Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
54 of your 194 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.
Upstream (GitHub) caused delay on this scan — not Repobility.
  • GitHub API rate-limited (HTTP 403) — preflight skipped, fell back to direct git clone.
  • Clone from GitHub took 101.56s for a 191.3 MB repo slow.
  • Repobility's analysis ran in 20.46s after the clone landed.

appwrite/appwrite

https://github.com/appwrite/appwrite · scanned 2026-06-05 10:16 UTC (5 days, 14 hours ago) · 10 languages

235 raw signals (173 security + 62 graph) 11/13 scanners ran System graph score 84 (lower by 21)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 5 days, 14 hours ago · v2 · 65 actionable findings from 2 signal sources. 139 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
80.7
/100
Security checks
78
34 findings
System graph
84
100.0% cov · 31 findings
Critical
5
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 85.0 0.15 12.75
security_score 85.0 0.25 21.25
testing_score 0.0 0.20 0.00
documentation_score 75.0 0.15 11.25
practices_score 83.0 0.15 12.45
code_quality 50.0 0.10 5.00
Overall 1.00 62.7
security_score may be inflated — optional security scanners were skipped on this fast scan
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 5 High 6 Medium 14 Low 29 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 34 System graph 31 Crowd 0 Layer: Cicd 21 Quality 14 Software 16 Security 3 Api 1 Frontend 5 Network 1 Hardware 4
Corpus Intelligence Cross-corpus context (cohort percentile, top patterns, fix plan) is shown only on repositories you own. Sign up and connect your repo to view it.
Scan summary Ranks in the 51st percentile among large-sized repos. Strongest documentation (81), testing (75); weakest security (45), practices (49). 134 findings (2 critical, 10 high). Most common pattern: cpp-new-without-delete.

Showing 52 of 65 actionable findings. 204 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

