{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "[MINED109] Mutable default argument in `runTests` (list): `def runTests(... = []/{}/set())` \u2014 Python's default value is ", "shortDescription": {"text": "[MINED109] Mutable default argument in `runTests` (list): `def runTests(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every f"}, "fullDescription": {"text": "Use None as the default and create the collection inside the function: `def runTests(x=None): x = x or []`"}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "DKR007", "name": "Docker build context has no .dockerignore", "shortDescription": {"text": "Docker build context has no .dockerignore"}, "fullDescription": {"text": "Add .dockerignore with at least .git, .env, private keys, dependency folders, build outputs, and local databases."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "DKR001", "name": "Docker final stage has no non-root USER", "shortDescription": {"text": "Docker final stage has no non-root USER"}, "fullDescription": {"text": "Add a non-root USER in the final runtime stage after files and permissions are prepared."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "DKR009", "name": "Dockerfile separates apt update from install", "shortDescription": {"text": "Dockerfile separates apt update from install"}, "fullDescription": {"text": "Combine update and install in the same RUN instruction and clean package indexes in that layer."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC004", "name": "Suspicious implementation file appears unreferenced", "shortDescription": {"text": "Suspicious implementation file appears unreferenced"}, "fullDescription": {"text": "Confirm whether this file is reachable. If not, delete it; if yes, wire it through explicit imports, routes, or entry points and add a test that proves the path executes."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "AIC001", "name": "Parallel implementation file sits beside a canonical file", "shortDescription": {"text": "Parallel implementation file sits beside a canonical file"}, "fullDescription": {"text": "Merge the intended change into the canonical file, update tests/imports, and delete the parallel implementation if it is not the active entry point."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `parse` has cognitive complexity 22 (SonarSource scale). Cognitive complex", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `parse` has cognitive complexity 22 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all wei"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 22."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CORE_LARGE_FILES", "name": "Average file size is 524 lines (recommend <300)", "shortDescription": {"text": "Average file size is 524 lines (recommend <300)"}, "fullDescription": {"text": "Refactor large files by extracting related functions into separate modules. Target files with 300+ lines first. Use the Single Responsibility Principle \u2014 each module should have one clear purpose."}, "properties": {"scanner": "repobility-core", "category": "quality", "severity": "medium", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Rename it to the domain concept it implements or merge it into the existing module it was meant to change."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "SEC132", "name": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the la", "shortDescription": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on it"}, "fullDescription": {"text": "Python: `f\"prefix {var} suffix\"`. JS/TS: `` `prefix ${var} suffix` ``. Add a lint rule (pyupgrade UP032, eslint prefer-template) so future PRs catch this automatically."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC006", "name": "[SEC006] XSS Risk: Direct HTML injection without sanitization.", "shortDescription": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "fullDescription": {"text": "Use textContent instead of innerHTML. Sanitize with DOMPurify."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "low", "confidence": 0.4, "cwe": "", "owasp": ""}}, {"id": "MINED048", "name": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues.", "shortDescription": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED081", "name": "[MINED081] Java Printstacktrace: Should use logger, not stack trace to stderr.", "shortDescription": {"text": "[MINED081] Java Printstacktrace: Should use logger, not stack trace to stderr."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED077] Python Open No Context (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED045", "name": "[MINED045] Ts Non Null Assertion (and 36 more): Same pattern found in 36 additional files. Review if needed.", "shortDescription": {"text": "[MINED045] Ts Non Null Assertion (and 36 more): Same pattern found in 36 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED086", "name": "[MINED086] Kotlin Runtime Exception: Throwing bare RuntimeException loses type info.", "shortDescription": {"text": "[MINED086] Kotlin Runtime Exception: Throwing bare RuntimeException loses type info."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC084", "name": "[SEC084] JS: require() with non-literal (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[SEC084] JS: require() with non-literal (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Use static imports or a static mapping `const modules = { foo: require('./foo') }`."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 1 more): Same pattern found in 1 additi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 12 more): Same pattern found in 12 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC013", "name": "[SEC013] Path Traversal \u2014 User Input in File Path (and 1 more): Same pattern found in 1 additional files. Review if need", "shortDescription": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED080", "name": "[MINED080] Cpp Using Namespace Std (and 18 more): Same pattern found in 18 additional files. Review if needed.", "shortDescription": {"text": "[MINED080] Cpp Using Namespace Std (and 18 more): Same pattern found in 18 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete (and 72 more): Same pattern found in 72 additional files. Review if needed.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete (and 72 more): Same pattern found in 72 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED075", "name": "[MINED075] C Malloc No Check (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED075] C Malloc No Check (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-690 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 4 more): Same pattern found in 4 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy (and 6 more): Same pattern found in 6 additional files. Review if needed.", "shortDescription": {"text": "[MINED022] C Strcpy (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED134", "name": "[MINED134] Binary file `samples/java/sbt/sbt/sbt-launch.jar` committed in source repo: `samples/java/sbt/sbt/sbt-launch.", "shortDescription": {"text": "[MINED134] Binary file `samples/java/sbt/sbt/sbt-launch.jar` committed in source repo: `samples/java/sbt/sbt/sbt-launch.jar` is a .jar binary (1,103,618 bytes) committed to a repo that otherwise has 4868 source files. Trojan binaries inside"}, "fullDescription": {"text": "Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-RISCV.yaml` pinned to mutable ref `@main`: `uses:", "shortDescription": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-RISCV.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-RISCV.yaml@main` resolves at workflow-run time. Tags and branches c"}, "fullDescription": {"text": "Replace with: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-RISCV.yaml@<40-char-sha>  # main` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "[MINED118] Dockerfile FROM `ubuntu:18.04` not pinned by digest: `FROM ubuntu:18.04` resolves the tag at build time. The ", "shortDescription": {"text": "[MINED118] Dockerfile FROM `ubuntu:18.04` not pinned by digest: `FROM ubuntu:18.04` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images shou"}, "fullDescription": {"text": "Replace with: `FROM ubuntu:18.04@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_camshift: Test function `test_camshift` runs code but contains no assert / expect", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_camshift: Test function `test_camshift` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `mergeLibs` of class `Builder` reads `sel", "shortDescription": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `mergeLibs` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeErro"}, "fullDescription": {"text": "Initialize `self.getConfiguration = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC103", "name": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inje", "shortDescription": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "fullDescription": {"text": "Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders)."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC085", "name": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. ", "shortDescription": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "fullDescription": {"text": "Use execFile / spawn with separate args array; never pass shell strings."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED036", "name": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping.", "shortDescription": {"text": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC005", "name": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.", "shortDescription": {"text": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input."}, "fullDescription": {"text": "Use subprocess with shell=False and a list of args. Never eval user input."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED011", "name": "[MINED011] Scala Get On Option: Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.", "shortDescription": {"text": "[MINED011] Scala Get On Option: Option.get throws NoSuchElementException on None. Use getOrElse / fold / match."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED017", "name": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic.", "shortDescription": {"text": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This ra", "shortDescription": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import os` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED019", "name": "[MINED019] Ssti Jinja From String: jinja2.Environment().from_string(user_input) \u2014 full RCE via templates.", "shortDescription": {"text": "[MINED019] Ssti Jinja From String: jinja2.Environment().from_string(user_input) \u2014 full RCE via templates."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-94 / A03:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED024", "name": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk.", "shortDescription": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/789"}, "properties": {"repository": "opencv/opencv", "repoUrl": "https://github.com/opencv/opencv", "branch": "4.x"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66909, "scanner": "repobility-ast-engine", "fingerprint": "85d4fd3b66113c1b477c6af0c4072ac531b88db08f2e160bf8a5df4df5e26e60", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|85d4fd3b66113c1b477c6af0c4072ac531b88db08f2e160bf8a5df4df5e26e60"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "samples/python/camshift.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66908, "scanner": "repobility-ast-engine", "fingerprint": "999ae338f3445cdfcf89e78725e247c51836992c578db3d6ce96a30f3364bebf", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|999ae338f3445cdfcf89e78725e247c51836992c578db3d6ce96a30f3364bebf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "samples/python/camshift.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66907, "scanner": "repobility-ast-engine", "fingerprint": "3b43ad66353e56aa1b6090d6522534c920a6b830f9cbc377260315cd0dd31a89", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3b43ad66353e56aa1b6090d6522534c920a6b830f9cbc377260315cd0dd31a89"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "samples/python/deconvolution.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66906, "scanner": "repobility-ast-engine", "fingerprint": "2c39a02910e002d21112923ca3558bf4ac1d424dbe529cfebea4eefa0ec6eb9d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2c39a02910e002d21112923ca3558bf4ac1d424dbe529cfebea4eefa0ec6eb9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/trace_profiler.py"}, "region": {"startLine": 292}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66905, "scanner": "repobility-ast-engine", "fingerprint": "a1832c6f40e423d59cf5608054510b6cdcbb9fa910df9d4ef40b63bec85e0f0b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a1832c6f40e423d59cf5608054510b6cdcbb9fa910df9d4ef40b63bec85e0f0b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/run_suite.py"}, "region": {"startLine": 163}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `runTests` (list): `def runTests(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66904, "scanner": "repobility-ast-engine", "fingerprint": "5a29cae2bb1535e983f9102e6ec799f8098bd87df39ee8e115d9fa8a78547142", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5a29cae2bb1535e983f9102e6ec799f8098bd87df39ee8e115d9fa8a78547142"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/run_suite.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `runTest` (list): `def runTest(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66903, "scanner": "repobility-ast-engine", "fingerprint": "6c8cec10bf92f5fbfd3835c0157e0b62c4c89072a2b4b51e8e449e82f2e9ad16", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6c8cec10bf92f5fbfd3835c0157e0b62c4c89072a2b4b51e8e449e82f2e9ad16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/run_suite.py"}, "region": {"startLine": 114}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66902, "scanner": "repobility-ast-engine", "fingerprint": "02d0472c9261ced68952e5200f1fe118d776f1ddd3decfbefee737b1a6207a64", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|02d0472c9261ced68952e5200f1fe118d776f1ddd3decfbefee737b1a6207a64"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/table_formatter.py"}, "region": {"startLine": 626}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `runTest` (list): `def runTest(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66900, "scanner": "repobility-ast-engine", "fingerprint": "e597fa8058f3e005fade3f1d0fd18ef789d48cf7a9dc6200928c064feac620d3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e597fa8058f3e005fade3f1d0fd18ef789d48cf7a9dc6200928c064feac620d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/run_android.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66899, "scanner": "repobility-ast-engine", "fingerprint": "a00b9292ee5590a66825bf5d00262b27a62a29b3790450088cb9711d68ebb5b2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a00b9292ee5590a66825bf5d00262b27a62a29b3790450088cb9711d68ebb5b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/run_android.py"}, "region": {"startLine": 109}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `run` (list): `def run(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66898, "scanner": "repobility-ast-engine", "fingerprint": "59fa89b76727c6aa5e7a70e0f217bb0d699903f48e70e4e0efd6ed11d251dc6a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|59fa89b76727c6aa5e7a70e0f217bb0d699903f48e70e4e0efd6ed11d251dc6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/run_android.