanner", "correlation_key": "vuln|ws|CVE-2024-37890|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-c27g-q93r-2cwf", "level": "error", "message": {"text": "vite: GHSA-c27g-q93r-2cwf"}, "properties": {"repobilityId": 91316, "scanner": "osv-scanner", "fingerprint": "90df0d712975768a42eb9152facf3b59a0ceae11f250c7687c5aac6de7a73ff0", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-52011"], "package": "vite", "rule_id": "GHSA-c27g-q93r-2cwf", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2024-52011|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-677m-j7p3-52f9", "level": "error", "message": {"text": "socket.io-parser: GHSA-677m-j7p3-52f9"}, "properties": {"repobilityId": 91308, "scanner": "osv-scanner", "fingerprint": "e108681a9281ac2032463b29af0e41ecec7c6b49a48a1d7376d468dc4e53df82", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-33151"], "package": "socket.io-parser", "rule_id": "GHSA-677m-j7p3-52f9", "scanner": "osv-scanner", "correlation_key": "vuln|socket.io-parser|CVE-2026-33151|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-mw96-cpmx-2vgc", "level": "error", "message": {"text": "rollup: GHSA-mw96-cpmx-2vgc"}, "properties": {"repobilityId": 91306, "scanner": "osv-scanner", "fingerprint": "0cfb3feb60adc06bc7b44b39462be95186bf9bcad35a50b4862e891076f152f9", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-27606"], "package": "rollup", "rule_id": "GHSA-mw96-cpmx-2vgc", "scanner": "osv-scanner", "correlation_key": "vuln|rollup|CVE-2026-27606|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-gcx4-mw62-g8wm", "level": "error", "message": {"text": "rollup: GHSA-gcx4-mw62-g8wm"}, "properties": {"repobilityId": 91305, "scanner": "osv-scanner", "fingerprint": "8d5776e370c7e14a1bb06faea993be528c1d33c26f8983bbf5b6b3c0ba76480a", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-47068"], "package": "rollup", "rule_id": "GHSA-gcx4-mw62-g8wm", "scanner": "osv-scanner", "correlation_key": "vuln|rollup|CVE-2024-47068|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-c2c7-rcm5-vvqj", "level": "error", "message": {"text": "picomatch: GHSA-c2c7-rcm5-vvqj"}, "properties": {"repobilityId": 91303, "scanner": "osv-scanner", "fingerprint": "58b60064457f7b84829b1d8e0271e3a4e96ba04949815f53ed0f3001212ba354", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-33671"], "package": "picomatch", "rule_id": "GHSA-c2c7-rcm5-vvqj", "scanner": "osv-scanner", "correlation_key": "vuln|picomatch|CVE-2026-33671|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-7r86-cg39-jmmj", "level": "error", "message": {"text": "minimatch: GHSA-7r86-cg39-jmmj"}, "properties": {"repobilityId": 91300, "scanner": "osv-scanner", "fingerprint": "373c29d52840b560c46b083c8e50a85a92d911bdad19166746745882374845f8", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-27903"], "package": "minimatch", "rule_id": "GHSA-7r86-cg39-jmmj", "scanner": "osv-scanner", "correlation_key": "vuln|minimatch|CVE-2026-27903|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-3ppc-4f35-3m26", "level": "error", "message": {"text": "minimatch: GHSA-3ppc-4f35-3m26"}, "properties": {"repobilityId": 91299, "scanner": "osv-scanner", "fingerprint": "42fda087ab6244a8b5d1c8d8766b1026183f2997fbcd8a9e06154d447324f62f", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-26996"], "package": "minimatch", "rule_id": "GHSA-3ppc-4f35-3m26", "scanner": "osv-scanner", "correlation_key": "vuln|minimatch|CVE-2026-26996|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-23c5-xmqv-rm74", "level": "error", "message": {"text": "minimatch: GHSA-23c5-xmqv-rm74"}, "properties": {"repobilityId": 91298, "scanner": "osv-scanner", "fingerprint": "2033064c7a028c287616f1f66fff6d05e2593750392fc7f9ad15285326d91806", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-27904"], "package": "minimatch", "rule_id": "GHSA-23c5-xmqv-rm74", "scanner": "osv-scanner", "correlation_key": "vuln|minimatch|CVE-2026-27904|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-95jq-xph2-cx9h", "level": "error", "message": {"text": "linkifyjs: GHSA-95jq-xph2-cx9h"}, "properties": {"repobilityId": 91295, "scanner": "osv-scanner", "fingerprint": "7e103c9c76790ef1291da04769b8b06542af4ed07d82aee8353ae964a816e7ff", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-8101"], "package": "linkifyjs", "rule_id": "GHSA-95jq-xph2-cx9h", "scanner": "osv-scanner", "correlation_key": "vuln|linkifyjs|CVE-2025-8101|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-5j98-mcp5-4vw2", "level": "error", "message": {"text": "glob: