{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED124", "name": "[MINED124] requirements.txt: `opencv-python` has no version pin: Unpinned pip requirement means every fresh install may ", "shortDescription": {"text": "[MINED124] requirements.txt: `opencv-python` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible"}, "fullDescription": {"text": "Replace `opencv-python` with `opencv-python==<version>` and manage upgrades through PRs / Dependabot."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "WEB003", "name": "Public web service has no security.txt", "shortDescription": {"text": "Public web service has no security.txt"}, "fullDescription": {"text": "Add /.well-known/security.txt with Contact, Expires, Canonical, Preferred-Languages, and Policy fields. Keep the contact endpoint monitored."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "JRN003", "name": "Frontend API reference is not matched by discovered backend routes", "shortDescription": {"text": "Frontend API reference is not matched by discovered backend routes"}, "fullDescription": {"text": "Add the backend route, update the frontend constant to the implemented endpoint, or document that the route is served by another service and exclude it with .repobilityignore."}, "properties": {"scanner": "repobility-journey-contract", "category": "quality", "severity": "medium", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "AUC012", "name": "[AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json", "shortDescription": {"text": "[AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, protect them behind admin authentication, "}, "fullDescription": {"text": "Set docs_url=None, redoc_url=None, and openapi_url=None for production apps unless the docs are intentionally public and protected by routing, ingress, or an authenticated docs handler."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AUC004", "name": "[AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence ", "shortDescription": {"text": "[AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: GET /logs."}, "fullDescription": {"text": "Define whether this endpoint is admin-only or super_admin-only, then enforce that distinction in code and .repobility/access.yml."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.66, "cwe": "", "owasp": ""}}, {"id": "AUC002", "name": "[AUC002] Low visible authorization coverage in route inventory: Only 13.3% of discovered routes show nearby authenticati", "shortDescription": {"text": "[AUC002] Low visible authorization coverage in route inventory: Only 13.3% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence."}, "fullDescription": {"text": "Review the access matrix and add explicit framework auth declarations or policy-file exceptions for intentionally public routes."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "AGT012", "name": "Agent control bridge may listen on a network interface without visible auth", "shortDescription": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "fullDescription": {"text": "Bind local agent bridges to 127.0.0.1 by default. If remote access is required, require a bearer token or mTLS, enforce origin/CSRF checks for browser clients, and document the threat model."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AGT007", "name": "localStorage write failures are swallowed silently", "shortDescription": {"text": "localStorage write failures are swallowed silently"}, "fullDescription": {"text": "Handle QuotaExceededError explicitly, show a toast or error state, and guide the user to export/clear old local data. Log non-quota failures for diagnostics."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "SEC034", "name": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines o", "shortDescription": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (S"}, "fullDescription": {"text": "Strip control characters before logging:\n  safe = user_input.replace('\\n','').replace('\\r','').replace('\\x00','')\n  logger.info('User action: %s', safe)\nAlways use parameterized logging (`%s` + args), never f-strings or string concat \u2014 that's also what mitigates log4shell-style attacks. For structured logging, use a JSON formatter that escapes values."}, "properties": {"scanner": "repobility-threat-engine", "category": "log_injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC014", "name": "[SEC014] SSL Verification Disabled: SSL certificate verification is disabled, allowing man-in-the-middle attacks.", "shortDescription": {"text": "[SEC014] SSL Verification Disabled: SSL certificate verification is disabled, allowing man-in-the-middle attacks."}, "fullDescription": {"text": "Enable SSL verification. Use verify=True (default) for requests. Pin certificates if needed."}, "properties": {"scanner": "repobility-threat-engine", "category": "crypto", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC007", "name": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.", "shortDescription": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "fullDescription": {"text": "Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC127", "name": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedEr", "shortDescription": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or "}, "fullDescription": {"text": "Either implement the body, or fail closed at module-load time so the deploy can't ship a half-built route. A CI gate that fails build on `raise NotImplementedError` in non-abstract code catches this cleanly."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `list_data_files` has cognitive complexity 24 (SonarSource scale). Cogniti", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `list_data_files` has cognitive complexity 24 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursi"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 24."