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66897, "scanner": "repobility-ast-engine", "fingerprint": "f475526e56b2069c501b4835ccf8dbda3778d95ec23d2cfd55bf4227e8f7e892", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f475526e56b2069c501b4835ccf8dbda3778d95ec23d2cfd55bf4227e8f7e892"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/imgproc/misc/python/test/test_imgproc.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66896, "scanner": "repobility-ast-engine", "fingerprint": "ec50956de2167357fbe546b6195c9e658a042c9d649128e19b86d3e0c8d5dd99", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ec50956de2167357fbe546b6195c9e658a042c9d649128e19b86d3e0c8d5dd99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/parser_clfft.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66895, "scanner": "repobility-ast-engine", "fingerprint": "bbabc341361f992e74f6b568c6e72c6356c5de550965295768c277fa5d90720d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bbabc341361f992e74f6b568c6e72c6356c5de550965295768c277fa5d90720d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/common.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66894, "scanner": "repobility-ast-engine", "fingerprint": "09ce958cf3fe3f468e99989dbbaa5f53408ba23f7af762f2adfb3070ee11efff", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09ce958cf3fe3f468e99989dbbaa5f53408ba23f7af762f2adfb3070ee11efff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/parser_cl.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66893, "scanner": "repobility-ast-engine", "fingerprint": "d2829c5dca651188717b6b6da688e9ae4480f7dad6fa8a069c8c1864c9e484f6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2829c5dca651188717b6b6da688e9ae4480f7dad6fa8a069c8c1864c9e484f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/parser_clblas.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66892, "scanner": "repobility-ast-engine", "fingerprint": "8f8a61d2604633c1d95f9d20cb875b22e8e5035eaac120ab7839b208982953c9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8f8a61d2604633c1d95f9d20cb875b22e8e5035eaac120ab7839b208982953c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/package/cv2/__init__.py"}, "region": {"startLine": 140}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66891, "scanner": "repobility-ast-engine", "fingerprint": "8c273092700db4299700e37f7da5486a53539e04fa95182331275371ee78af63", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8c273092700db4299700e37f7da5486a53539e04fa95182331275371ee78af63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/package/cv2/__init__.py"}, "region": {"startLine": 128}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66890, "scanner": "repobility-ast-engine", "fingerprint": "03f49f6af1bf07fc0a1d8e5ac9c9cd42804983cd89d98ffe71db3279821fda23", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|03f49f6af1bf07fc0a1d8e5ac9c9cd42804983cd89d98ffe71db3279821fda23"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/package/cv2/__init__.py"}, "region": {"startLine": 168}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66889, "scanner": "repobility-ast-engine", "fingerprint": "d2902dd1436a39a63476d35d0c72ec3703fdec10353bb14b3d13817422f5ebf6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2902dd1436a39a63476d35d0c72ec3703fdec10353bb14b3d13817422f5ebf6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_misc.py"}, "region": {"startLine": 253}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66888, "scanner": "repobility-ast-engine", "fingerprint": "2e7718e0f0584b9cdbddaabdc54e5c54f4709494c8314372611fa62e38c0ca1e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2e7718e0f0584b9cdbddaabdc54e5c54f4709494c8314372611fa62e38c0ca1e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_misc.py"}, "region": {"startLine": 222}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `find_file` (list): `def find_file(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66886, "scanner": "repobility-ast-engine", "fingerprint": "8e40fdd59eed90d4f15c310bc7c836d045d0f381b1fc5ba4f5e72a29b157398d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8e40fdd59eed90d4f15c310bc7c836d045d0f381b1fc5ba4f5e72a29b157398d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/tests_common.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66880, "scanner": "repobility-ast-engine", "fingerprint": "45b4ed98e2947c3ecc7d70fd1ae4e867048b827ece5eb1329763ff7de9833760", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|45b4ed98e2947c3ecc7d70fd1ae4e867048b827ece5eb1329763ff7de9833760"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/src2/typing_stubs_generator.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66879, "scanner": "repobility-ast-engine", "fingerprint": "2a58604a3cf8a7f21671be035e91981714f365e6bcf2eabff1700ad8b155f82f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a58604a3cf8a7f21671be035e91981714f365e6bcf2eabff1700ad8b155f82f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/src2/hdr_parser.py"}, "region": {"startLine": 904}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66878, "scanner": "repobility-ast-engine", "fingerprint": "5d7f353760582e6574b84d444ad4e949eb359714b036720511e2408e54a566dd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5d7f353760582e6574b84d444ad4e949eb359714b036720511e2408e54a566dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/src2/hdr_parser.py"}, "region": {"startLine": 889}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66877, "scanner": "repobility-ast-engine", "fingerprint": "809b011c99ae6079892c29ad347ce28c116c8403d535009b9ad7340dcd46570a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|809b011c99ae6079892c29ad347ce28c116c8403d535009b9ad7340dcd46570a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/objc/generator/gen_objc.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66876, "scanner": "repobility-ast-engine", "fingerprint": "636bf72c87d0874b96154be2add140fd555150390e05ea1aa1b5e28215aaa6f0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|636bf72c87d0874b96154be2add140fd555150390e05ea1aa1b5e28215aaa6f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/objc/generator/gen_objc.py"}, "region": {"startLine": 473}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66875, "scanner": "repobility-ast-engine", "fingerprint": "80b75add5aced566f0a94acb4d687e614bf27205db5dc890e43d689199ecba24", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|80b75add5aced566f0a94acb4d687e614bf27205db5dc890e43d689199ecba24"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/objc/generator/gen_objc.py"}, "region": {"startLine": 273}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66874, "scanner": "repobility-ast-engine", "fingerprint": "168ee671ce66a30f516d20df46c953685170a82c3d9a6f51618ba007cfefc057", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|168ee671ce66a30f516d20df46c953685170a82c3d9a6f51618ba007cfefc057"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/objc/generator/gen_objc.py"}, "region": {"startLine": 210}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66871, "scanner": "repobility-ast-engine", "fingerprint": "9d5c2c767aaf469488ddbc29042e85e552f229ea3acf7960cbec388af1115eb0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9d5c2c767aaf469488ddbc29042e85e552f229ea3acf7960cbec388af1115eb0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66853, "scanner": "repobility-ast-engine", "fingerprint": "99586581fb1960086e2f8905bd317cc5b3d2bbb963425122897d4913f2ccc87a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|99586581fb1960086e2f8905bd317cc5b3d2bbb963425122897d4913f2ccc87a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66852, "scanner": "repobility-ast-engine", "fingerprint": "a86fc6f4ab995a486a488882a88fd36fbd281345e5a7a9561d882e94b8c70a1c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a86fc6f4ab995a486a488882a88fd36fbd281345e5a7a9561d882e94b8c70a1c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3668}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66851, "scanner": "repobility-ast-engine", "fingerprint": "6f4ba1a34db83122f512d4f82a2e3d983ca7b1eab4b92c2328ae72432f7b04a5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6f4ba1a34db83122f512d4f82a2e3d983ca7b1eab4b92c2328ae72432f7b04a5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3618}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66850, "scanner": "repobility-ast-engine", "fingerprint": "cf11a64e5ab14868e010a331c0646a903e432a43fe4893bff4812b706425e2a6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf11a64e5ab14868e010a331c0646a903e432a43fe4893bff4812b706425e2a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3559}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66849, "scanner": "repobility-ast-engine", "fingerprint": "dff1b0936578a9ef586509e8eea796e60eaad3a3cc06eb448091bf798e4c94bf", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dff1b0936578a9ef586509e8eea796e60eaad3a3cc06eb448091bf798e4c94bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3508}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66848, "scanner": "repobility-ast-engine", "fingerprint": "ddd7fb82d897bbb73393fd7a56bb519839c88352d7f2d6b783ca20ba7ae84858", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ddd7fb82d897bbb73393fd7a56bb519839c88352d7f2d6b783ca20ba7ae84858"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3456}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66847, "scanner": "repobility-ast-engine", "fingerprint": "32d134afe6293402fdec23a0e8e81a73553ab32b7108b7d32eb083f3b7e95f9d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|32d134afe6293402fdec23a0e8e81a73553ab32b7108b7d32eb083f3b7e95f9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3381}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66846, "scanner": "repobility-ast-engine", "fingerprint": "e5747535722f19596e6cd04aa178417e8664268cd8bb9ea32595180813870cbe", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e5747535722f19596e6cd04aa178417e8664268cd8bb9ea32595180813870cbe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3328}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66845, "scanner": "repobility-ast-engine", "fingerprint": "fac510081c1237aa17529cadec6346e86b6400bd8a75cdb9ca6c46e4091fae8b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fac510081c1237aa17529cadec6346e86b6400bd8a75cdb9ca6c46e4091fae8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3273}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66844, "scanner": "repobility-ast-engine", "fingerprint": "0b3d8fd1b74cbab94ca4210ccf081e82b4781203072140310582b78c71f47e7d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0b3d8fd1b74cbab94ca4210ccf081e82b4781203072140310582b78c71f47e7d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3178}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66843, "scanner": "repobility-ast-engine", "fingerprint": "ee509c19e95665c9d293f97adbc1fa6fa140fc20a06c0211730b917ca935835d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ee509c19e95665c9d293f97adbc1fa6fa140fc20a06c0211730b917ca935835d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 3115}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66842, "scanner": "repobility-ast-engine", "fingerprint": "75cd67c6651054999c47b353dfcda72626287ed10d38d2f1e9d6f83b32253dc1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|75cd67c6651054999c47b353dfcda72626287ed10d38d2f1e9d6f83b32253dc1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 2638}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66841, "scanner": "repobility-ast-engine", "fingerprint": "eeb64afae1cad0191a811e8bcdef7223a8d56c38bf516cf66018eb2b5e190476", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eeb64afae1cad0191a811e8bcdef7223a8d56c38bf516cf66018eb2b5e190476"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 2141}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66840, "scanner": "repobility-ast-engine", "fingerprint": "302ffbefe5d38c46525bb870e051771c07a1384b9034859443c147d6ba796935", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|302ffbefe5d38c46525bb870e051771c07a1384b9034859443c147d6ba796935"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 1897}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66839, "scanner": "repobility-ast-engine", "fingerprint": "09bbe0728e8f4e8f45c39468f5669d3b49b75648714e3aef77dad040bed26612", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09bbe0728e8f4e8f45c39468f5669d3b49b75648714e3aef77dad040bed26612"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/svgfig.py"}, "region": {"startLine": 1180}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66830, "scanner": "repobility-ast-engine", "fingerprint": "dabf36877a9a1cd20a33e36c850ee9e1221ecda844aea9e9ccba80d20534a3b1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dabf36877a9a1cd20a33e36c850ee9e1221ecda844aea9e9ccba80d20534a3b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/run_tests.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66829, "scanner": "repobility-ast-engine", "fingerprint": "91d5696d4a324fcc1725cc336efb5313d496fac114af1245f3f8156f441e8e4e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|91d5696d4a324fcc1725cc336efb5313d496fac114af1245f3f8156f441e8e4e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 199}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `buildOne` (list): `def buildOne(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66828, "scanner": "repobility-ast-engine", "fingerprint": "00362483da4e0dcb61b43389cbceefd4dc3ede326f450a0001453a39cb3240e3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|00362483da4e0dcb61b43389cbceefd4dc3ede326f450a0001453a39cb3240e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 330}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `makeCMakeCmd` (list): `def makeCMakeCmd(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 66827, "scanner": "repobility-ast-engine", "fingerprint": "a3f8f1a5f52a7015edc6b62e403841a09a45b7eb61017a90e43f50936d740e3d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a3f8f1a5f52a7015edc6b62e403841a09a45b7eb61017a90e43f50936d740e3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 292}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 66801, "scanner": "repobility-ast-engine", "fingerprint": "801b734d84b625c253292b3a203285e4ef075587152fd9f3cf665431a3bb7154", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|801b734d84b625c253292b3a203285e4ef075587152fd9f3cf665431a3bb7154"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/apple/build_xcframework.py"}, "region": {"startLine": 179}}}]}, {"ruleId": "DKR007", "level": "warning", "message": {"text": "Docker build context has no .dockerignore"}, "properties": {"repobilityId": 66800, "scanner": "repobility-docker", "fingerprint": "c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Dockerfile exists but repository root has no .dockerignore.", "evidence": {"rule_id": "DKR007", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 66799, "scanner": "repobility-docker", "fingerprint": "8165dcd3cb5c8e7bb98ab65e2aa45179122a37778a7c1d17bf6f15d1e2ba0b72", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "ubuntu:18.04", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|8165dcd3cb5c8e7bb98ab65e2aa45179122a37778a7c1d17bf6f15d1e2ba0b72"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/videoio/misc/plugin_gstreamer/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR009", "level": "warning", "message": {"text": "Dockerfile separates apt update from install"}, "properties": {"repobilityId": 66798, "scanner": "repobility-docker", "fingerprint": "1fb7458f4081f612fbc0286170a8daa029b6402e1ca6075b8d296ef15d64f36f", "category": "docker", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Package index update appears without package installation in the same layer.", "evidence": {"rule_id": "DKR009", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|1fb7458f4081f612fbc0286170a8daa029b6402e1ca6075b8d296ef15d64f36f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/videoio/misc/plugin_gstreamer/Dockerfile"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC004", "level": "warning", "message": {"text": "Suspicious implementation file appears unreferenced"}, "properties": {"repobilityId": 66767, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fad861226b8b952f44991b6bf54d4378023fa4a71f591dca0d6758b1dc3fd05b", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Patch-style source file has no detected inbound reference from other repository files.", "evidence": {"suffix": "fix", "rule_id": "AIC004", "scanner": "repobility-ai-code-hygiene", "references": ["https://knip.dev/", "https://github.com/jendrikseipp/vulture"], "correlation_key": "fp|fad861226b8b952f44991b6bf54d4378023fa4a71f591dca0d6758b1dc3fd05b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jpc_fix.