GHSA-5j98-mcp5-4vw2"}, "properties": {"repobilityId": 91294, "scanner": "osv-scanner", "fingerprint": "660a56d7f8c44c61f3b30ea7c5f2017019b9dce20eeadda486f05925b5755564", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-64756"], "package": "glob", "rule_id": "GHSA-5j98-mcp5-4vw2", "scanner": "osv-scanner", "correlation_key": "vuln|glob|CVE-2025-64756|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-3xgq-45jj-v275", "level": "error", "message": {"text": "cross-spawn: GHSA-3xgq-45jj-v275"}, "properties": {"repobilityId": 91292, "scanner": "osv-scanner", "fingerprint": "cd2282845fc73c70beec0ceaf7020623c077220647619bd62e3181af185055eb", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-21538"], "package": "cross-spawn", "rule_id": "GHSA-3xgq-45jj-v275", "scanner": "osv-scanner", "correlation_key": "vuln|cross-spawn|CVE-2024-21538|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-grv7-fg5c-xmjg", "level": "error", "message": {"text": "braces: GHSA-grv7-fg5c-xmjg"}, "properties": {"repobilityId": 91291, "scanner": "osv-scanner", "fingerprint": "2b03d70fcb41e180b247569a11968d17169d0968c24dae7cecb336a45c4cdd2a", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-4068"], "package": "braces", "rule_id": "GHSA-grv7-fg5c-xmjg", "scanner": "osv-scanner", "correlation_key": "vuln|braces|CVE-2024-4068|frontend/yarn.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "frontend/yarn.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 91277, "scanner": "repobility-threat-engine", "fingerprint": "d860bdac0e1a89629b05d41d978057c586cd0c959eadcbc967a52d8d755ec58a", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".html(\n      `<div class=\"text-center text-muted\" style=\"line-height: 100px;\">\n\t\t\t\t${__('No Students", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d860bdac0e1a89629b05d41d978057c586cd0c959eadcbc967a52d8d755ec58a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/student_attendance_tool/student_attendance_tool.js"}, "region": {"startLine": 214}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 91276, "scanner": "repobility-threat-engine", "fingerprint": "0b834cd017c5487d115047a60d3951b16466ecf7593a5b95dbf5925ab9647bf3", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "map(\n                (c) => `\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td><a href=\"/app/course-schedule/${c.name}\">${c.n", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|0b834cd017c5487d115047a60d3951b16466ecf7593a5b95dbf5925ab9647bf3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course_scheduling_tool/course_scheduling_tool.js"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 91275, "scanner": "repobility-threat-engine", "fingerprint": "94451a04b0dc3fbafd39575d3e929c8ffb9d53b2c6d39161fd062444810e9c26", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|94451a04b0dc3fbafd39575d3e929c8ffb9d53b2c6d39161fd062444810e9c26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course_schedule/course_schedule.py"}, "region": {"startLine": 84}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 91269, "scanner": "repobility-threat-engine", "fingerprint": "75b13d168dc7fa5da0ed033d008074193a4144a385a6d0737eb029ee5dba3df8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "program.save()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|75b13d168dc7fa5da0ed033d008074193a4144a385a6d0737eb029ee5dba3df8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course/course.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 91268, "scanner": "repobility-threat-engine", "fingerprint": "8eb5c3b413eb0097b79e7dc4396b2b0f87460be81c24d7f8d70c1490fb8bfd69", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "max_scores.update({d.assessment_criteria: d.maximum_score})", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8eb5c3b413eb0097b79e7dc4396b2b0f87460be81c24d7f8d70c1490fb8bfd69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/assessment_result/assessment_result.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 91267, "scanner": "repobility-threat-engine", "fingerprint": "5cf5ebdce58de24d00b98557cb44522405102edc7feff38e5280a96a598c9f27", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "payment_record.save(ignore_permissions=True)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5cf5ebdce58de24d00b98557cb44522405102edc7feff38e5280a96a598c9f27"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/billing.