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AUC005", "name": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or sup", "shortDescription": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "fullDescription": {"text": "Add regression tests for anonymous denial, cross-user object denial, admin role limits, and super_admin-only behavior."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "low", "confidence": 0.76, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 2 more): Same pattern found in 2 additi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED013", "name": "[MINED013] Password In Url (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED013] Password In Url (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-200 / A07:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 20 more): Same pattern found in 20 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 20 more): Same pattern found in 20 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 4 more): Same pattern found in 4 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v4`: `uses: actions/deploy-pages@v4` resolves at workfl", "shortDescription": {"text": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v4`: `uses: actions/deploy-pages@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise ("}, "fullDescription": {"text": "Replace with: `uses: actions/deploy-pages@<40-char-sha>  # v4` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "[MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v4.5.0`: `.pre-commit", "shortDescription": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v4.5.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/pre-commit-hooks` at `rev: v4.5.0`. If `{rev}` is a branch or ve"}, "fullDescription": {"text": "Pin to a commit SHA: `rev: <40-char-sha>` and bump it through `pre-commit autoupdate` (which writes to PRs that are reviewed)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED130", "name": "[MINED130] Lockfile pulls package from off-canonical host `registry.npmmirror.com`: `package-lock.json` resolved URL for", "shortDescription": {"text": "[MINED130] Lockfile pulls package from off-canonical host `registry.npmmirror.com`: `package-lock.json` resolved URL for `node_modules/@algolia/autocomplete-core` is `https://registry.npmmirror.com/@algolia/autocomplete-core/-/autocomplete-"}, "fullDescription": {"text": "Verify the host is intentional. If your org uses a private registry, add it to your scanner's allowlist (CANONICAL_NPM_HOSTS). Otherwise, regenerate the lockfile against the canonical registry."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED112", "name": "[MINED112] FastAPI POST /stop has no auth: Handler `stop_crawler` is registered with router/app.post(...) but no Depends", "shortDescription": {"text": "[MINED112] FastAPI POST /stop has no auth: Handler `stop_crawler` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "fullDescription": {"text": "Add Depends(get_current_user) or Security(...) to the handler signature. If the route is truly public, document it with a code comment so the rule knows it's intentional."}, "properties": {"scanner": "repobility-route-auth", "category": "quality", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_extract_creator_info: Test function `test_extract_creator_info` runs code but con", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_extract_creator_info: Test function `test_extract_creator_info` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anythin"}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED110", "name": "[MINED110] Blocking call `time.sleep` inside async function `get_comments`: `time.sleep` is a synchronous (blocking) cal", "shortDescription": {"text": "[MINED110] Blocking call `time.sleep` inside async function `get_comments`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from mak"}, "fullDescription": {"text": "Use the async equivalent: `aiohttp` instead of `requests`, `asyncio.sleep` instead of `time.sleep`, `aiofiles` instead of `open`."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self._create_browser_context` used but never assigned in __init__: Method `_connect_existing_browser` of cla", "shortDescription": {"text": "[MINED108] `self._create_browser_context` used but never assigned in __init__: Method `_connect_existing_browser` of class `CDPBrowserManager` reads `self._create_browser_context`, but no assignment to it exists in __init__ (and no class-le"}, "fullDescription": {"text": "Initialize `self._create_browser_context = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC103", "name": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inje", "shortDescription": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "fullDescription": {"text": "Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders)."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED004", "name": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).", "shortDescription": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, ra"}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED014", "name": "[MINED014] Disabled Tls Verify: verify=False in requests, rejectUnauthorized:false in node, InsecureSkipVerify:true in G", "shortDescription": {"text": "[MINED014] Disabled Tls Verify: verify=False in requests, rejectUnauthorized:false in node, InsecureSkipVerify:true in Go."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-295 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC135", "name": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without", "shortDescription": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI bu"}, "fullDescription": {"text": "Add the project's auth decorator/middleware: `@login_required` (Django/Flask), `@permission_classes([IsAuthenticated])` (DRF), `Depends(get_current_user)` (FastAPI), `requireAuth` middleware (Express). For genuinely public endpoints, add a `# public-endpoint` marker comment so future scans skip them."