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC001", "level": "warning", "message": {"text": "Parallel implementation file sits beside a canonical file"}, "properties": {"repobilityId": 66766, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e427181128597d26633859fab7318fc524a328de69478042014f63ee6b9aa4cb", "category": "quality", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Source filename has a patch-style suffix and a same-directory canonical sibling exists.", "evidence": {"suffix": "new", "rule_id": "AIC001", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195", "https://knip.dev/"], "canonical_file": "modules/imgproc/src/emd.cpp", "correlation_key": "fp|e427181128597d26633859fab7318fc524a328de69478042014f63ee6b9aa4cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/imgproc/src/emd_new.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC001", "level": "warning", "message": {"text": "Parallel implementation file sits beside a canonical file"}, "properties": {"repobilityId": 66765, "scanner": "repobility-ai-code-hygiene", "fingerprint": "522623ce1eba76973284976dd108f8d42cd0017c685bd7f58930bc4ed389859f", "category": "quality", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Source filename has a patch-style suffix and a same-directory canonical sibling exists.", "evidence": {"suffix": "new", "rule_id": "AIC001", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195", "https://knip.dev/"], "canonical_file": "modules/imgproc/src/contours.cpp", "correlation_key": "fp|522623ce1eba76973284976dd108f8d42cd0017c685bd7f58930bc4ed389859f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/imgproc/src/contours_new.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `parse` has cognitive complexity 22 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=4, for=1, if=7, nested_bonus=10."}, "properties": {"repobilityId": 66741, "scanner": "repobility-threat-engine", "fingerprint": "72a957eb76bbdd1e6e395e4bf9e30c7140136984e67fcb0129463e62a474dfb0", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 22 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "parse", "breakdown": {"if": 7, "for": 1, "continue": 4, "nested_bonus": 10}, "complexity": 22, "correlation_key": "fp|72a957eb76bbdd1e6e395e4bf9e30c7140136984e67fcb0129463e62a474dfb0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tools/scan_tutorials.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 66726, "scanner": "repobility-threat-engine", "fingerprint": "9fd0ddbb85246c7a6f01f5361f58eadfb6f2aed37ecf000a0b08cf20e8f44679", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "exec(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|139|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/samples/privacy_masking_camera.cpp"}, "region": {"startLine": 139}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 66725, "scanner": "repobility-threat-engine", "fingerprint": "991bb78c9d85a75200fb21737a5d59f697cdb02731a670462db0480d4ab8cf69", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|63|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/webnn-electron/utils_webnn_electron.js"}, "region": {"startLine": 63}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 66724, "scanner": "repobility-threat-engine", "fingerprint": "b95b3af869cf7fe3f1748afddea7cbb2e9023b876058b6e2a0c24478c7b0246c", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|74|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/utils.js"}, "region": {"startLine": 74}}}]}, {"ruleId": "CORE_LARGE_FILES", "level": "warning", "message": {"text": "Average file size is 524 lines (recommend <300)"}, "properties": {"repobilityId": 66686, "scanner": "repobility-core", "fingerprint": "5e538b1141a915e5ab17362b50a09c66ff1aa1e71ec6fb5a0550399962ee3596", "category": "quality", "severity": "medium", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_LARGE_FILES", "scanner": "repobility-core", "correlation_key": "fp|5e538b1141a915e5ab17362b50a09c66ff1aa1e71ec6fb5a0550399962ee3596"}}}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66797, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2cfc99bd01b6ada01458ba2289d0de5f087074f48d0f56781220dd0990e56ff8", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/src/jccoefct.c", "duplicate_line": 16, "correlation_key": "fp|2cfc99bd01b6ada01458ba2289d0de5f087074f48d0f56781220dd0990e56ff8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/src/jctrans.c"}, "region": {"startLine": 115}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66796, "scanner": "repobility-ai-code-hygiene", "fingerprint": "db82e0216166ad3b9edc35a7a72dc1eab31bf603cb9cd850f9b73d4afbde32a2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/src/jcmainct.c", "duplicate_line": 60, "correlation_key": "fp|db82e0216166ad3b9edc35a7a72dc1eab31bf603cb9cd850f9b73d4afbde32a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/src/jcprepct.c"}, "region": {"startLine": 168}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66795, "scanner": "repobility-ai-code-hygiene", "fingerprint": "59d4fa7658786acdbdfb16b8fb2cc5a1b73f62253d1adcc04d884f4d72b4e2e4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/src/jccolor.c", "duplicate_line": 278, "correlation_key": "fp|59d4fa7658786acdbdfb16b8fb2cc5a1b73f62253d1adcc04d884f4d72b4e2e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/src/jcparam.c"}, "region": {"startLine": 125}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66794, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b4400c1597ce2d78ac9a7fd55a6f5674d6d46acd583ddbf22cee47e90d6a4cdb", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/src/jchuff.c", "duplicate_line": 147, "correlation_key": "fp|b4400c1597ce2d78ac9a7fd55a6f5674d6d46acd583ddbf22cee47e90d6a4cdb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/src/jclhuff.c"}, "region": {"startLine": 90}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66793, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f6235b5348a82e6aec1ccbac9e94d20611fc45df69811a1f12756408e525f2b4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/jchuff.h", "duplicate_line": 13, "correlation_key": "fp|f6235b5348a82e6aec1ccbac9e94d20611fc45df69811a1f12756408e525f2b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/src/jchuff.c"}, "region": {"startLine": 162}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66792, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c99d523cf8acf94cbb03da5c2cd8f5137579e4915261115fc8591c9c70c0a5bf", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/powerpc/jsimd.c", "duplicate_line": 127, "correlation_key": "fp|c99d523cf8acf94cbb03da5c2cd8f5137579e4915261115fc8591c9c70c0a5bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/x86_64/jsimd.c"}, "region": {"startLine": 70}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66791, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5094cd62aab2135794e24109aa918a60d81dba3dd6bc2546cceeec653adb60c8", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/aarch32/jsimd.c", "duplicate_line": 68, "correlation_key": "fp|5094cd62aab2135794e24109aa918a60d81dba3dd6bc2546cceeec653adb60c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/x86_64/jsimd.c"}, "region": {"startLine": 14}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66790, "scanner": "repobility-ai-code-hygiene", "fingerprint": "708ea3987d36f2729832d42cc1cea013f3453fb924f5fe65b0833aefdc8f7e94", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips/jsimd.c", "duplicate_line": 821, "correlation_key": "fp|708ea3987d36f2729832d42cc1cea013f3453fb924f5fe65b0833aefdc8f7e94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jsimd.c"}, "region": {"startLine": 629}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66789, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ffbd18a65f6d4a1244305a28fc0c4d313658d88c857014bab6b5c87ceb09f85e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips64/jsimd.c", "duplicate_line": 68, "correlation_key": "fp|ffbd18a65f6d4a1244305a28fc0c4d313658d88c857014bab6b5c87ceb09f85e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jsimd.c"}, "region": {"startLine": 84}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66788, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0df9e9255a5d43574594e0ed4a4822b066bd536409eeb32c298e633a3ba505e1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/aarch32/jsimd.c", "duplicate_line": 12, "correlation_key": "fp|0df9e9255a5d43574594e0ed4a4822b066bd536409eeb32c298e633a3ba505e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jsimd.c"}, "region": {"startLine": 11}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66787, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e42f9af38c346e173e007a6808c0da6a1dade8334dcdb8d546324c4ac07cd043", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/powerpc/jidctfst-altivec.c", "duplicate_line": 72, "correlation_key": "fp|e42f9af38c346e173e007a6808c0da6a1dade8334dcdb8d546324c4ac07cd043"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jidctint-altivec.c"}, "region": {"startLine": 154}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66786, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5649f5d20cfae0c39c83ceb31a08dfbc36a5b0a42fbc0d1dea5089942c7c8982", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/powerpc/jfdctfst-altivec.c", "duplicate_line": 55, "correlation_key": "fp|5649f5d20cfae0c39c83ceb31a08dfbc36a5b0a42fbc0d1dea5089942c7c8982"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jfdctint-altivec.c"}, "region": {"startLine": 118}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66785, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ac8f7ef2fc0533f476f85e8f691bccdd478641a9ae7967369e44994b90158dca", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/powerpc/jdcolext-altivec.c", "duplicate_line": 86, "correlation_key": "fp|ac8f7ef2fc0533f476f85e8f691bccdd478641a9ae7967369e44994b90158dca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jdmrgext-altivec.c"}, "region": {"startLine": 112}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66784, "scanner": "repobility-ai-code-hygiene", "fingerprint": "12090c6b1bb5b0c9b112086e642ea47bf7be02ab67177367d54c1a246574f49e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips64/jcsample.h", "duplicate_line": 1, "correlation_key": "fp|12090c6b1bb5b0c9b112086e642ea47bf7be02ab67177367d54c1a246574f49e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jcsample.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66783, "scanner": "repobility-ai-code-hygiene", "fingerprint": "340dd0d60eb1651d6f8ca50a935419f8e3e05cadf36b386aa6415b19c30e43c7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/powerpc/jccolext-altivec.c", "duplicate_line": 37, "correlation_key": "fp|340dd0d60eb1651d6f8ca50a935419f8e3e05cadf36b386aa6415b19c30e43c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jcgryext-altivec.c"}, "region": {"startLine": 31}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66782, "scanner": "repobility-ai-code-hygiene", "fingerprint": "469e32f216f43a066df79ba5709edbba93e075292b362651cc6daa42838d1d53", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/powerpc/jccolor-altivec.c", "duplicate_line": 1, "correlation_key": "fp|469e32f216f43a066df79ba5709edbba93e075292b362651cc6daa42838d1d53"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/powerpc/jcgray-altivec.c"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66781, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bf014bacc08e4d5e641343757f5782bfe5bbfd069f73b4c66fbb0895c363c1ee", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips/jsimd.c", "duplicate_line": 220, "correlation_key": "fp|bf014bacc08e4d5e641343757f5782bfe5bbfd069f73b4c66fbb0895c363c1ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips64/jsimd.c"}, "region": {"startLine": 228}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66780, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5246cb18875fbd87236756baa9513650986b9423ad1179fdf2f533c7f390ea1e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/aarch32/jsimd.c", "duplicate_line": 12, "correlation_key": "fp|5246cb18875fbd87236756baa9513650986b9423ad1179fdf2f533c7f390ea1e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips64/jsimd.c"}, "region": {"startLine": 11}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66779, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0902d116917bd21a44bfeae3833e5c4ef18840102c09f07dc6fe0f27f0b6918f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips64/jidctfst-mmi.c", "duplicate_line": 56, "correlation_key": "fp|0902d116917bd21a44bfeae3833e5c4ef18840102c09f07dc6fe0f27f0b6918f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips64/jidctint-mmi.c"}, "region": {"startLine": 162}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66778, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6f01d5598d9889a68b70dc37a63aeecfbca339df97f683f0c77f8f8ccf44c370", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips64/jfdctint-mmi.c", "duplicate_line": 13, "correlation_key": "fp|6f01d5598d9889a68b70dc37a63aeecfbca339df97f683f0c77f8f8ccf44c370"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips64/jidctint-mmi.c"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66777, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5f2ed13b00b648615042712a49474324f9eb3732ad24ab10f548dd168d8290e6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips64/jfdctfst-mmi.c", "duplicate_line": 66, "correlation_key": "fp|5f2ed13b00b648615042712a49474324f9eb3732ad24ab10f548dd168d8290e6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips64/jfdctint-mmi.c"}, "region": {"startLine": 133}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66776, "scanner": "repobility-ai-code-hygiene", "fingerprint": "24387d649e0e3d3d68ff382c99c03f5ad06e06f5754724f5089b052232877a22", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips64/jdcolor-mmi.c", "duplicate_line": 1, "correlation_key": "fp|24387d649e0e3d3d68ff382c99c03f5ad06e06f5754724f5089b052232877a22"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips64/jdmerge-mmi.c"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66775, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2c4a703f436a69afb743d305bb0925d3e3c2befd6b1bd95210d95fae1cdfe543", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/mips64/jccolext-mmi.c", "duplicate_line": 24, "correlation_key": "fp|2c4a703f436a69afb743d305bb0925d3e3c2befd6b1bd95210d95fae1cdfe543"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips64/jcgryext-mmi.c"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66774, "scanner": "repobility-ai-code-hygiene", "fingerprint": "08498c98343836f9e3ad938894333a75ba69231d1fa5ac6df26585c14f2310dc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/aarch32/jsimd.c", "duplicate_line": 