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `pre-commit/action` pinned to mutable ref `@v3.0.1`"}, "properties": {"repobilityId": 91248, "scanner": "repobility-supply-chain", "fingerprint": "4c1b507b4ec829f8b3db08972c692697490c2691aa90cb55cb62c90d1f924a56", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4c1b507b4ec829f8b3db08972c692697490c2691aa90cb55cb62c90d1f924a56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/linters.yml"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 91247, "scanner": "repobility-supply-chain", "fingerprint": "2ea761da293123e6466ad9543f61f38eeb41c77c9c7f20c9c0176a50a753a2d2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2ea761da293123e6466ad9543f61f38eeb41c77c9c7f20c9c0176a50a753a2d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/linters.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 91246, "scanner": "repobility-supply-chain", "fingerprint": "f6e628f278e7c57d148cbb51a9418e50f261ae5430ab742caeda772bb15b68bf", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f6e628f278e7c57d148cbb51a9418e50f261ae5430ab742caeda772bb15b68bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/linters.yml"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 91245, "scanner": "repobility-supply-chain", "fingerprint": "6c4fc2a4e49ddabd8c0672078b5b105d1ae1096e55586b143927b8caa6ef718a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6c4fc2a4e49ddabd8c0672078b5b105d1ae1096e55586b143927b8caa6ef718a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/builds.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 91244, "scanner": "repobility-supply-chain", "fingerprint": "07380676c6ade8e4223e54b82a710429c027dd9a318d3ca1b8a18f4b5058a7ac", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|07380676c6ade8e4223e54b82a710429c027dd9a318d3ca1b8a18f4b5058a7ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/builds.yml"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED126", "level": "error", "message": {"text": "Workflow container/services image `mariadb:10.6` unpinned"}, "properties": {"repobilityId": 91243, "scanner": "repobility-supply-chain", "fingerprint": "56406fdf2b1e30b623710546ad52922eb503a740b0d9cfda938de8f2b3377c36", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-container-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|56406fdf2b1e30b623710546ad52922eb503a740b0d9cfda938de8f2b3377c36"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 35}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/cache` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 91242, "scanner": "repobility-supply-chain", "fingerprint": "4d5475631b0b08640d7a630b91163b0773200e5953ff68004469c2fe7c0e3689", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4d5475631b0b08640d7a630b91163b0773200e5953ff68004469c2fe7c0e3689"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/cache` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 91241, "scanner": "repobility-supply-chain", "fingerprint": "42959206fdc7121855cfadbb825ea4b2739a106151a6362289d9ee70de48e492", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|42959206fdc7121855cfadbb825ea4b2739a106151a6362289d9ee70de48e492"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/cache` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 91240, "scanner": "repobility-supply-chain", "fingerprint": "ad41361ebeedcc27ce4e68c941d3390482c8db3e2c0e4750663b9cca92635424", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ad41361ebeedcc27ce4e68c941d3390482c8db3e2c0e4750663b9cca92635424"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 69}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 91239, "scanner": "repobility-supply-chain", "fingerprint": "0f2858d54de4f58eeeeda44e6cc5a611d8c1410e8cf1b0c56508c70be58d847e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0f2858d54de4f58eeeeda44e6cc5a611d8c1410e8cf1b0c56508c70be58d847e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 91238, "scanner": "repobility-supply-chain", "fingerprint": "b1d77db3801d5a564c1281dac9e172aac55874fe3a94c8c17e8b64109ce7a691", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b1d77db3801d5a564c1281dac9e172aac55874fe3a94c8c17e8b64109ce7a691"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 91237, "scanner": "repobility-supply-chain", "fingerprint": "3a8c51ecefa109628636b1c52657f0b12c7ae61eab6cad9924ce96111f2a6144", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3a8c51ecefa109628636b1c52657f0b12c7ae61eab6cad9924ce96111f2a6144"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/mirrors-prettier` pinned