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `json` used but not imported: The file uses `json.something(...)` but never imports `json`. T", "shortDescription": {"text": "[MINED107] Missing import: `json` used but not imported: The file uses `json.something(...)` but never imports `json`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import json` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC022", "name": "[SEC022] Database URL With Embedded Credential: A database connection URL contains an embedded username and password. Th", "shortDescription": {"text": "[SEC022] Database URL With Embedded Credential: A database connection URL contains an embedded username and password. These URLs are often copied into defaults, docs, and scripts, then leak working credentials."}, "fullDescription": {"text": "Remove the embedded password, require the URL from a secret store or environment variable, and rotate the database credential."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED030", "name": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.", "shortDescription": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-502 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED018", "name": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/fi", "shortDescription": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-502 / A08:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC081", "name": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary co", "shortDescription": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "fullDescription": {"text": "Use json, msgpack, or protobuf for untrusted data. If pickle is required, sign the payload with HMAC."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/954"}, "properties": {"repository": "NanmiCoder/MediaCrawler", "repoUrl": "https://github.com/NanmiCoder/MediaCrawler", "branch": "main"}, "results": [{"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `opencv-python` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 89678, "scanner": "repobility-supply-chain", "fingerprint": "ee19cc91f21b919f763e7ac27b9402f3d365f7a4cc599d7bf4b72fabef9cfea1", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ee19cc91f21b919f763e7ac27b9402f3d365f7a4cc599d7bf4b72fabef9cfea1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89669, "scanner": "repobility-ast-engine", "fingerprint": "fcd1178648f131b56e4bec82bbabd56ca0fb8cdda0860cf9b696022a14ed33ae", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fcd1178648f131b56e4bec82bbabd56ca0fb8cdda0860cf9b696022a14ed33ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/websocket.py"}, "region": {"startLine": 130}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89667, "scanner": "repobility-ast-engine", "fingerprint": "2aa43acc4fdb67d6dbff6db2c8cd31bdce5699816c4f37fd5d33d0e0d7983963", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2aa43acc4fdb67d6dbff6db2c8cd31bdce5699816c4f37fd5d33d0e0d7983963"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/douyin/login.py"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89666, "scanner": "repobility-ast-engine", "fingerprint": "e6ae7e9452477b6447eb2b78d8e5767a46b7530dc480f1984ebe053e29e85279", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e6ae7e9452477b6447eb2b78d8e5767a46b7530dc480f1984ebe053e29e85279"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/douyin/help.py"}, "region": {"startLine": 196}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89665, "scanner": "repobility-ast-engine", "fingerprint": "122ebde23d6a9b610e87bbadc530900d254cdb628648192f075e3c4d0f504ecd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|122ebde23d6a9b610e87bbadc530900d254cdb628648192f075e3c4d0f504ecd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/douyin/help.py"}, "region": {"startLine": 181}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89664, "scanner": "repobility-ast-engine", "fingerprint": "fcabe61192373500b8a280bc4923f46cd8167bb8016edebfac5d920a0ca3c1e4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fcabe61192373500b8a280bc4923f46cd8167bb8016edebfac5d920a0ca3c1e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/help.py"}, "region": {"startLine": 368}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89663, "scanner": "repobility-ast-engine", "fingerprint": "91a5597a43b89c6a88eded45ec7775dbec2ce0adac90fc1c42912fe277f63607", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|91a5597a43b89c6a88eded45ec7775dbec2ce0adac90fc1c42912fe277f63607"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 829}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89662, "scanner": "repobility-ast-engine", "fingerprint": "af8dd08d28051f1bab443fdf6edb8575a0ab564fbc144609fb4d2bbf486e209e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|af8dd08d28051f1bab443fdf6edb8575a0ab564fbc144609fb4d2bbf486e209e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 299}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89655, "scanner": "repobility-ast-engine", "fingerprint": "5b4bb2e2aa50ddf40d607d890f727d5511e61a33d89f7efb3cecaa765de98894", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5b4bb2e2aa50ddf40d607d890f727d5511e61a33d89f7efb3cecaa765de98894"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/core.py"}, "region": {"startLine": 441}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89654, "scanner": "repobility-ast-engine", "fingerprint": "41a9930d335493bd4b35210f7c718e5578bde29f21e82720bfd619782f366824", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|41a9930d335493bd4b35210f7c718e5578bde29f21e82720bfd619782f366824"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/kuaishou/help.py"}, "region": {"startLine": 106}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89653, "scanner": "repobility-ast-engine", "fingerprint": "eed4cc24595124e517f6362a806848b6eda88bcf257eab16fdf73e5f0a6f6570", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eed4cc24595124e517f6362a806848b6eda88bcf257eab16fdf73e5f0a6f6570"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/kuaishou/help.