84, "correlation_key": "fp|08498c98343836f9e3ad938894333a75ba69231d1fa5ac6df26585c14f2310dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/mips/jsimd.c"}, "region": {"startLine": 68}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66773, "scanner": "repobility-ai-code-hygiene", "fingerprint": "754d97e399eb668edf01c7c5bfe9cb6a9d95d02f1f429f210f54e826eef27792", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/jfdctfst-neon.c", "duplicate_line": 54, "correlation_key": "fp|754d97e399eb668edf01c7c5bfe9cb6a9d95d02f1f429f210f54e826eef27792"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/arm/jfdctint-neon.c"}, "region": {"startLine": 110}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66772, "scanner": "repobility-ai-code-hygiene", "fingerprint": "efc8ae39c2dfefb43abf68ca9ed0bced296ea8facd9e69e4cd858be72acae136", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/jdcolext-neon.c", "duplicate_line": 102, "correlation_key": "fp|efc8ae39c2dfefb43abf68ca9ed0bced296ea8facd9e69e4cd858be72acae136"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/arm/jdmrgext-neon.c"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66771, "scanner": "repobility-ai-code-hygiene", "fingerprint": "728211d0a5fded69ce62413e0c27f91991a77f0ea0e622f1424c685240c96207", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjpeg-turbo/simd/arm/aarch32/jsimd.c", "duplicate_line": 20, "correlation_key": "fp|728211d0a5fded69ce62413e0c27f91991a77f0ea0e622f1424c685240c96207"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg-turbo/simd/arm/aarch64/jsimd.c"}, "region": {"startLine": 22}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66770, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ef1fc1f11a4d3ca2cefe33b0d94599896bcd8422bbdc593de0147b5db1e56357", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjasper/jpc_t2dec.c", "duplicate_line": 351, "correlation_key": "fp|ef1fc1f11a4d3ca2cefe33b0d94599896bcd8422bbdc593de0147b5db1e56357"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jpc_t2enc.c"}, "region": {"startLine": 438}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66769, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c70fc1c72f20ede1b7034ec90734495ca04696fcfdb6620f50c0174fe9ff4e49", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjasper/jpc_t1enc.c", "duplicate_line": 36, "correlation_key": "fp|c70fc1c72f20ede1b7034ec90734495ca04696fcfdb6620f50c0174fe9ff4e49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jpc_t2enc.c"}, "region": {"startLine": 285}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 66768, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7ad3b64610320ff2ce3521ef40802b7090b06ff10661006d55afdc8f5ef4a68f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "3rdparty/libjasper/jpc_t1dec.c", "duplicate_line": 612, "correlation_key": "fp|7ad3b64610320ff2ce3521ef40802b7090b06ff10661006d55afdc8f5ef4a68f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jpc_t1enc.c"}, "region": {"startLine": 688}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 66764, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1e522679293dd62e2d02df8fc79b7cd473c5f0db7188a52e7939ea8dc3fa951a", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "copy", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|1e522679293dd62e2d02df8fc79b7cd473c5f0db7188a52e7939ea8dc3fa951a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/src/cuda4dnn/kernels/fill_copy.hpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 66763, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7cec243bd494534f401df0c55d0f675c6933b45983ed1c19ee39c19a1cbd3088", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "fix", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|7cec243bd494534f401df0c55d0f675c6933b45983ed1c19ee39c19a1cbd3088"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jasper/jas_fix.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 66762, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1a610eca5e53676a6540e8b9400990143f394b320b99764463c793c88f8c98b6", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "fix", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|1a610eca5e53676a6540e8b9400990143f394b320b99764463c793c88f8c98b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jpc_fix.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `verify_prev_next` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: for=2, if=4, nested_bonus=2."}, "properties": {"repobilityId": 66742, "scanner": "repobility-threat-engine", "fingerprint": "68f4cb9fab486da9bb82b92ecb989843c82691069e70431129109ddf620b5dd6", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "verify_prev_next", "breakdown": {"if": 4, "for": 2, "nested_bonus": 2}, "complexity": 8, "correlation_key": "fp|68f4cb9fab486da9bb82b92ecb989843c82691069e70431129109ddf620b5dd6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tools/scan_tutorials.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `insert_python_signatures` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: and=1, elif=1, else=1, for=1, if=2, nested_bonus=5."}, "properties": {"repobilityId": 66740, "scanner": "repobility-threat-engine", "fingerprint": "1a52ae55920b952beba916775f04f68b4051901b21bfe8d771fe987f58c232db", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "insert_python_signatures", "breakdown": {"if": 2, "and": 1, "for": 1, "elif": 1, "else": 1, "nested_bonus": 5}, "complexity": 11, "correlation_key": "fp|1a52ae55920b952beba916775f04f68b4051901b21bfe8d771fe987f58c232db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tools/html_functions.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 66730, "scanner": "repobility-threat-engine", "fingerprint": "a5e2df2a696cdfc5556651b6dc1bdc025ca80f4df732b08ee602c46f83cee2dc", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"DMatch [queryIdx=\" + queryIdx + \", trainIdx=\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a5e2df2a696cdfc5556651b6dc1bdc025ca80f4df732b08ee602c46f83cee2dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/misc/java/src/java/core+DMatch.java"}, "region": {"startLine": 54}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 66729, "scanner": "repobility-threat-engine", "fingerprint": "a7388044647c89f84f18f7606db730896b44f7b0c45c4195e59e5b9f23efc3ac", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "'Failed to load ' + url + ' status: '", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a7388044647c89f84f18f7606db730896b44f7b0c45c4195e59e5b9f23efc3ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/webnn-electron/utils_webnn_electron.js"}, "region": {"startLine": 39}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 66728, "scanner": "repobility-threat-engine", "fingerprint": "56edfd54e05fb1ef69f1472a430af404658e57087aec54229396c626883a3237", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "'Failed to load ' + url + ' status: '", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|56edfd54e05fb1ef69f1472a430af404658e57087aec54229396c626883a3237"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/utils.js"}, "region": {"startLine": 50}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 66723, "scanner": "repobility-threat-engine", "fingerprint": "9ec93aaa36f9fadb7d551c3c9caa44db5091ffc07611cf08897f062f256ea1be", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = b", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|doc/tutorial-utils.js|31|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tutorial-utils.js"}, "region": {"startLine": 31}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 66722, "scanner": "repobility-threat-engine", "fingerprint": "eaf1dbb17540e66cfbc07bed63d6cfd9bbcc706a8f39e56f1bd156107ce3b68e", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = e", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|token|92|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/webnn-electron/utils_webnn_electron.js"}, "region": {"startLine": 92}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 66721, "scanner": "repobility-threat-engine", "fingerprint": "3d18c5d57b823c5c56bcd8a6a10eb3f8aa650e3c5d5d82979ff601ada802a198", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = e", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|token|103|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/utils.js"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 66761, "scanner": "repobility-threat-engine", "fingerprint": "accac25ba111aa551adea1d9a8a58641e50ccadc7ed4b2764b1712f2597dc67a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|accac25ba111aa551adea1d9a8a58641e50ccadc7ed4b2764b1712f2597dc67a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/imgcodecs/misc/objc/macosx/MatQuickLook.mm"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 66760, "scanner": "repobility-threat-engine", "fingerprint": "7dcb00359ce14049c8be1b483aa310c183bfe19b318a5c01c38353b491ed556c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7dcb00359ce14049c8be1b483aa310c183bfe19b318a5c01c38353b491ed556c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/imgcodecs/misc/objc/ios/MatQuickLook.mm"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED081", "level": "none", "message": {"text": "[MINED081] Java Printstacktrace: Should use logger, not stack trace to stderr."}, "properties": {"repobilityId": 66759, "scanner": "repobility-threat-engine", "fingerprint": "a718efad853733eedd9f275c4f57d582fc3a3e8daeccb88bf00791beab001816", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-printstacktrace", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348125+00:00", "triaged_in_corpus": 12, "observations_count": 2934, "ai_coder_pattern_id": 126}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a718efad853733eedd9f275c4f57d582fc3a3e8daeccb88bf00791beab001816"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/highgui/misc/java/src/java/highgui+HighGui.java"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 66753, "scanner": "repobility-threat-engine", "fingerprint": "12141f0553d729382e117e534c176ce85f05daff29205f8951ebbf5d197c5533", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|12141f0553d729382e117e534c176ce85f05daff29205f8951ebbf5d197c5533", "aggregated_count": 2}}}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 66752, "scanner": "repobility-threat-engine", "fingerprint": "19e5c1889c7198e4be7d2e9e45431a0daea15bd9fde5ed98f9a548b183b269d9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|19e5c1889c7198e4be7d2e9e45431a0daea15bd9fde5ed98f9a548b183b269d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/parser_clblas.py"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 66751, "scanner": "repobility-threat-engine", "fingerprint": "b8c42ae02375deca348ae4335793fd98ffaa4bb44d5d6fdeda1619d981444d16", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b8c42ae02375deca348ae4335793fd98ffaa4bb44d5d6fdeda1619d981444d16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/parser_cl.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 66750, "scanner": "repobility-threat-engine", "fingerprint": "5f3a4c0a5a456b4cd743d8fec014685499af270eacaf3388294e51922df992e0", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5f3a4c0a5a456b4cd743d8fec014685499af270eacaf3388294e51922df992e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/common.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion (and 36 more): Same pattern found in 36 additional files. Review if needed."}, "properties": {"repobilityId": 66748, "scanner": "repobility-threat-engine", "fingerprint": "ff6a29f76b46f08711bdb564be87911d2e8218558ddda1a3e3cc08a0dba0e0ae", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 36 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|ff6a29f76b46f08711bdb564be87911d2e8218558ddda1a3e3cc08a0dba0e0ae", "aggregated_count": 36}}}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 66747, "scanner": "repobility-threat-engine", "fingerprint": "91b49b666a1fd786e1ab3155b2aca2dd26129766947da4488471a19ce5ac3804", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|91b49b666a1fd786e1ab3155b2aca2dd26129766947da4488471a19ce5ac3804"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/misc/objc/common/Double3.mm"}, "region": {"startLine": 77}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 66746, "scanner": "repobility-threat-engine", "fingerprint": "afc420c747290a00ee99467d59bb0ace07a88641bafa385de9196464ed751d50", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|afc420c747290a00ee99467d59bb0ace07a88641bafa385de9196464ed751d50"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/misc/objc/common/Double2.mm"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 66745, "scanner": "repobility-threat-engine", "fingerprint": "2efb822dd4d9f727e7c1a8c81ca71dcaee71abedaa625ceee1954964b2cde836", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2efb822dd4d9f727e7c1a8c81ca71dcaee71abedaa625ceee1954964b2cde836"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/misc/objc/common/DMatch.mm"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED086", "level": "none", "message": {"text": "[MINED086] Kotlin Runtime Exception: Throwing bare RuntimeException loses type info."}, "properties": {"repobilityId": 66744, "scanner": "repobility-threat-engine", "fingerprint": "bcc6060f4d1379cfd9dbf3aebe4b1a22935486d568556e2b98c0a108ca8a3093", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "kotlin-runtime-exception", "owasp": null, "cwe_ids": [], "languages": ["kotlin"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348138+00:00", "triaged_in_corpus": 12, "observations_count": 751, "ai_coder_pattern_id": 156}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bcc6060f4d1379cfd9dbf3aebe4b1a22935486d568556e2b98c0a108ca8a3093"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/misc/java/src/java/core+MatAt.kt"}, "region": {"startLine": 33}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 66743, "scanner": "repobility-threat-engine", "fingerprint": "d77c5009f48b7037f4b39dca2da19e88620f9ee944ab4de5a78fef76b97d4995", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "insert_python_signatures", "breakdown": {"if": 2, "and": 1, "for": 1, "elif": 1, "else": 1, "nested_bonus": 5}, "aggregated": true, "complexity": 11, "correlation_key": "fp|d77c5009f48b7037f4b39dca2da19e88620f9ee944ab4de5a78fef76b97d4995", "aggregated_count": 8}}}, {"ruleId": "SEC084", "level": "none", "message": {"text": "[SEC084] JS: require() with non-literal (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 66739, "scanner": "repobility-threat-engine", "fingerprint": "1ab24bd4307ac28d8fe949cb2ba0d619298592370da5c4874409946d0caac342", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC084", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|1ab24bd4307ac28d8fe949cb2ba0d619298592370da5c4874409946d0caac342"}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 66735, "scanner": "repobility-threat-engine", "fingerprint": "21574bfeb0932930035993d673b5e7231c9e04c3bfeb59b0c6e4ed1624561723", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|21574bfeb0932930035993d673b5e7231c9e04c3bfeb59b0c6e4ed1624561723"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/webnn-electron/utils_webnn_electron.js"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 66734, "scanner": "repobility-threat-engine", "fingerprint": "acaee8597cbc34556f7a06efe5824bb5f962f5e0ea2a9ef913945a0a2b92b65d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|acaee8597cbc34556f7a06efe5824bb5f962f5e0ea2a9ef913945a0a2b92b65d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/utils.js"}, "region": {"startLine": 13}}}]}, {"ruleId": "SEC132", "level": "none", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift) (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "properties": {"repobilityId": 66731, "scanner": "repobility-threat-engine", "fingerprint": "5134ba67b8ed6497b08de31fab74f32c7fddcd1b4cdf063410937f25f8c61de3", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 10 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 10 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|5134ba67b8ed6497b08de31fab74f32c7fddcd1b4cdf063410937f25f8c61de3"}}}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 66727, "scanner": "repobility-threat-engine", "fingerprint": "c59edcd8286991ab7caac4493f8f01b268fef2a5d218265ad20f6e2d1172fefb", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|c59edcd8286991ab7caac4493f8f01b268fef2a5d218265ad20f6e2d1172fefb"}}}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 66720, "scanner": "repobility-threat-engine", "fingerprint": "8f4ed64e85e23651a781f801f20cbe7cf192b517efa4818df0dde258906a2c2b", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|8f4ed64e85e23651a781f801f20cbe7cf192b517efa4818df0dde258906a2c2b"}}}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "properties": {"repobilityId": 66716, "scanner": "repobility-threat-engine", "fingerprint": "35d41502c55718b81c5fe3436dbe7401b9ee358792f943c3512a16b5dc3c0ffa", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 12 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 12 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|35d41502c55718b81c5fe3436dbe7401b9ee358792f943c3512a16b5dc3c0ffa"}}}, {"ruleId": "SEC013", "level": "none", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 66712, "scanner": "repobility-threat-engine", "fingerprint": "75f22750f5eefefb3a3ce8f933bc32c82dff4c8e9ca3ec94aeac313553cfbd0d", "category": "path_traversal", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|75f22750f5eefefb3a3ce8f933bc32c82dff4c8e9ca3ec94aeac313553cfbd0d"}}}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std (and 18 more): Same pattern found in 18 additional files. Review if needed."