to mutable rev `v2.7.1`"}, "properties": {"repobilityId": 91236, "scanner": "repobility-supply-chain", "fingerprint": "cd5d074fd19ab79e354ea7901e497223c6645ccf96175d4a7756325207185a93", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cd5d074fd19ab79e354ea7901e497223c6645ccf96175d4a7756325207185a93"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/PyCQA/flake8` pinned to mutable rev `5.0.4`"}, "properties": {"repobilityId": 91235, "scanner": "repobility-supply-chain", "fingerprint": "69e24f8935497c7c3c24ff6d6e8dadd3fa0e1f405dd1e840fcae1222dc6fa433", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|69e24f8935497c7c3c24ff6d6e8dadd3fa0e1f405dd1e840fcae1222dc6fa433"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v4.0.1`"}, "properties": {"repobilityId": 91234, "scanner": "repobility-supply-chain", "fingerprint": "e80ad888c6d791ea5f1f8101e19868e4be3de90ee8915f38ab30da7a514f5b07", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e80ad888c6d791ea5f1f8101e19868e4be3de90ee8915f38ab30da7a514f5b07"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_update_schedule_date"}, "properties": {"repobilityId": 91232, "scanner": "repobility-ast-engine", "fingerprint": "677e62f6d3349e27c7411e541a928cda454a4d6cece2a2dc27952632a6ca9e0e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|677e62f6d3349e27c7411e541a928cda454a4d6cece2a2dc27952632a6ca9e0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course_schedule/test_course_schedule.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_no_conflict"}, "properties": {"repobilityId": 91231, "scanner": "repobility-ast-engine", "fingerprint": "5a94965cb998111320fb23a66a5e5c45449bba3765ad8f4d425711863639baf9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5a94965cb998111320fb23a66a5e5c45449bba3765ad8f4d425711863639baf9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/course_schedule/test_course_schedule.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_create_course_enrollments"}, "properties": {"repobilityId": 91228, "scanner": "repobility-ast-engine", "fingerprint": "a82b965f5f81cdc4e228797032da706b6ffc2b769a3809fd7369779db235ef00", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a82b965f5f81cdc4e228797032da706b6ffc2b769a3809fd7369779db235ef00"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment/test_program_enrollment.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_term` used but never assigned in __init__"}, "properties": {"repobilityId": 91226, "scanner": "repobility-ast-engine", "fingerprint": "3a329cb8b7edd8a82af1ecbf5d1512cfc65983b1c46b079078eb9e39414da4f7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3a329cb8b7edd8a82af1ecbf5d1512cfc65983b1c46b079078eb9e39414da4f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_year` used but never assigned in __init__"}, "properties": {"repobilityId": 91225, "scanner": "repobility-ast-engine", "fingerprint": "2961226c1eedbc8b04bcd2eb6fe1ba54beca81185b4c997484c4641cd400cc8c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2961226c1eedbc8b04bcd2eb6fe1ba54beca81185b4c997484c4641cd400cc8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.new_student_batch` used but never assigned in __init__"}, "properties": {"repobilityId": 91224, "scanner": "repobility-ast-engine", "fingerprint": "e65d3ed5f0503c38d3c5d8d5aae8f9bd8883bbf3e3745ad4032092b7043ac6ba", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e65d3ed5f0503c38d3c5d8d5aae8f9bd8883bbf3e3745ad4032092b7043ac6ba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.enrollment_date` used but never assigned in __init__"}, "properties": {"repobilityId": 91223, "scanner": "repobility-ast-engine", "fingerprint": "070df3bd0ae3146b6dca20e49608c28804d43b3ad49ec417034ee3bbd67c29df", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|070df3bd0ae3146b6dca20e49608c28804d43b3ad49ec417034ee3bbd67c29df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.new_academic_term` used but never assigned in __init__"}, "properties": {"repobilityId": 91222, "scanner": "repobility-ast-engine", "fingerprint": "19a0b35f526a7d669c183a171abc8c6344fab85ae54cdf786dda4a5abeacd0a1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|19a0b35f526a7d669c183a171abc8c6344fab85ae54cdf786dda4a5abeacd0a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.new_academic_year` used but never assigned in __init__"}, "properties": {"repobilityId": 