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89651, "scanner": "repobility-ast-engine", "fingerprint": "607d44d1ff44163c920295d5f38172a9eaff64dc4555b47185d56f27fd68b15f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|607d44d1ff44163c920295d5f38172a9eaff64dc4555b47185d56f27fd68b15f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/main.py"}, "region": {"startLine": 137}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89650, "scanner": "repobility-ast-engine", "fingerprint": "1be9fba2d8fcb04e03e97286fac263887e36f922c7b3089463e484a3f762c0f8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1be9fba2d8fcb04e03e97286fac263887e36f922c7b3089463e484a3f762c0f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "test/test_db_sync.py"}, "region": {"startLine": 213}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89649, "scanner": "repobility-ast-engine", "fingerprint": "5453a9568ef0ea1cd2c82d63fe549a79b32eee0d08d7b7d038042aabbe532866", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5453a9568ef0ea1cd2c82d63fe549a79b32eee0d08d7b7d038042aabbe532866"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "test/test_db_sync.py"}, "region": {"startLine": 196}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89648, "scanner": "repobility-ast-engine", "fingerprint": "ce6bcb005c9d25dbe6b475423677398a60ccb2578ed4e749ccee167fd09d626e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ce6bcb005c9d25dbe6b475423677398a60ccb2578ed4e749ccee167fd09d626e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "test/test_mongodb_integration.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89647, "scanner": "repobility-ast-engine", "fingerprint": "6c4802fb36f3c5210df1d0449e279d343ed5bb42069484793e49773ab746b486", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6c4802fb36f3c5210df1d0449e279d343ed5bb42069484793e49773ab746b486"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "test/test_mongodb_integration.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89645, "scanner": "repobility-ast-engine", "fingerprint": "b460fd13d5bde7c2d00be49933bd3ae02b5e3a597e41a2ef35383224d0f9d73a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b460fd13d5bde7c2d00be49933bd3ae02b5e3a597e41a2ef35383224d0f9d73a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/crawler_util.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89644, "scanner": "repobility-ast-engine", "fingerprint": "bd3e15536213a9c79825d034437ea36d7ec769dc169bf1f25fb50c9609723ec2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bd3e15536213a9c79825d034437ea36d7ec769dc169bf1f25fb50c9609723ec2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/browser_launcher.py"}, "region": {"startLine": 233}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89643, "scanner": "repobility-ast-engine", "fingerprint": "f10685ef3742d7ab9128b7899d573a903dda5c20dbacba12715fbd6886ef8efb", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f10685ef3742d7ab9128b7899d573a903dda5c20dbacba12715fbd6886ef8efb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/browser_launcher.py"}, "region": {"startLine": 238}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89642, "scanner": "repobility-ast-engine", "fingerprint": "330a4161bc81322fbc444985162939517dd3754302e06c1d400967a8f4daa86c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|330a4161bc81322fbc444985162939517dd3754302e06c1d400967a8f4daa86c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/time_util.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89641, "scanner": "repobility-ast-engine", "fingerprint": "c3044b62f213d153ae60d313cfdf774b4f24dae4a216ae0c91765cae5394616f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c3044b62f213d153ae60d313cfdf774b4f24dae4a216ae0c91765cae5394616f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/file_header_manager.py"}, "region": {"startLine": 209}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89640, "scanner": "repobility-ast-engine", "fingerprint": "2de224bdbf6a659aac8e7bd8e03d682f4a0d594bd80a78fd8b8cf028532ad1d8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2de224bdbf6a659aac8e7bd8e03d682f4a0d594bd80a78fd8b8cf028532ad1d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/app_runner.py"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89614, "scanner": "repobility-ast-engine", "fingerprint": "a9fd0ec44735a5a9c09711b4b8975384950815deaaa24688c7f84cb622dab9d1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a9fd0ec44735a5a9c09711b4b8975384950815deaaa24688c7f84cb622dab9d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "main.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89613, "scanner": "repobility-ast-engine", "fingerprint": "3310a567542eb4058bf0109a9fd7a3db0ed4e1e448eba793b3e1b89ea77460a0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3310a567542eb4058bf0109a9fd7a3db0ed4e1e448eba793b3e1b89ea77460a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "main.py"}, "region": {"startLine": 125}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89612, "scanner": "repobility-ast-engine", "fingerprint": "1281ed19d5d19e5d5cd83e96d41be77d1272c1dc2e54d9d06464eaa625784b13", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1281ed19d5d19e5d5cd83e96d41be77d1272c1dc2e54d9d06464eaa625784b13"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "main.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89611, "scanner": "repobility-ast-engine", "fingerprint": "b62d9c36c818e5c6cbc1652b8bb987d283fc3d38e6bf7416dc60f652f87c55d9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b62d9c36c818e5c6cbc1652b8bb987d283fc3d38e6bf7416dc60f652f87c55d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "main.