}, "properties": {"repobilityId": 66706, "scanner": "repobility-threat-engine", "fingerprint": "18c6d4ac2eb9d071e11f3bb4e29c4a7a061fff58780dbdead8f47f162c5a277b", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 18 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|18c6d4ac2eb9d071e11f3bb4e29c4a7a061fff58780dbdead8f47f162c5a277b", "aggregated_count": 18}}}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 66705, "scanner": "repobility-threat-engine", "fingerprint": "cb36699813b9adf834581f3ff6cb1daa880b0a245ab2ef9f92189a30c4d6adb8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cb36699813b9adf834581f3ff6cb1daa880b0a245ab2ef9f92189a30c4d6adb8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/openexr/IlmImf/ImfEnvmap.cpp"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 66704, "scanner": "repobility-threat-engine", "fingerprint": "c033ed860d163f807dfe8f27188a81ba19f5636d790b3d8cc74a11e5d0ec5106", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c033ed860d163f807dfe8f27188a81ba19f5636d790b3d8cc74a11e5d0ec5106"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/openexr/IlmImf/ImfDeepFrameBuffer.cpp"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 66703, "scanner": "repobility-threat-engine", "fingerprint": "e9e3fa78c22c32d21378ced41450276db3bf4c62492cef13dfaf2149ca1c1c09", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e9e3fa78c22c32d21378ced41450276db3bf4c62492cef13dfaf2149ca1c1c09"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/openexr/Half/half.cpp"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete (and 72 more): Same pattern found in 72 additional files. Review if needed."}, "properties": {"repobilityId": 66702, "scanner": "repobility-threat-engine", "fingerprint": "a91d03cf721d97794dd62d42ec50aeabf94431b8b749c43e66a02a96caed783d", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 72 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|a91d03cf721d97794dd62d42ec50aeabf94431b8b749c43e66a02a96caed783d", "aggregated_count": 72}}}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 66701, "scanner": "repobility-threat-engine", "fingerprint": "49d3fb3eed2e422585b207f54c0ff46739c751211deb9125815d19c7160d9b20", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|49d3fb3eed2e422585b207f54c0ff46739c751211deb9125815d19c7160d9b20"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/openexr/IlmImf/ImfCompressor.cpp"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 66700, "scanner": "repobility-threat-engine", "fingerprint": "9582785cc9e39b051caccfca513afd7405f62d2bb284fb1fbc72036e99df2723", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9582785cc9e39b051caccfca513afd7405f62d2bb284fb1fbc72036e99df2723"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/openexr/IlmImf/ImfAttribute.cpp"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 66699, "scanner": "repobility-threat-engine", "fingerprint": "3343a937778ca7ba8bd08baa34eb3f6868c96c5dae07de62ace7a81476909026", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3343a937778ca7ba8bd08baa34eb3f6868c96c5dae07de62ace7a81476909026"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libwebp/src/enc/backward_references_enc.h"}, "region": {"startLine": 179}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 66698, "scanner": "repobility-threat-engine", "fingerprint": "008cf5cb4a6d001a21b9b079a6ea304b3e2a8e1a8ed47e19e1e699385013451b", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|008cf5cb4a6d001a21b9b079a6ea304b3e2a8e1a8ed47e19e1e699385013451b", "aggregated_count": 1}}}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 66697, "scanner": "repobility-threat-engine", "fingerprint": "ef25aa761c2dff88bf687d1ea0a6968a6bf810d380e7e19fbd47d872df9e26c9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ef25aa761c2dff88bf687d1ea0a6968a6bf810d380e7e19fbd47d872df9e26c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/openjpeg/openjp2/opj_malloc.c"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 66696, "scanner": "repobility-threat-engine", "fingerprint": "5dfe85a147d9afa6fdc81a9fd1698845da3af7a19610fcf57cc59aba563a11ab", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5dfe85a147d9afa6fdc81a9fd1698845da3af7a19610fcf57cc59aba563a11ab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libwebp/src/utils/utils.c"}, "region": {"startLine": 201}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 66695, "scanner": "repobility-threat-engine", "fingerprint": "75d79be04e341ae69bada5112acfbe6681a9eb15993c9d964601739560e5edbd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|75d79be04e341ae69bada5112acfbe6681a9eb15993c9d964601739560e5edbd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jpc_tsfb.c"}, "region": {"startLine": 97}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "properties": {"repobilityId": 66694, "scanner": "repobility-threat-engine", "fingerprint": "133d0321df668823d68fda7a262cc53d13053f2174d79a753e1fabffb7f20eec", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 4 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|133d0321df668823d68fda7a262cc53d13053f2174d79a753e1fabffb7f20eec", "aggregated_count": 4}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 66693, "scanner": "repobility-threat-engine", "fingerprint": "120df23984c9453200563319b41e6768cabf611a213847d2178080836e61769b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|120df23984c9453200563319b41e6768cabf611a213847d2178080836e61769b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/face_detector_accuracy.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 66692, "scanner": "repobility-threat-engine", "fingerprint": "2d726bb32f6b3bc04c315aec97cb029175fbf71f7bac6f79c9eda8fad82526f5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2d726bb32f6b3bc04c315aec97cb029175fbf71f7bac6f79c9eda8fad82526f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tools/add_signatures.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 66691, "scanner": "repobility-threat-engine", "fingerprint": "22619d8444b610d59a491c22f2205f213808d7f7c56de7329c7935a125411e0d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|22619d8444b610d59a491c22f2205f213808d7f7c56de7329c7935a125411e0d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jasper/jas_version.h"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED022", "level": "none", "message": {"text": "[MINED022] C Strcpy (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 66690, "scanner": "repobility-threat-engine", "fingerprint": "32f299b718c02e3eef333957c30aaee31c9f17b99997d7c9b667c11ecc1f64db", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|32f299b718c02e3eef333957c30aaee31c9f17b99997d7c9b667c11ecc1f64db", "aggregated_count": 6}}}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `samples/java/sbt/sbt/sbt-launch.jar` committed in source repo: `samples/java/sbt/sbt/sbt-launch.jar` is a .jar binary (1,103,618 bytes) committed to a repo that otherwise has 4868 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 66933, "scanner": "repobility-supply-chain", "fingerprint": "b427054e5da74b2b4ed5e1885cebbd7e12ecb26d7cccf37bfe43d50c2ea29b61", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b427054e5da74b2b4ed5e1885cebbd7e12ecb26d7cccf37bfe43d50c2ea29b61"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "samples/java/sbt/sbt/sbt-launch.jar"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `platforms/android/gradle-wrapper/gradle/wrapper/gradle-wrapper.jar` committed in source repo: `platforms/android/gradle-wrapper/gradle/wrapper/gradle-wrapper.jar` is a .jar binary (54,334 bytes) committed to a repo that otherwise has 4868 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 66932, "scanner": "repobility-supply-chain", "fingerprint": "bf30bf255f18a8064e6628fed735340d77889dd926afdbf17d221a303a4c55cc", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bf30bf255f18a8064e6628fed735340d77889dd926afdbf17d221a303a4c55cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/android/gradle-wrapper/gradle/wrapper/gradle-wrapper.jar"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `platforms/android/aar-template/gradle/wrapper/gradle-wrapper.jar` committed in source repo: `platforms/android/aar-template/gradle/wrapper/gradle-wrapper.jar` is a .jar binary (59,203 bytes) committed to a repo that otherwise has 4868 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 66931, "scanner": "repobility-supply-chain", "fingerprint": "d8316ac2e2e1dd5f5e321fae506e94e60f90b5b147c4c57923fc1de6d40fd4ca", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d8316ac2e2e1dd5f5e321fae506e94e60f90b5b147c4c57923fc1de6d40fd4ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/android/aar-template/gradle/wrapper/gradle-wrapper.jar"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-RISCV.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-RISCV.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66930, "scanner": "repobility-supply-chain", "fingerprint": "7803dec1940a8508576db5df7a7b35ea76ad866fe895e81ad888b05718a17dbd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7803dec1940a8508576db5df7a7b35ea76ad866fe895e81ad888b05718a17dbd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-docs.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-docs.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66929, "scanner": "repobility-supply-chain", "fingerprint": "c3decc26adc55057c56036cc17f5c25d4bca90553038decaf1e6d0b060452c64", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c3decc26adc55057c56036cc17f5c25d4bca90553038decaf1e6d0b060452c64"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-timvx-backend-tests-4.x.yml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-timvx-backend-tests-4.x.yml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66928, "scanner": "repobility-supply-chain", "fingerprint": "5677a03073f2ce9dc671b1c4c150d8bd752832ebf146aad83cdd16e47b2c61ee", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5677a03073f2ce9dc671b1c4c150d8bd752832ebf146aad83cdd16e47b2c61ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-4.x-Android-SDK.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-4.x-Android-SDK.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66927, "scanner": "repobility-supply-chain", "fingerprint": "9a6d6eb3e899c456a4914b4072a107ae17f06b8e763c6b64ea0dab13a03ee25f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9a6d6eb3e899c456a4914b4072a107ae17f06b8e763c6b64ea0dab13a03ee25f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-iOS.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-iOS.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66926, "scanner": "repobility-supply-chain", "fingerprint": "9e15c47530fd5107c91316bf5c22a68a2bfa4889b2eeb30f1e0d3ccf54968f19", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9e15c47530fd5107c91316bf5c22a68a2bfa4889b2eeb30f1e0d3ccf54968f19"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-macOS-ARM64-Vulkan.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-macOS-ARM64-Vulkan.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66925, "scanner": "repobility-supply-chain", "fingerprint": "2cdd09255e35892ad6c9df0325c3bb7f20379792c57f4c2b809b15505281a755", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2cdd09255e35892ad6c9df0325c3bb7f20379792c57f4c2b809b15505281a755"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-macOS-x86_64.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-macOS-x86_64.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66924, "scanner": "repobility-supply-chain", "fingerprint": "acb6a4760bfa044f11dda53bb9606bb780aff207c116902289573b45a257c8ae", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|acb6a4760bfa044f11dda53bb9606bb780aff207c116902289573b45a257c8ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-macOS-ARM64.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-macOS-ARM64.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66923, "scanner": "repobility-supply-chain", "fingerprint": "22883dbb62b9aa6a38089d3e9bc3772e86e503aabfcc600a9a893e2500686cf1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|22883dbb62b9aa6a38089d3e9bc3772e86e503aabfcc600a9a893e2500686cf1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-U20-Cuda.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-U20-Cuda.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66922, "scanner": "repobility-supply-chain", "fingerprint": "7fef9523856ade905995421fb5ca5b2e577f86343f46ccedb23e1f780bf6cfc9", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7fef9523856ade905995421fb5ca5b2e577f86343f46ccedb23e1f780bf6cfc9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-U20-OpenVINO.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-U20-OpenVINO.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66921, "scanner": "repobility-supply-chain", "fingerprint": "be0194c298e3c9ca98f79fe172b4242173d19cb6d23036334610690de3837eca", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|be0194c298e3c9ca98f79fe172b4242173d19cb6d23036334610690de3837eca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-ARM64-Debug.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-ARM64-Debug.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66920, "scanner": "repobility-supply-chain", "fingerprint": "0d19fd9ab9011c42adfe54108958e4bd945648f2809f442defc21ddfa0733460", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0d19fd9ab9011c42adfe54108958e4bd945648f2809f442defc21ddfa0733460"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-ARM64.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-4.x-ARM64.