91221, "scanner": "repobility-ast-engine", "fingerprint": "331944edaccd1f56461be4d11d2137d799fbb469310c6dc3403f50900aacc1e3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|331944edaccd1f56461be4d11d2137d799fbb469310c6dc3403f50900aacc1e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.new_program` used but never assigned in __init__"}, "properties": {"repobilityId": 91220, "scanner": "repobility-ast-engine", "fingerprint": "ba5fde1be7acb0726ac228d9f96800b7ce513986659efe4281d3257dbf69ee66", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ba5fde1be7acb0726ac228d9f96800b7ce513986659efe4281d3257dbf69ee66"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.students` used but never assigned in __init__"}, "properties": {"repobilityId": 91219, "scanner": "repobility-ast-engine", "fingerprint": "695b9478cd3bad66dd28ec65cbaea25978e1d1c1ac593875d7c25ea238f9ad8c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|695b9478cd3bad66dd28ec65cbaea25978e1d1c1ac593875d7c25ea238f9ad8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.students` used but never assigned in __init__"}, "properties": {"repobilityId": 91218, "scanner": "repobility-ast-engine", "fingerprint": "f5307fe1f88e2cceff7798696c32996a1b43d38c05664b0fa9e7335699231d52", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f5307fe1f88e2cceff7798696c32996a1b43d38c05664b0fa9e7335699231d52"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.program` used but never assigned in __init__"}, "properties": {"repobilityId": 91217, "scanner": "repobility-ast-engine", "fingerprint": "15a78187d82aab21a523371a35d60de58fa6ee25d10263f5967386a4d897a43a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|15a78187d82aab21a523371a35d60de58fa6ee25d10263f5967386a4d897a43a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 57}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.student_batch` used but never assigned in __init__"}, "properties": {"repobilityId": 91216, "scanner": "repobility-ast-engine", "fingerprint": "468c59c8b2f6becebb9cb50fd9d8c2a0d5aa654cc0eed58ccab2eaae641cd579", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|468c59c8b2f6becebb9cb50fd9d8c2a0d5aa654cc0eed58ccab2eaae641cd579"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_term` used but never assigned in __init__"}, "properties": {"repobilityId": 91215, "scanner": "repobility-ast-engine", "fingerprint": "f9ba8c96048c7185e2dd88a3a2275aa6d5cc84644884e42a8f8d696726aa4f54", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9ba8c96048c7185e2dd88a3a2275aa6d5cc84644884e42a8f8d696726aa4f54"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.program` used but never assigned in __init__"}, "properties": {"repobilityId": 91214, "scanner": "repobility-ast-engine", "fingerprint": "3e8cbd77ca6e9a1a51cc5b2f1230d6f64d7a78f98197f92bf6fe7710bf7a3079", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3e8cbd77ca6e9a1a51cc5b2f1230d6f64d7a78f98197f92bf6fe7710bf7a3079"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_year` used but never assigned in __init__"}, "properties": {"repobilityId": 91213, "scanner": "repobility-ast-engine", "fingerprint": "bc57898a058456f3fe4ebfbd997f47e246d436df611290f45a4a18e0df7afa5e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bc57898a058456f3fe4ebfbd997f47e246d436df611290f45a4a18e0df7afa5e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_term` used but never assigned in __init__"}, "properties": {"repobilityId": 91212, "scanner": "repobility-ast-engine", "fingerprint": "d21e60783bfd1a7af1c9b917f7ee8ef6cc1ec120ee7d1b4944af0350a105272d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d21e60783bfd1a7af1c9b917f7ee8ef6cc1ec120ee7d1b4944af0350a105272d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_year` used but never assigned in __init__"}, "properties": {"repobilityId": 91211, "scanner": "repobility-ast-engine", "fingerprint": "fef91434c248b82c99bcddd189a8e1cc849c505d3a8fb3e5d5f0c3363f7c7589", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fef91434c248b82c99bcddd189a8e1cc849c505d3a8fb3e5d5f0c3363f7c7589"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.student_batch` used but never assigned in __init__"}, "properties": {"repobilityId": 91210, "scanner": "repobility-ast-engine", "fingerprint": "6aff7c1fcff278464b6e794ae2dbf470969f159718d21541376c7097dafa54d3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6aff7c1fcff278464b6e794ae2dbf470969f159718d21541376c7097dafa54d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_term` used but never assigned in __init__"}, "properties": {"repobilityId": 