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "WEB003", "level": "warning", "message": {"text": "Public web service has no security.txt"}, "properties": {"repobilityId": 89610, "scanner": "repobility-web-presence", "fingerprint": "5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app/API but no security.txt file or route was discovered.", "evidence": {"rule_id": "WEB003", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9116", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".well-known/security.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "JRN003", "level": "warning", "message": {"text": "Frontend API reference is not matched by discovered backend routes"}, "properties": {"repobilityId": 89609, "scanner": "repobility-journey-contract", "fingerprint": "9f4bfe285aeb7bd8cb7a416e06cb4032c0a20323d5972c7333c3b46f21c58182", "category": "quality", "severity": "medium", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Same-origin /api path appears in frontend code but no discovered backend endpoint has the same route shape.", "evidence": {"rule_id": "JRN003", "scanner": "repobility-journey-contract", "references": ["https://repobility.com/library/authorization/"], "route_shape": "/api/data/download/{param}", "correlation_key": "fp|9f4bfe285aeb7bd8cb7a416e06cb4032c0a20323d5972c7333c3b46f21c58182", "backend_endpoint_count": 15}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/webui/assets/index-DvClRayq.js"}, "region": {"startLine": 239}}}]}, {"ruleId": "AUC012", "level": "warning", "message": {"text": "[AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, protect them behind admin authentication, or publish a reviewed OpenAPI spec with declared security requirements."}, "properties": {"repobilityId": 89607, "scanner": "repobility-access-control", "fingerprint": "27f8c50db94c1d5138790446654bd4d0b5823ce185d040059e5a7502358b5899", "category": "auth", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"apps": [{"line": 33, "file_path": "recv_sms.py", "docs_url_disabled": false, "redoc_url_disabled": false, "openapi_url_disabled": false}, {"line": 36, "file_path": "api/main.py", "docs_url_disabled": false, "redoc_url_disabled": false, "openapi_url_disabled": false}], "scanner": "repobility-access-control", "correlation_key": "fp|27f8c50db94c1d5138790446654bd4d0b5823ce185d040059e5a7502358b5899"}}}, {"ruleId": "AUC004", "level": "warning", "message": {"text": "[AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: GET /logs."}, "properties": {"repobilityId": 89606, "scanner": "repobility-access-control", "fingerprint": "e968c32e9d9176558a0e695d584be8764d05abce5074fca04db9913dd32c6fe0", "category": "auth", "severity": "medium", "confidence": 0.66, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/logs", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|api/routers/crawler.py|59|auc004", "identity_targets": ["unknown", "admin"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/crawler.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "AUC004", "level": "warning", "message": {"text": "[AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: GET /status."}, "properties": {"repobilityId": 89605, "scanner": "repobility-access-control", "fingerprint": "5a3fd345a5e0ab0e9757af7f97b037329c79d90080b479c8f8a763bd9ebb7c38", "category": "auth", "severity": "medium", "confidence": 0.66, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/status", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|api/routers/crawler.py|53|auc004", "identity_targets": ["anonymous", "authenticated"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/crawler.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "AUC004", "level": "warning", "message": {"text": "[AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: POST /stop."}, "properties": {"repobilityId": 89604, "scanner": "repobility-access-control", "fingerprint": "12981fd68eef184298567a046ac94c3d2715ce714d7c73ba0099b5567ca115f4", "category": "auth", "severity": "medium", "confidence": 0.66, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/stop", "method": "POST", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|api/routers/crawler.py|40|auc004", "identity_targets": ["unknown", "admin"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/crawler.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "AUC004", "level": "warning", "message": {"text": "[AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: POST /start."}, "properties": {"repobilityId": 89603, "scanner": "repobility-access-control", "fingerprint": "682a31eac606ae81cf98bfd1274bcf6f2a98f338ee3053bea2051620900ad662", "category": "auth", "severity": "medium", "confidence": 0.66, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/start", "method": "POST", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|api/routers/crawler.py|27|auc004", "identity_targets": ["unknown", "admin"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/crawler.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "AUC002", "level": "warning", "message": {"text": "[AUC002] Low visible authorization coverage in route inventory: Only 13.3% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence."}, "properties": {"repobilityId": 89602, "scanner": "repobility-access-control", "fingerprint": "df928cf60347332aef0d3b123675747b14bcfa303822b6e086d4a08e717b00fe", "category": "auth", "severity": "medium", "confidence": 0.74, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "endpoint_count": 15, "correlation_key": "fp|df928cf60347332aef0d3b123675747b14bcfa303822b6e086d4a08e717b00fe", "auth_visible_percent": 13.3}}}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 89601, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["FastAPI"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 89600, "scanner": "repobility-agent-runtime", "fingerprint": "668cfc1cf7191afb4fe4e35d1b25a30495bb01a06a4cdbaf712a6d7a9da9d55d", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|668cfc1cf7191afb4fe4e35d1b25a30495bb01a06a4cdbaf712a6d7a9da9d55d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/test_data/note_detail.html"}, "region": {"startLine": 76}}}]}, {"ruleId": "AGT007", "level": "warning", "message": {"text": "localStorage write failures are swallowed silently"}, "properties": {"repobilityId": 89599, "scanner": "repobility-agent-runtime", "fingerprint": "c2e4ba2814019d0fa138518a6e59a5b9a882cb5989869ddf9b9e9a59d5b14b66", "category": "quality", "severity": "medium", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File writes to localStorage and has an empty or ignore-only catch block without QuotaExceededError handling.", "evidence": {"rule_id": "AGT007", "scanner": "repobility-agent-runtime", "references": ["https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API"], "correlation_key": "fp|c2e4ba2814019d0fa138518a6e59a5b9a882cb5989869ddf9b9e9a59d5b14b66"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/test_data/note_comments.html"}, "region": {"startLine": 810}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 89598, "scanner": "repobility-agent-runtime", "fingerprint": "177f2c7da0b52513495c0ca09e7530629f30de27537e8ba41c90c7389d9e4067", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|177f2c7da0b52513495c0ca09e7530629f30de27537e8ba41c90c7389d9e4067"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/test_data/note_comments.html"}, "region": {"startLine": 76}}}]}, {"ruleId": "AGT007", "level": "warning", "message": {"text": "localStorage write failures are swallowed silently"}, "properties": {"repobilityId": 89597, "scanner": "repobility-agent-runtime", "fingerprint": "fcba6941215e8d6011572ad5b5d62f007d56ba840308db71426d9c4450b7db40", "category": "quality", "severity": "medium", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File writes to localStorage and has an empty or ignore-only catch block without QuotaExceededError handling.", "evidence": {"rule_id": "AGT007", "scanner": "repobility-agent-runtime", "references": ["https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API"], "correlation_key": "fp|fcba6941215e8d6011572ad5b5d62f007d56ba840308db71426d9c4450b7db40"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/webui/assets/index-DvClRayq.js"}, "region": {"startLine": 234}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 89596, "scanner": "repobility-agent-runtime", "fingerprint": "d5059ff8ed41e327a6cdca64c233ae4278c60956a7301722554769b236b2acaa", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|d5059ff8ed41e327a6cdca64c233ae4278c60956a7301722554769b236b2acaa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/main.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "SEC034", "level": "warning", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (SIEM, splunk). Combined with template injection this can escalate to RCE (CVE-2021-44228 log4shell). CWE-117."}, "properties": {"repobilityId": 89563, "scanner": "repobility-threat-engine", "fingerprint": "2cd6fbb23329c8aaa8853422266ac8415d7a1a9c1fc626c182c22e8f4653895c", "category": "log_injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "logger.info(f\"[TieBaMongoStoreImplement.store_creator] Saved creator {user", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|2cd6fbb23329c8aaa8853422266ac8415d7a1a9c1fc626c182c22e8f4653895c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/tieba/_store_impl.py"}, "region": {"startLine": 275}}}]}, {"ruleId": "SEC034", "level": "warning", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (SIEM, splunk). Combined with template injection this can escalate to RCE (CVE-2021-44228 log4shell). CWE-117."}, "properties": {"repobilityId": 89562, "scanner": "repobility-threat-engine", "fingerprint": "d035326887db3463eec01550af91b3a29be63c707c691867309be4c5897be139", "category": "log_injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "logger.info(f\"[KuaishouMongoStoreImplement.store_creator] Saved creator {user", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d035326887db3463eec01550af91b3a29be63c707c691867309be4c5897be139"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/kuaishou/_store_impl.py"}, "region": {"startLine": 245}}}]}, {"ruleId": "SEC034", "level": "warning", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (SIEM, splunk). Combined with template injection this can escalate to RCE (CVE-2021-44228 log4shell). CWE-117."}, "properties": {"repobilityId": 89561, "scanner": "repobility-threat-engine", "fingerprint": "25ce8cc4fdf170699b021d22a25879ef55f46bb8ebf2c50269ed0841fc752e38", "category": "log_injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "logger.info(f\"[DouyinMongoStoreImplement.store_creator] Saved creator {user", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|25ce8cc4fdf170699b021d22a25879ef55f46bb8ebf2c50269ed0841fc752e38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/douyin/_store_impl.py"}, "region": {"startLine": 292}}}]}, {"ruleId": "SEC014", "level": "warning", "message": {"text": "[SEC014] SSL Verification Disabled: SSL certificate verification is disabled, allowing man-in-the-middle attacks."}, "properties": {"repobilityId": 89540, "scanner": "repobility-threat-engine", "fingerprint": "c21ce84d1c70ac29d6fc3e6465ea6717a052a247842481321de8c4575b66457c", "category": "crypto", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "VERIFY = False", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC014", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|crypto|config/base_config.py|141|sec014"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "config/base_config.