critical Security checks security Security .env file committed to repository
Remove .env from version control: git rm --cached .env. Add '.env' to .gitignore. Rotate all exposed credentials.
.env
critical Security checks software dependencies conf 0.90 ✓ Repobility [MINED123] Trojan Source bidi character (RLM) in source: Line 54 contains a Unicode bidirectional override character (U+200F RLM). This is the 'Trojan Source' attack (CVE-2021-42574): the character makes the compiler / interpreter see different code than the human reviewer.
Audit the line manually. If the character is not intentional (it almost never is in code), remove it. Configure your editor / pre-commit hook to reject bidi controls in source.
app/config/locale/currencies.php:54
critical Security checks security secrets conf 1.00 [SEC009] .env File Committed: .env file with secrets committed to repository.
Add .env to .gitignore. Rotate all exposed credentials.
.env
critical Security checks cicd CI/CD security conf 0.96 Compose service contains a literal secret environment value
Rotate the value if real. Move it to Docker Compose secrets, a platform secret manager, or an uncommitted environment file.
docker-compose.yml:1152 CI/CD securitycontainers
critical Security checks cicd CI/CD security conf 0.98 6 occurrences Compose service mounts the Docker socket
Avoid mounting docker.sock. Use a narrow proxy, rootless build service, or provider-native deployment credentials.
2 files, 6 locations
docker-compose.yml:13, 977, 1228 (3 hits)
tests/resources/docker/docker-compose.yml:1, 214, 354 (3 hits)
CI/CD securitycontainers
high Security checks software dependencies conf 0.90 ✓ Repobility 2 occurrences [MINED118] Dockerfile FROM `composer:2.0` not pinned by digest: `FROM composer:2.0` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
Replace with: `FROM composer:2.0@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot).
lines 1, 14
Dockerfile:1, 14 (2 hits)
high Security checks cicd CI/CD security conf 0.84 4 occurrences Database service publishes a host port
Use `expose` for service-to-service access, bind to 127.0.0.1 for local-only access, or protect the port with firewall rules.
2 files, 4 locations
docker-compose.yml:1051, 1069, 1185 (3 hits)
tests/resources/docker/docker-compose.yml:306
CI/CD securitycontainers
low Security checks cicd CI/CD security conf 0.90 ✓ Repobility 17 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lo…
7 files, 17 locations
.github/workflows/tests.yml:29, 51, 74, 86, 89, 122, 125, 192, +1 more (9 hits)
.github/workflows/pr-scan.yml:14, 47 (2 hits)
.github/workflows/sdk-preview.yml:22, 44 (2 hits)
.github/workflows/cleanup-cache.yml:13
.github/workflows/codeql-analysis.yml:37
.github/workflows/linter.yml:15
.github/workflows/static-analysis.yml:11
CI/CD securitySupply chainGitHub Actions
medium Security checks cicd CI/CD security conf 0.90 ✓ Repobility 8 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `github/ai-moderator` pinned to mutable ref `@v1`: `uses: github/ai-moderator@v1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SH…
3 files, 8 locations
.github/workflows/pr-scan.yml:29, 37, 92, 100 (4 hits)
.github/workflows/codeql-analysis.yml:50, 57, 71 (3 hits)
.github/workflows/ai-moderator.yml:30
CI/CD securitySupply chainGitHub Actions
high System graph security Secrets conf 1.00 .env file present in repo: .env
A raw .env file is in the working tree. Verify it isn't committed and that secrets are in a vault.
Config
medium Security checks quality Quality Average file size is 742 lines (recommend <300)
Refactor large files by extracting related functions into separate modules. Target files with 300+ lines first. Use the Single Responsibility Principle — each module should have one clear purpose.
medium Security checks cicd CI/CD security conf 0.94 Compose service `redis-insight` image uses the latest tag
Pin to a maintained version tag or digest and update it deliberately through dependency automation.
docker-compose.yml:1185 CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.88 Database service has no healthcheck
Add a database-native healthcheck such as pg_isready, mysqladmin ping, redis-cli ping, or the vendor's readiness command.
docker-compose.yml:1051 CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.74 Database service has no persistent data volume
Mount the database data directory to a named Docker volume or managed persistent disk, and document backup and restore testing.
docker-compose.yml:1185 CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.84 Docker build context is very large
Shrink the build context with .dockerignore, move generated/runtime data outside the build context, and copy only the manifest files needed for cached dependency layers.
.dockerignore CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.82 Docker final stage has no non-root USER
Add a non-root USER in the final runtime stage after files and permissions are prepared.
Dockerfile:105 CI/CD securitycontainers
medium System graph quality Integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — app/views/install/installer/js/installer.js:209
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — app/views/install/installer/js/modules/progress.js:383
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
runtime safetyRobustness
medium System graph hardware Security conf 1.00 Dockerfile runs as root: Dockerfile
No non-root USER set. Containers running as root expand the blast radius of any vulnerability inside the image.
Container
medium System graph cicd CI/CD security conf 1.00 GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
.github/workflows/ci.yml CI/CD securitySupply chainGithub actions
medium System graph cicd CI/CD security conf 1.00 GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
.github/workflows/cleanup-cache.yml CI/CD securitySupply chainGithub actions
medium System graph network Security conf 1.00 Privileged port 999 in use
Port 999 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
mongo-entrypoint.sh Ports
low Security checks cicd CI/CD security conf 0.72 .dockerignore misses sensitive defaults
Add missing patterns such as .env, .git, private keys, certificates, dependency folders, and local databases.
.dockerignore CI/CD securitycontainers
low Security checks cicd CI/CD security conf 0.68 13 occurrences App service does not wait for database health
Give the database a healthcheck and change the dependency to `depends_on: { db: { condition: service_healthy } }`.
2 files, 13 locations
tests/resources/docker/docker-compose.yml:87, 102, 123, 144, 165, 190, 214, 244, +3 more (11 hits)
docker-compose.yml:251, 1228 (2 hits)
CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.56 19 occurrences Compose service does not declare a runtime user
Set a non-root `user:` in Compose or ensure the final image stage has a non-root USER directive.
2 files, 19 locations
tests/resources/docker/docker-compose.yml:87, 102, 123, 144, 165, 190, 214, 244, +4 more (12 hits)
docker-compose.yml:251, 1112, 1134, 1143, 1152, 1212, 1228 (7 hits)
CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.62 19 occurrences Compose service lacks no-new-privileges hardening
Add `security_opt: ["no-new-privileges:true"]` unless the service has a documented need for privilege escalation.
2 files, 19 locations
tests/resources/docker/docker-compose.yml:87, 102, 123, 144, 165, 190, 214, 244, +4 more (12 hits)
docker-compose.yml:251, 1112, 1134, 1143, 1152, 1212, 1228 (7 hits)
CI/CD securitycontainers
low Security checks cicd CI/CD security conf 0.58 Database password is wired through an environment variable placeholder
Prefer Compose secrets or your platform secret manager with *_FILE variables where the image supports them. Rotate only if a real value was committed.
docker-compose.yml:1051 CI/CD securitycontainers
low Security checks cicd CI/CD security conf 0.72 3 occurrences Database service has no healthcheck
Add a database-native healthcheck such as pg_isready, mysqladmin ping, redis-cli ping, or the vendor's readiness command.
2 files, 3 locations
docker-compose.yml:1069, 1185 (2 hits)
tests/resources/docker/docker-compose.yml:343
CI/CD securitycontainers
low Security checks quality Quality conf 0.60 30 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
12 files, 15 locations
app/worker.php:85, 416 (2 hits)
public/sdk-project/services/storage.ts:1, 15 (2 hits)
public/sdk-project/services/teams.ts:1, 12 (2 hits)
app/realtime.php:85
public/sdk-console/services/storage.ts:15
public/sdk-console/services/teams.ts:12
public/sdk-project/client.ts:1
public/sdk-project/index.ts:1
duplicationquality
low System graph hardware Coverage conf 1.00 Containers defined but no K8s/orchestration manifest found
Repo has Dockerfiles/compose but no Kubernetes/Nomad manifests. If the target deployment is K8s, the manifests may live in a separate ops repo.
Deployment
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: appwrite/base:1.4.1
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:14 containersPinned dependencies
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: composer:2
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:1 containersPinned dependencies
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/views/install/installer/js/constants.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: mongo-init.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/account/graphql-full-selection.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/account/graphql-selection-set.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/account/rest.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/locale/graphql-batched.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/locale/graphql-full-selection.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/locale/graphql-selection-set.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/locale/rest-serial.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/graphql/locale/rest.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/benchmarks/ws.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/resources/functions/basic/maintenance.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/resources/sites/astro-custom-start-command/custom-server.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — .github/workflows/static-analysis/locale/index.js:42
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — tests/benchmarks/bulk-operations/documentCreation.js:23
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — tests/benchmarks/bulk-operations/LargeDocumentCreation.js:39
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — tests/benchmarks/bulk-operations/noisyNeighbor.js:43
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — tests/resources/sites/astro/src/pages/logs-action.js:2
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph quality Complexity conf 1.00 Very large file: public/sdk-project/services/account.ts (1989 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: public/sdk-web/services/account.ts (1989 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/02f7d406-321a-4cbd-b4ea-79ebfd3ac5aa/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/02f7d406-321a-4cbd-b4ea-79ebfd3ac5aa/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.