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66919, "scanner": "repobility-supply-chain", "fingerprint": "491d91aadb1a967b94907c6556b3221c05abde3c15d35149d3bfb1f2b4171e9c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|491d91aadb1a967b94907c6556b3221c05abde3c15d35149d3bfb1f2b4171e9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-Windows.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-Windows.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66918, "scanner": "repobility-supply-chain", "fingerprint": "1857ad9e2b85e203e02167dc071469e512244e483f26d93ac6513e5172d112cc", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1857ad9e2b85e203e02167dc071469e512244e483f26d93ac6513e5172d112cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-Linux-NoHAL.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-Linux-NoHAL.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66917, "scanner": "repobility-supply-chain", "fingerprint": "5bb5074473819da71fafe125293b95605593b195f3443e7b2e4a5d6fc7be032d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5bb5074473819da71fafe125293b95605593b195f3443e7b2e4a5d6fc7be032d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-PR-Linux.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-PR-Linux.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66916, "scanner": "repobility-supply-chain", "fingerprint": "4e743f546ea266767a2e0416496b144415a2a3f68e2edbc9ffe32cb37814933f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4e743f546ea266767a2e0416496b144415a2a3f68e2edbc9ffe32cb37814933f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/PR-4.x.yaml"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `opencv/ci-gha-workflow/.github/workflows/OCV-CodeQL.yaml` pinned to mutable ref `@main`: `uses: opencv/ci-gha-workflow/.github/workflows/OCV-CodeQL.yaml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 66915, "scanner": "repobility-supply-chain", "fingerprint": "424b85b41013ea461e93369b855d82faa46383e59fb8ae743e895c1e3579d7cb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|424b85b41013ea461e93369b855d82faa46383e59fb8ae743e895c1e3579d7cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/4.x.yml"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `ubuntu:18.04` not pinned by digest: `FROM ubuntu:18.04` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 66914, "scanner": "repobility-supply-chain", "fingerprint": "6a86890eeb2e9ecf563114c0ef713dbfb305028c171e2851d151f22f4941b54a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6a86890eeb2e9ecf563114c0ef713dbfb305028c171e2851d151f22f4941b54a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/videoio/misc/plugin_gstreamer/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `almalinux:9` not pinned by digest: `FROM almalinux:9` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 66913, "scanner": "repobility-supply-chain", "fingerprint": "c9e38479e4335863c48bb9e1faa0ffadc93a75bd3cb03ab8b3929a7dfd539831", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c9e38479e4335863c48bb9e1faa0ffadc93a75bd3cb03ab8b3929a7dfd539831"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/zlib-ng/arch/s390/self-hosted-builder/actions-runner.Dockerfile"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_camshift: Test function `test_camshift` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66885, "scanner": "repobility-ast-engine", "fingerprint": "5acef51ef053d0a7a39d662f8a12aac5fd5a1d6b365242ae442067fa4ba89991", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5acef51ef053d0a7a39d662f8a12aac5fd5a1d6b365242ae442067fa4ba89991"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_camshift.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_base64: Test function `test_base64` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66884, "scanner": "repobility-ast-engine", "fingerprint": "6ac48e83431e091a5f93599546eb7df2c1117c7bb9805e4fdc0cfd1733093feb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6ac48e83431e091a5f93599546eb7df2c1117c7bb9805e4fdc0cfd1733093feb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_filestorage_io.py"}, "region": {"startLine": 114}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_json: Test function `test_json` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66883, "scanner": "repobility-ast-engine", "fingerprint": "5f73f38a0ffd1314218e7aa3c3f64c101c0164577199af017fcbbd9b25cecee9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f73f38a0ffd1314218e7aa3c3f64c101c0164577199af017fcbbd9b25cecee9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_filestorage_io.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_yml: Test function `test_yml` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66882, "scanner": "repobility-ast-engine", "fingerprint": "3912c63013da88f1b9aaba7659e203afcff99d4fda210a44cf9730390f72df81", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3912c63013da88f1b9aaba7659e203afcff99d4fda210a44cf9730390f72df81"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_filestorage_io.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_xml: Test function `test_xml` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66881, "scanner": "repobility-ast-engine", "fingerprint": "3c9ede7f45b38dcf8abf9c41ac175ea44f0fe63971e2737e0c95d16e0b5d6489", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3c9ede7f45b38dcf8abf9c41ac175ea44f0fe63971e2737e0c95d16e0b5d6489"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_filestorage_io.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_idsAccessibility: Test function `test_idsAccessibility` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66873, "scanner": "repobility-ast-engine", "fingerprint": "7952b3379379475e193d4c30df0f0ad7d621300cab2aec5ce42147a3e04558a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7952b3379379475e193d4c30df0f0ad7d621300cab2aec5ce42147a3e04558a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/objdetect/misc/python/test/test_objdetect_aruco.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_board: Test function `test_board` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66872, "scanner": "repobility-ast-engine", "fingerprint": "f82d3f916c8ad39388ef15ebd0d102898dd337137f21fc74518d16d29362e535", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f82d3f916c8ad39388ef15ebd0d102898dd337137f21fc74518d16d29362e535"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/objdetect/misc/python/test/test_objdetect_aruco.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_set_param_3d: Test function `test_set_param_3d` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66870, "scanner": "repobility-ast-engine", "fingerprint": "f98fc6a3120d2e93419d5392964f7e689039038505d59c798a8eb55c8a178a7f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f98fc6a3120d2e93419d5392964f7e689039038505d59c798a8eb55c8a178a7f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 501}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_input_3d: Test function `test_input_3d` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66869, "scanner": "repobility-ast-engine", "fingerprint": "119d3d3ccee3cb252bbe1177d269a22b31e72836d24ae21dc75b692c632584b4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|119d3d3ccee3cb252bbe1177d269a22b31e72836d24ae21dc75b692c632584b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 446}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_custom_layer: Test function `test_custom_layer` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66868, "scanner": "repobility-ast-engine", "fingerprint": "f795df2606c4a5962c51458ac3fd85303402295d2202fc792df7db91367d2dae", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f795df2606c4a5962c51458ac3fd85303402295d2202fc792df7db91367d2dae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 376}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_face_detection: Test function `test_face_detection` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66867, "scanner": "repobility-ast-engine", "fingerprint": "9087006201252c94656a556c500603b1b0b23a561701f348b8092a34cd000acd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9087006201252c94656a556c500603b1b0b23a561701f348b8092a34cd000acd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 288}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_classification_model: Test function `test_classification_model` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66866, "scanner": "repobility-ast-engine", "fingerprint": "73be71ecd1a17073f04d4716f7f6af03d934c12b29a5012bbca61fd1a282ab49", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|73be71ecd1a17073f04d4716f7f6af03d934c12b29a5012bbca61fd1a282ab49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 252}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_model: Test function `test_model` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66865, "scanner": "repobility-ast-engine", "fingerprint": "b96b2ad7a973995d8a33c91ee951aa4c0902169d3f9f06e72525f4d06327d9b2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b96b2ad7a973995d8a33c91ee951aa4c0902169d3f9f06e72525f4d06327d9b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 220}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_blobFromImageWithParams: Test function `test_blobFromImageWithParams` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66864, "scanner": "repobility-ast-engine", "fingerprint": "7b18f1b20716dfe36c768650f16f8973be904d6941c487c8a4dd60328d15742a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7b18f1b20716dfe36c768650f16f8973be904d6941c487c8a4dd60328d15742a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 184}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_blobFromImage: Test function `test_blobFromImage` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66863, "scanner": "repobility-ast-engine", "fingerprint": "3bc21e52d553946933043a56b3a5a2fa39574f8ccc14dddd26f526dee84f0c78", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3bc21e52d553946933043a56b3a5a2fa39574f8ccc14dddd26f526dee84f0c78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/misc/python/test/test_dnn.py"}, "region": {"startLine": 158}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_regression_16040_2: Test function `test_regression_16040_2` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66862, "scanner": "repobility-ast-engine", "fingerprint": "2bb52b5faada85651d6b07bd3f8c3c5a84e713caf7ab66eaa197578bd6aaa423", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2bb52b5faada85651d6b07bd3f8c3c5a84e713caf7ab66eaa197578bd6aaa423"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/calib3d/misc/python/test/test_solvepnp.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_regression_16040: Test function `test_regression_16040` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66861, "scanner": "repobility-ast-engine", "fingerprint": "8dd4bd01ab3355f5a2cddc4fc9ab448a0464ef51b1c609f1362bf2d89742f842", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8dd4bd01ab3355f5a2cddc4fc9ab448a0464ef51b1c609f1362bf2d89742f842"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/calib3d/misc/python/test/test_solvepnp.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compile_streaming_meta_and_args: Test function `test_compile_streaming_meta_and_args` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66860, "scanner": "repobility-ast-engine", "fingerprint": "a0ea51f0d27406bcf4504a412a5fb074bd5c5eeb527947be2f58be50bedcbb0b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a0ea51f0d27406bcf4504a412a5fb074bd5c5eeb527947be2f58be50bedcbb0b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/misc/python/test/test_gapi_streaming.py"}, "region": {"startLine": 352}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compile_streaming_meta: Test function `test_compile_streaming_meta` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66859, "scanner": "repobility-ast-engine", "fingerprint": "5bd0183963b3619440d6df9256b1e4defde7abef447fbbad05a0d593c03bd036", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5bd0183963b3619440d6df9256b1e4defde7abef447fbbad05a0d593c03bd036"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/misc/python/test/test_gapi_streaming.py"}, "region": {"startLine": 345}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compile_streaming_descr_of_and_args: Test function `test_compile_streaming_descr_of_and_args` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66858, "scanner": "repobility-ast-engine", "fingerprint": "e9f5ff3002a3f45d2b9bd036d2ced936e5594e6f1dcfd3ac53f2368d217356dd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e9f5ff3002a3f45d2b9bd036d2ced936e5594e6f1dcfd3ac53f2368d217356dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/misc/python/test/test_gapi_streaming.py"}, "region": {"startLine": 337}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compile_streaming_descr_of: Test function `test_compile_streaming_descr_of` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66857, "scanner": "repobility-ast-engine", "fingerprint": "aa815bf19ce2a1544376ae146fc7638dc0fad1f2ec879f67b0917fe30eb335aa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa815bf19ce2a1544376ae146fc7638dc0fad1f2ec879f67b0917fe30eb335aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/misc/python/test/test_gapi_streaming.py"}, "region": {"startLine": 330}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compile_streaming_args: Test function `test_compile_streaming_args` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66856, "scanner": "repobility-ast-engine", "fingerprint": "aa56e7dbd045ca9b60e4dd8a132044b2b91175f84dfa1012066637a5d975334d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa56e7dbd045ca9b60e4dd8a132044b2b91175f84dfa1012066637a5d975334d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/misc/python/test/test_gapi_streaming.py"}, "region": {"startLine": 324}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compile_streaming_empty: Test function `test_compile_streaming_empty` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66855, "scanner": "repobility-ast-engine", "fingerprint": "dfee3628c6dd50c4833bb72dd20c9ab758539249e2f97cc2d318691bc38ce439", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dfee3628c6dd50c4833bb72dd20c9ab758539249e2f97cc2d318691bc38ce439"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/misc/python/test/test_gapi_streaming.py"}, "region": {"startLine": 318}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_aruco_marker_sizes: Test function `test_aruco_marker_sizes` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66838, "scanner": "repobility-ast-engine", "fingerprint": "fbbc8f1eec3c75647a42275733d644b997796eac70cef03f79124580cd7b3ce2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fbbc8f1eec3c75647a42275733d644b997796eac70cef03f79124580cd7b3ce2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/test_charuco_board.py"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_aruco_dicts: Test function `test_aruco_dicts` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 66837, "scanner": "repobility-ast-engine", "fingerprint": "9dda5ba6d03f14bef28daa52a5d3e9b362977fbd2a7069c97e2e2cb71f483aa9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9dda5ba6d03f14bef28daa52a5d3e9b362977fbd2a7069c97e2e2cb71f483aa9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/pattern-tools/test_charuco_board.