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "SEC007", "level": "warning", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 89536, "scanner": "repobility-threat-engine", "fingerprint": "f7ad728c3aa37e5426aab109bef3127a7574bcb5aded5f7256f359ee198fb534", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.loads(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|cache/redis_cache.py|65|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cache/redis_cache.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "SEC127", "level": "warning", "message": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident."}, "properties": {"repobilityId": 89535, "scanner": "repobility-threat-engine", "fingerprint": "f43d1dba36f1a21d93964277c3e6c80bf124c74859b05758d12c742e2c21ef98", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "def store_comment(self, comment_item: Dict):\n        pass\n\n    # TODO", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC127", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|f43d1dba36f1a21d93964277c3e6c80bf124c74859b05758d12c742e2c21ef98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "base/base_crawler.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 89533, "scanner": "repobility-threat-engine", "fingerprint": "8e9e3a44e7b09192162416cbc65ba133dce43e831d732adc18b7f74f4c1ee272", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n            pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8e9e3a44e7b09192162416cbc65ba133dce43e831d732adc18b7f74f4c1ee272"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "main.py"}, "region": {"startLine": 154}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 89532, "scanner": "repobility-threat-engine", "fingerprint": "76377e1c94120498aa88515f09f0b61046a3e94da9101bc8aa00eb5415069da7", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|76377e1c94120498aa88515f09f0b61046a3e94da9101bc8aa00eb5415069da7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/websocket.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 89531, "scanner": "repobility-threat-engine", "fingerprint": "4828765e27d97f3cb1722a9a848d3ef64eaa0fdbc2f6709ccc059154e1a02f5b", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|4828765e27d97f3cb1722a9a848d3ef64eaa0fdbc2f6709ccc059154e1a02f5b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/data.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `list_data_files` has cognitive complexity 24 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=4, except=1, for=2, if=5, nested_bonus=12."}, "properties": {"repobilityId": 89519, "scanner": "repobility-threat-engine", "fingerprint": "7cd825f582bd03a74c7f525cb10cca0f867e452f7884cdfb760834f29e2cbb21", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 24 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "list_data_files", "breakdown": {"if": 5, "for": 2, "except": 1, "continue": 4, "nested_bonus": 12}, "complexity": 24, "correlation_key": "fp|7cd825f582bd03a74c7f525cb10cca0f867e452f7884cdfb760834f29e2cbb21"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/data.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "AUC005", "level": "note", "message": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "properties": {"repobilityId": 89608, "scanner": "repobility-access-control", "fingerprint": "c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e", "category": "auth", "severity": "low", "confidence": 0.76, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["FastAPI"], "correlation_key": "fp|c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e"}}}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89595, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4cb1b3028f3d74af93fb8465ccf65c2b6324595293f9f29a02d9cff2b2fe1641", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/bilibili/_store_impl.py", "duplicate_line": 314, "correlation_key": "fp|4cb1b3028f3d74af93fb8465ccf65c2b6324595293f9f29a02d9cff2b2fe1641"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/xhs/_store_impl.py"}, "region": {"startLine": 258}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89594, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d2da6cda565632bd4ac280513a40b8683de2dbfbde4b5221676fdcd37aea3339", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/douyin/_store_impl.py", "duplicate_line": 206, "correlation_key": "fp|d2da6cda565632bd4ac280513a40b8683de2dbfbde4b5221676fdcd37aea3339"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/weibo/_store_impl.py"}, "region": {"startLine": 214}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89593, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c95673e49e8999fdec935345a7a020ea4ee602919bc438db0c6fa54f6ae6630f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/bilibili/_store_impl.py", "duplicate_line": 314, "correlation_key": "fp|c95673e49e8999fdec935345a7a020ea4ee602919bc438db0c6fa54f6ae6630f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/weibo/_store_impl.py"}, "region": {"startLine": 199}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89592, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ba328770ad06c13266596133e0ea448a9f291dee038d690745b492795458c4db", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/kuaishou/_store_impl.py", "duplicate_line": 15, "correlation_key": "fp|ba328770ad06c13266596133e0ea448a9f291dee038d690745b492795458c4db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/weibo/_store_impl.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89591, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c6954b7e9e8d403fecc7c26dfbf9d23f21703712309790b48830d2d871975dd5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/douyin/_store_impl.py", "duplicate_line": 206, "correlation_key": "fp|c6954b7e9e8d403fecc7c26dfbf9d23f21703712309790b48830d2d871975dd5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/tieba/_store_impl.