91209, "scanner": "repobility-ast-engine", "fingerprint": "b09be54609e57485792e5ea940b046084b51e851f835e297f136ab84d42ebe8e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b09be54609e57485792e5ea940b046084b51e851f835e297f136ab84d42ebe8e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_students_from` used but never assigned in __init__"}, "properties": {"repobilityId": 91208, "scanner": "repobility-ast-engine", "fingerprint": "1de7a704b09b0f9dc83618040e05d6e819411ef1280b1730bd226420324f846f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1de7a704b09b0f9dc83618040e05d6e819411ef1280b1730bd226420324f846f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_term` used but never assigned in __init__"}, "properties": {"repobilityId": 91207, "scanner": "repobility-ast-engine", "fingerprint": "30694f2348563cab84b431f39d20d480cc8790747ec6123474291d0557f9087b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|30694f2348563cab84b431f39d20d480cc8790747ec6123474291d0557f9087b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_students_from` used but never assigned in __init__"}, "properties": {"repobilityId": 91206, "scanner": "repobility-ast-engine", "fingerprint": "a2d8569121ba75f40774a10658c138e2a9bdd6899e47737f3f14cf02cabf4b13", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a2d8569121ba75f40774a10658c138e2a9bdd6899e47737f3f14cf02cabf4b13"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.academic_year` used but never assigned in __init__"}, "properties": {"repobilityId": 91205, "scanner": "repobility-ast-engine", "fingerprint": "2e677ae0fa98de5188f3c560da465c1dddb7b677a25efa36addaef7db520dfa9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2e677ae0fa98de5188f3c560da465c1dddb7b677a25efa36addaef7db520dfa9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.program` used but never assigned in __init__"}, "properties": {"repobilityId": 91204, "scanner": "repobility-ast-engine", "fingerprint": "14dfb7a736a0ff51415f0392b195d0745fc5166dfdc6b1cb6a489b5ae875656a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|14dfb7a736a0ff51415f0392b195d0745fc5166dfdc6b1cb6a489b5ae875656a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_students_from` used but never assigned in __init__"}, "properties": {"repobilityId": 91203, "scanner": "repobility-ast-engine", "fingerprint": "857072db271f54d4cd56b8d12a98d8e0f0a8b6ab11f75d7636c9dd2ef355f635", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|857072db271f54d4cd56b8d12a98d8e0f0a8b6ab11f75d7636c9dd2ef355f635"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.set_onload` used but never assigned in __init__"}, "properties": {"repobilityId": 91202, "scanner": "repobility-ast-engine", "fingerprint": "382953d9ec1ed11bfb67b616fad1ae3ea53ac5bb67c8223548a5f19c25902e26", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|382953d9ec1ed11bfb67b616fad1ae3ea53ac5bb67c8223548a5f19c25902e26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/education/doctype/program_enrollment_tool/program_enrollment_tool.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "DKC007", "level": "error", "message": {"text": "Compose service contains a literal secret environment value"}, "properties": {"repobilityId": 91281, "scanner": "repobility-docker", "fingerprint": "131a9c3fd970db14ad20bdfe20a2d5401b8fdc23fafacfbb4f399ef847b8b609", "category": "docker", "severity": "critical", "confidence": 0.96, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Environment variable name is secret-like and value is a committed literal.", "evidence": {"rule_id": "DKC007", "scanner": "repobility-docker", "service": "mariadb", "variable": "MYSQL_ROOT_PASSWORD", "references": ["https://docs.docker.com/compose/how-tos/environment-variables/best-practices/", "https://docs.docker.com/reference/compose-file/secrets/"], "path_context": "runtime", "correlation_key": "fp|131a9c3fd970db14ad20bdfe20a2d5401b8fdc23fafacfbb4f399ef847b8b609", "compose_secrets_declared": false}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/docker-compose.yml"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `email` used but not imported"}, "properties": {"repobilityId": 91233, "scanner": "repobility-ast-engine", "fingerprint": "4d0fe672245fe719fd06ff73f8cc6518c3ab9adaadc48922acd979816b62b9b6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4d0fe672245fe719fd06ff73f8cc6518c3ab9adaadc48922acd979816b62b9b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "education/patches/v15_0/fees_student_email.py"}, "region": {"startLine": 7}}}]}]}]}