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `mergeLibs` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66826, "scanner": "repobility-ast-engine", "fingerprint": "7dcafb342d1f47d995265212ee083f8ded76acf246e7f81ccb6682778859e422", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7dcafb342d1f47d995265212ee083f8ded76acf246e7f81ccb6682778859e422"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 389}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66825, "scanner": "repobility-ast-engine", "fingerprint": "a208a404ae3df06e10cf3058411c849bbf661ebda936d198105e9061695aa737", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a208a404ae3df06e10cf3058411c849bbf661ebda936d198105e9061695aa737"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 386}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66824, "scanner": "repobility-ast-engine", "fingerprint": "9ceadfbc66bef6b8a42349e804f3a593d49af9617bef523f611bde7ccaec15aa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9ceadfbc66bef6b8a42349e804f3a593d49af9617bef523f611bde7ccaec15aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 374}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getObjcTarget` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.getObjcTarget`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66823, "scanner": "repobility-ast-engine", "fingerprint": "7bf1f3354f607c5b638b2f8e347632e67d9367891b354864653b044688730c99", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7bf1f3354f607c5b638b2f8e347632e67d9367891b354864653b044688730c99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 360}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66822, "scanner": "repobility-ast-engine", "fingerprint": "4c6ef42389db99553866b5031ea4c8718efd2639fae5632d1dc3e118cfefe601", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4c6ef42389db99553866b5031ea4c8718efd2639fae5632d1dc3e118cfefe601"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 358}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getDocBuildCommand` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.getDocBuildCommand`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66821, "scanner": "repobility-ast-engine", "fingerprint": "0dcb1cdbe1553b762aed6ea91852dea9c5d9aa785b1e730909d4187db2036c35", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0dcb1cdbe1553b762aed6ea91852dea9c5d9aa785b1e730909d4187db2036c35"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 375}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.makeCMakeCmd` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.makeCMakeCmd`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66820, "scanner": "repobility-ast-engine", "fingerprint": "47eba5e3e336ae8befcdd540343b0698243eb8315e21d979a7371f73a3031b07", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|47eba5e3e336ae8befcdd540343b0698243eb8315e21d979a7371f73a3031b07"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 361}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getBuildCommand` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.getBuildCommand`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66819, "scanner": "repobility-ast-engine", "fingerprint": "1cbbea85eed47e029ae7e0e38ad91628af5cffb26425e597e7ec6bac33635093", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1cbbea85eed47e029ae7e0e38ad91628af5cffb26425e597e7ec6bac33635093"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 356}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.makeCMakeCmd` used but never assigned in __init__: Method `buildOne` of class `Builder` reads `self.makeCMakeCmd`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66818, "scanner": "repobility-ast-engine", "fingerprint": "6c8cf2c6ab1b4c73e782adf5fee69e40cd0e152839ac5be0802c48add8528a5e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6c8cf2c6ab1b4c73e782adf5fee69e40cd0e152839ac5be0802c48add8528a5e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 339}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getCMakeArgs` used but never assigned in __init__: Method `makeCMakeCmd` of class `Builder` reads `self.getCMakeArgs`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66817, "scanner": "repobility-ast-engine", "fingerprint": "e57edcd52b8012d23de5e9f1fb6e91c793f7b9505094e18a71ebe354deca56ad", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e57edcd52b8012d23de5e9f1fb6e91c793f7b9505094e18a71ebe354deca56ad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 294}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getToolchain` used but never assigned in __init__: Method `makeCMakeCmd` of class `Builder` reads `self.getToolchain`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66816, "scanner": "repobility-ast-engine", "fingerprint": "635ab732eb84657f90cde81ca7e4faf493c1b89d6cefe17c230392f9012fe0d9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|635ab732eb84657f90cde81ca7e4faf493c1b89d6cefe17c230392f9012fe0d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 293}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `getBuildCommand` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66815, "scanner": "repobility-ast-engine", "fingerprint": "60318212c2ab0f68c3e952a426aef1d7cd7de69f6ad618847a56a590e0516255", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|60318212c2ab0f68c3e952a426aef1d7cd7de69f6ad618847a56a590e0516255"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 253}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `getCMakeArgs` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66814, "scanner": "repobility-ast-engine", "fingerprint": "009542c38501bf49bfd76b03385ec39a62c620eb527afb1754979f9ac35a49fd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|009542c38501bf49bfd76b03385ec39a62c620eb527afb1754979f9ac35a49fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 217}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._build` used but never assigned in __init__: Method `build` of class `Builder` reads `self._build`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66813, "scanner": "repobility-ast-engine", "fingerprint": "4cb7eb6ae9b6e405edaf034889253197e4ab60238ac1804b634531d87635c9a5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4cb7eb6ae9b6e405edaf034889253197e4ab60238ac1804b634531d87635c9a5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 198}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getObjcTarget` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.getObjcTarget`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66812, "scanner": "repobility-ast-engine", "fingerprint": "3d485f01346cc62e72bd3ae54161f19cd9a5fd5869e6bfb83d85e9201dce7599", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3d485f01346cc62e72bd3ae54161f19cd9a5fd5869e6bfb83d85e9201dce7599"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 174}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getObjcTarget` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.getObjcTarget`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66811, "scanner": "repobility-ast-engine", "fingerprint": "99c6bc0371fd01e2df7e2dfcc855d8bcd69ae04e1d5e04d6e8839d0a6a0d86c8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|99c6bc0371fd01e2df7e2dfcc855d8bcd69ae04e1d5e04d6e8839d0a6a0d86c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 177}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getConfiguration` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.getConfiguration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66810, "scanner": "repobility-ast-engine", "fingerprint": "492386d0b770cb2bbeb5ab4d3c9b234df654edcb4adcd6e2bfec45fda7bb2e43", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|492386d0b770cb2bbeb5ab4d3c9b234df654edcb4adcd6e2bfec45fda7bb2e43"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 168}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.makeDynamicLib` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.makeDynamicLib`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66809, "scanner": "repobility-ast-engine", "fingerprint": "1270dc6618b1be5b25f3bd08f089b4df14e7715ebe519a400c1ecf7e0e731c2b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1270dc6618b1be5b25f3bd08f089b4df14e7715ebe519a400c1ecf7e0e731c2b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 159}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.mergeLibs` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.mergeLibs`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66808, "scanner": "repobility-ast-engine", "fingerprint": "4b26ff280d2a2de3b12792fe2eba26237227784171ac4eb34a34e7c3357df8cb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4b26ff280d2a2de3b12792fe2eba26237227784171ac4eb34a34e7c3357df8cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 155}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.copy_samples` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.copy_samples`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66807, "scanner": "repobility-ast-engine", "fingerprint": "9c65b1b5d5b2ca33c8adce4ac27c2ee30e1846d9f51e695ae438e042c7c2dda0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9c65b1b5d5b2ca33c8adce4ac27c2ee30e1846d9f51e695ae438e042c7c2dda0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 178}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.buildOne` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.buildOne`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66806, "scanner": "repobility-ast-engine", "fingerprint": "88e695c14325cf32592df07b23619e9189bafa33742a6b705c8aef06dd672ac5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|88e695c14325cf32592df07b23619e9189bafa33742a6b705c8aef06dd672ac5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.getBuildDir` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.getBuildDir`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66805, "scanner": "repobility-ast-engine", "fingerprint": "4478e320940199261dd8c6dffb4a6832017f4086642fbecf644bb9ee8cb10ac5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4478e320940199261dd8c6dffb4a6832017f4086642fbecf644bb9ee8cb10ac5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 120}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.makeFramework` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.makeFramework`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66804, "scanner": "repobility-ast-engine", "fingerprint": "9d068ba3fb1a7bca928db3e6e858afcf7b0a01a3f318db6c2321b8da2a2981d8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9d068ba3fb1a7bca928db3e6e858afcf7b0a01a3f318db6c2321b8da2a2981d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 162}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.checkCMakeVersion` used but never assigned in __init__: Method `_build` of class `Builder` reads `self.checkCMakeVersion`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66803, "scanner": "repobility-ast-engine", "fingerprint": "d1c8c7c073f2b0ddeb17340e32d23d66ee266b3d947b7d70544db1390e18d88e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d1c8c7c073f2b0ddeb17340e32d23d66ee266b3d947b7d70544db1390e18d88e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/ios/build_framework.py"}, "region": {"startLine": 97}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.debug` used but never assigned in __init__: Method `getBuildCommand` of class `OSXBuilder` reads `self.debug`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 66802, "scanner": "repobility-ast-engine", "fingerprint": "56225fa52cea675642e6f90c6c793cc59013e397485e733eb6f3a2fc3be51da4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|56225fa52cea675642e6f90c6c793cc59013e397485e733eb6f3a2fc3be51da4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/osx/build_framework.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 66758, "scanner": "repobility-threat-engine", "fingerprint": "d364127b16c905b83018becfcca0ca5d3d9ff220710c37b8c463670e736ada41", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search('Processed [0-9]+ frames \\(([0-9]+\\.[0-9]+)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|74|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/scripts/measure_privacy_masking.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "SEC085", "level": "error", "message": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "properties": {"repobilityId": 66757, "scanner": "repobility-threat-engine", "fingerprint": "bbf4c1574ebe81e8c7f157100d93f97b1e5ef9ba529f4555d2e20b1885788c16", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "exec(in_frame", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC085", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|bbf4c1574ebe81e8c7f157100d93f97b1e5ef9ba529f4555d2e20b1885788c16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/samples/privacy_masking_camera.cpp"}, "region": {"startLine": 139}}}]}, {"ruleId": "MINED036", "level": "error", "message": {"text": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping."}, "properties": {"repobilityId": 66756, "scanner": "repobility-threat-engine", "fingerprint": "7814d90a26da250b8dbed443c85fb818cbaf49a0eb9c23b7a8aff8ad1e724b17", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-os-system-call", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347982+00:00", "triaged_in_corpus": 15, "observations_count": 2221, "ai_coder_pattern_id": 117}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7814d90a26da250b8dbed443c85fb818cbaf49a0eb9c23b7a8aff8ad1e724b17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/src/vkcom/shader/spirv_generator.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "SEC005", "level": "error", "message": {"text": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input."}, "properties": {"repobilityId": 66755, "scanner": "repobility-threat-engine", "fingerprint": "df4f114a8983ce6551d9e99c37e6682aa2ec2bf6bb225a92da01ec8479cfdf0b", "category": "injection", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Command source appears controllable (config/plugin/argv/user input)", "evidence": {"match": "os.system(cmd_remove + ' ' +", "reason": "Command source appears controllable (config/plugin/argv/user input)", "rule_id": "SEC005", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|injection|token|95|sec005"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/src/vkcom/shader/spirv_generator.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "MINED011", "level": "error", "message": {"text": "[MINED011] Scala Get On Option: Option.get throws NoSuchElementException on None. Use getOrElse / fold / match."}, "properties": {"repobilityId": 66754, "scanner": "repobility-threat-engine", "fingerprint": "947ea11258a31b2faee0adb1b164beadcf55e134fcfe2edfac56e487536b775a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "scala-get-on-option", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["scala"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347923+00:00", "triaged_in_corpus": 15, "observations_count": 140164, "ai_coder_pattern_id": 159}, "scanner": "repobility-threat-engine", "correlation_key": "fp|947ea11258a31b2faee0adb1b164beadcf55e134fcfe2edfac56e487536b775a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/src/cuda/slice.cu"}, "region": {"startLine": 169}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 66719, "scanner": "repobility-threat-engine", "fingerprint": "9eb183571748ac03468a7e1477d9bf42ea60d8503a26fc5927fa29993568ae30", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(u", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9eb183571748ac03468a7e1477d9bf42ea60d8503a26fc5927fa29993568ae30"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/webnn-electron/main.js"}, "region": {"startLine": 24}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 66718, "scanner": "repobility-threat-engine", "fingerprint": "fcedd90367b0de1cdae8ec788b0a0d5ea580cd95f94f2f7d6d46354e637cfaba", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(f", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|fcedd90367b0de1cdae8ec788b0a0d5ea580cd95f94f2f7d6d46354e637cfaba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/utils.js"}, "region": {"startLine": 120}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 66717, "scanner": "repobility-threat-engine", "fingerprint": "5e602359b9ce6b6199662de29f80cc7af436def0eeee29aa6c4723abfe716e0e", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(f", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5e602359b9ce6b6199662de29f80cc7af436def0eeee29aa6c4723abfe716e0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/js_dnn_example_helper.js"}, "region": {"startLine": 65}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 66715, "scanner": "repobility-threat-engine", "fingerprint": "39658cef9b9b6522fed535f2fb4524223700d18f3fcdd66d3b4e0122a41c2ef6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "_points4D.create(4, npoints1, depth1);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|39658cef9b9b6522fed535f2fb4524223700d18f3fcdd66d3b4e0122a41c2ef6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/calib3d/src/triangulate.cpp"}, "region": {"startLine": 96}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 66714, "scanner": "repobility-threat-engine", "fingerprint": "636acff47466d5a8d8e55a2ea49bf60ec5726524d2446c04441a9f9b6d4e9f3f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "matC3.delete();", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|636acff47466d5a8d8e55a2ea49bf60ec5726524d2446c04441a9f9b6d4e9f3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/js_dnn_example_helper.js"}, "region": {"startLine": 13}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 66713, "scanner": "repobility-threat-engine", "fingerprint": "d973e99066b4c30cad570423712153f9285146dde534f06065c056dae3c91cd7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "src.create( 0, 0 , CV_8UC1 );", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d973e99066b4c30cad570423712153f9285146dde534f06065c056dae3c91cd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/traincascade/imagestorage.cpp"}, "region": {"startLine": 20}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 66711, "scanner": "repobility-threat-engine", "fingerprint": "a6cc7486223598a57cb8a32ed0b178ff91e2c4deec2f935bdf712e3cf749932d", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|token|262|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/common.py"}, "region": {"startLine": 262}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 66710, "scanner": "repobility-threat-engine", "fingerprint": "7a56d01df750bf90769004a1cf87eae9f90eba479a1611dd112858b8d127abf7", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|token|32|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/interactive-calibration/parametersController.cpp"}, "region": {"startLine": 32}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 66709, "scanner": "repobility-threat-engine", "fingerprint": "0763e7d0868b3622824a7b64b7ebab39f785361ed862d46918e3ebdc1a119f90", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(mCaptureParams.camID, mCaptureParams", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|token|40|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/interactive-calibration/calibPipeline.cpp"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED017", "level": "error", "message": {"text": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic."}, "properties": {"repobilityId": 66708, "scanner": "repobility-threat-engine", "fingerprint": "8a07a78768ef4735e4a29a568bf7a9f31f7d4c80b66e18c970f6d3ab1b819af0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-system-call", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347937+00:00", "triaged_in_corpus": 15, "observations_count": 77748, "ai_coder_pattern_id": 132}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8a07a78768ef4735e4a29a568bf7a9f31f7d4c80b66e18c970f6d3ab1b819af0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/zlib/inflate.h"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED017", "level": "error", "message": {"text": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic."}, "properties": {"repobilityId": 66707, "scanner": "repobility-threat-engine", "fingerprint": "97f9a917fbcec777bfade350c4e3496bb400a51233bcf06daa0b35d0db3def39", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-system-call", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347937+00:00", "triaged_in_corpus": 15, "observations_count": 77748, "ai_coder_pattern_id": 132}, "scanner": "repobility-threat-engine", "correlation_key": "fp|97f9a917fbcec777bfade350c4e3496bb400a51233bcf06daa0b35d0db3def39"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/zlib-ng/inflate.h"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66912, "scanner": "repobility-ast-engine", "fingerprint": "0935b5bfe75a6d34e820bf1669302b0422c4defa81e08bd80d106e9debd64e4a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0935b5bfe75a6d34e820bf1669302b0422c4defa81e08bd80d106e9debd64e4a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "samples/dnn/object_detection.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66911, "scanner": "repobility-ast-engine", "fingerprint": "9d42b3969f41e8cb4293af3fb2db299bac1d808ffe4527bde282f31565542108", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9d42b3969f41e8cb4293af3fb2db299bac1d808ffe4527bde282f31565542108"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "samples/dnn/segmentation.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66910, "scanner": "repobility-ast-engine", "fingerprint": "9fdd66cdb3897b9fb8fb408b8aac8331fb34ed6af29c1f704c0efcabca7a4d80", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9fdd66cdb3897b9fb8fb408b8aac8331fb34ed6af29c1f704c0efcabca7a4d80"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "samples/dnn/classification.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `html` used but not imported: The file uses `html.something(...)` but never imports `html`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66901, "scanner": "repobility-ast-engine", "fingerprint": "0becf857862bc98b1767d40daa9fbf08de41e5da3ab4b8f4244e0ff46af3c02a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0becf857862bc98b1767d40daa9fbf08de41e5da3ab4b8f4244e0ff46af3c02a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ts/misc/concatlogs.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `array` used but not imported: The file uses `array.something(...)` but never imports `array`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66887, "scanner": "repobility-ast-engine", "fingerprint": "8f66e56fd1b545d34910ed224f7170a2c81232f0a1d42af3d049f8a1f95fb920", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8f66e56fd1b545d34910ed224f7170a2c81232f0a1d42af3d049f8a1f95fb920"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/python/test/test_misc.py"}, "region": {"startLine": 324}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `csv` used but not imported: The file uses `csv.something(...)` but never imports `csv`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66854, "scanner": "repobility-ast-engine", "fingerprint": "395b3bf1fe0124462d2b342e813a6da55831e57467d57c36e58df2fd11df5af8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|395b3bf1fe0124462d2b342e813a6da55831e57467d57c36e58df2fd11df5af8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gapi/scripts/measure_privacy_masking.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66836, "scanner": "repobility-ast-engine", "fingerprint": "e56c4cae165f95c29c91334afb710bf0cad409c25f5936741d2ad2d73d2d958c", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e56c4cae165f95c29c91334afb710bf0cad409c25f5936741d2ad2d73d2d958c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/winpack_dldt/2021.2/build.config.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66835, "scanner": "repobility-ast-engine", "fingerprint": "908b5cd20199872ca8cc14731b7d1c11e9270482f3008a3a5b2d7b43b73ae5de", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|908b5cd20199872ca8cc14731b7d1c11e9270482f3008a3a5b2d7b43b73ae5de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/winpack_dldt/2021.4.1/build.config.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66834, "scanner": "repobility-ast-engine", "fingerprint": "aa39c265796c04b0f2c529d658726cbc5ee8797f4859b530b1bc837a73013b77", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa39c265796c04b0f2c529d658726cbc5ee8797f4859b530b1bc837a73013b77"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/winpack_dldt/2021.4/build.config.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66833, "scanner": "repobility-ast-engine", "fingerprint": "7f5ba14c4b66c4bd1fa64a0d53585dc56ed728cb959c405eceabccf0f54e0dc5", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7f5ba14c4b66c4bd1fa64a0d53585dc56ed728cb959c405eceabccf0f54e0dc5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/winpack_dldt/2021.4.2/build.config.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66832, "scanner": "repobility-ast-engine", "fingerprint": "9c21b24cfd6b31a3dac07903e8a400356476c302fc3c87c2d2f35801e45e07cc", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9c21b24cfd6b31a3dac07903e8a400356476c302fc3c87c2d2f35801e45e07cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/winpack_dldt/2021.3/build.config.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `os` used but not imported: The file uses `os.something(...)` but never imports `os`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 66831, "scanner": "repobility-ast-engine", "fingerprint": "e4f7d83a03a99e080825f148d58cecf8e1c052088113af5b482746303fa6d3d1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e4f7d83a03a99e080825f148d58cecf8e1c052088113af5b482746303fa6d3d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platforms/android/ndk-25.config.py"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED019", "level": "error", "message": {"text": "[MINED019] Ssti Jinja From String: jinja2.Environment().from_string(user_input) \u2014 full RCE via templates."}, "properties": {"repobilityId": 66749, "scanner": "repobility-threat-engine", "fingerprint": "f1b8395acefcfc3cac7f8f1ca73ce547191cbdd4a2d7c54c41845b7a4094962f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ssti-jinja-from-string", "owasp": "A03:2021", "cwe_ids": ["CWE-94"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347943+00:00", "triaged_in_corpus": 20, "observations_count": 47984, "ai_coder_pattern_id": 34}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f1b8395acefcfc3cac7f8f1ca73ce547191cbdd4a2d7c54c41845b7a4094962f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core/src/opencl/runtime/generator/common.py"}, "region": {"startLine": 261}}}]}, {"ruleId": "SEC084", "level": "error", "message": {"text": "[SEC084] JS: require() with non-literal: require(<variable>) loads arbitrary modules \u2014 equivalent to eval at module scope. Ported from eslint-plugin-security detect-non-literal-require (Apache-2.0)."}, "properties": {"repobilityId": 66738, "scanner": "repobility-threat-engine", "fingerprint": "8326fb5eb623debb614fb49b837eb08221d428b30ae040c4f7fb9357bcfc4843", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "require(batch_size", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC084", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8326fb5eb623debb614fb49b837eb08221d428b30ae040c4f7fb9357bcfc4843"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/src/cuda4dnn/primitives/detection_output.hpp"}, "region": {"startLine": 112}}}]}, {"ruleId": "SEC084", "level": "error", "message": {"text": "[SEC084] JS: require() with non-literal: require(<variable>) loads arbitrary modules \u2014 equivalent to eval at module scope. Ported from eslint-plugin-security detect-non-literal-require (Apache-2.0)."}, "properties": {"repobilityId": 66737, "scanner": "repobility-threat-engine", "fingerprint": "f76b26992279edbc3af50a78737b10af5e5117d28e5286cc9b434eaeecef2bc0", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "require(std", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC084", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|f76b26992279edbc3af50a78737b10af5e5117d28e5286cc9b434eaeecef2bc0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/dnn/src/cuda4dnn/csl/workspace.hpp"}, "region": {"startLine": 28}}}]}, {"ruleId": "SEC084", "level": "error", "message": {"text": "[SEC084] JS: require() with non-literal: require(<variable>) loads arbitrary modules \u2014 equivalent to eval at module scope. Ported from eslint-plugin-security detect-non-literal-require (Apache-2.0)."}, "properties": {"repobilityId": 66736, "scanner": "repobility-threat-engine", "fingerprint": "7acfde61bde3601aac0785ae971be81b756acc5556733e058f189b0ad168f7e1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "require(process", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC084", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|7acfde61bde3601aac0785ae971be81b756acc5556733e058f189b0ad168f7e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/webnn-electron/node_setup.js"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED024", "level": "error", "message": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "properties": {"repobilityId": 66733, "scanner": "repobility-threat-engine", "fingerprint": "60b10060bf839c49157e617223cc2de5d40702b236c30611b7b8de57f2c1505b", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-eval-usage", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347954+00:00", "triaged_in_corpus": 20, "observations_count": 35589, "ai_coder_pattern_id": 103}, "scanner": "repobility-threat-engine", "correlation_key": "fp|60b10060bf839c49157e617223cc2de5d40702b236c30611b7b8de57f2c1505b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/webnn-electron/utils_webnn_electron.js"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED024", "level": "error", "message": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "properties": {"repobilityId": 66732, "scanner": "repobility-threat-engine", "fingerprint": "3d5018a370901421c7f024af4606e866c015e983f96ac68f7349adef76106259", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-eval-usage", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347954+00:00", "triaged_in_corpus": 20, "observations_count": 35589, "ai_coder_pattern_id": 103}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3d5018a370901421c7f024af4606e866c015e983f96ac68f7349adef76106259"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/js_tutorials/js_assets/utils.js"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 66689, "scanner": "repobility-threat-engine", "fingerprint": "406acf8ac0d5715a1da3b8e748c2eca3b8d072d092290a6a28bfb108b0a19b5f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|406acf8ac0d5715a1da3b8e748c2eca3b8d072d092290a6a28bfb108b0a19b5f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libtiff/tif_compress.c"}, "region": {"startLine": 217}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 66688, "scanner": "repobility-threat-engine", "fingerprint": "1cfd46d6e1f3a3e62369b47afe4ef0dd1ca9876c7d129398d916c945c52b6907", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|1cfd46d6e1f3a3e62369b47afe4ef0dd1ca9876c7d129398d916c945c52b6907"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjpeg/jerror.c"}, "region": {"startLine": 194}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 66687, "scanner": "repobility-threat-engine", "fingerprint": "a60bf1dcd554fa65f47ecae9aead28d568d8bef0aff6a41a315a36023012d3d5", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a60bf1dcd554fa65f47ecae9aead28d568d8bef0aff6a41a315a36023012d3d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "3rdparty/libjasper/jas_string.c"}, "region": {"startLine": 94}}}]}]}]}