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89590, "scanner": "repobility-ai-code-hygiene", "fingerprint": "14d81f1dbf93fbc5ed3ca1a8905498c319c0f348355d921f5c87334d1b268729", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/bilibili/_store_impl.py", "duplicate_line": 314, "correlation_key": "fp|14d81f1dbf93fbc5ed3ca1a8905498c319c0f348355d921f5c87334d1b268729"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/tieba/_store_impl.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89589, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f96c1f2340d24494ab038c9cf82caa4a691a025bf6fe8a417fc50994bb1754a1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/kuaishou/_store_impl.py", "duplicate_line": 16, "correlation_key": "fp|f96c1f2340d24494ab038c9cf82caa4a691a025bf6fe8a417fc50994bb1754a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/tieba/_store_impl.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89588, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3ff90bca06ce6e4a716d19b9caebe23104396dc8f2f7da701fb70ad2799cf8a6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/douyin/_store_impl.py", "duplicate_line": 206, "correlation_key": "fp|3ff90bca06ce6e4a716d19b9caebe23104396dc8f2f7da701fb70ad2799cf8a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/kuaishou/_store_impl.py"}, "region": {"startLine": 163}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89587, "scanner": "repobility-ai-code-hygiene", "fingerprint": "17832d59cae2b20f8d4354be5894a84655eb708d94d32e938f901216dfe12a68", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/bilibili/_store_impl.py", "duplicate_line": 299, "correlation_key": "fp|17832d59cae2b20f8d4354be5894a84655eb708d94d32e938f901216dfe12a68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/kuaishou/_store_impl.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89586, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4ae5f379d05a85c8b60e5a03d6901fe82b793e66cd33cfcc180aebdb734a53ba", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "store/bilibili/_store_impl.py", "duplicate_line": 206, "correlation_key": "fp|4ae5f379d05a85c8b60e5a03d6901fe82b793e66cd33cfcc180aebdb734a53ba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/douyin/_store_impl.py"}, "region": {"startLine": 115}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89585, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0093a967450e06d92ca2d68564b5b21fa08f3ee5f6b0f8903bae749915313dbb", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/tieba/login.py", "duplicate_line": 13, "correlation_key": "fp|0093a967450e06d92ca2d68564b5b21fa08f3ee5f6b0f8903bae749915313dbb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/zhihu/login.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89584, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7af785daebae570d6ad79541e19efe7bd5c15e14661c78282b42cba0ffe16c7b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/login.py", "duplicate_line": 12, "correlation_key": "fp|7af785daebae570d6ad79541e19efe7bd5c15e14661c78282b42cba0ffe16c7b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/zhihu/login.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89583, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f23d859bd1c378aee5779c7f84cbd6cd4257234079af8298dfb5e451248df2ce", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/core.py", "duplicate_line": 438, "correlation_key": "fp|f23d859bd1c378aee5779c7f84cbd6cd4257234079af8298dfb5e451248df2ce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/zhihu/core.py"}, "region": {"startLine": 347}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89582, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6be208d9373517ff24c311fe4661f9ca6c7c20b0b24654599be7850a676cfb07", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/kuaishou/core.py", "duplicate_line": 274, "correlation_key": "fp|6be208d9373517ff24c311fe4661f9ca6c7c20b0b24654599be7850a676cfb07"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/zhihu/core.py"}, "region": {"startLine": 327}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89581, "scanner": "repobility-ai-code-hygiene", "fingerprint": "07a2ff98a5e656c0ce08da706b5da173164686e04a44a6daf15387397175ecf4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/weibo/core.py", "duplicate_line": 74, "correlation_key": "fp|07a2ff98a5e656c0ce08da706b5da173164686e04a44a6daf15387397175ecf4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/zhihu/core.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89580, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8cba586b655b0d6385698e5bf17df0d9e342fbad9b713b1b5fb5c0bfa093630d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/xhs/help.py", "duplicate_line": 46, "correlation_key": "fp|8cba586b655b0d6385698e5bf17df0d9e342fbad9b713b1b5fb5c0bfa093630d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/xhs_sign.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89579, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fd2daf7c6a1a2414c6e530c8b87d5c0238cf07be805b13a8a05d9a47c89ef311", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/tieba/login.py", "duplicate_line": 13, "correlation_key": "fp|fd2daf7c6a1a2414c6e530c8b87d5c0238cf07be805b13a8a05d9a47c89ef311"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/login.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89578, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d61d85e30a3d7c7c0121e2d221898dbd2b0be16de4e63e9a66db385d1ceb9905", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/login.py", "duplicate_line": 12, "correlation_key": "fp|d61d85e30a3d7c7c0121e2d221898dbd2b0be16de4e63e9a66db385d1ceb9905"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/login.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89577, "scanner": "repobility-ai-code-hygiene", "fingerprint": "21c6256295e6988898044a16203f22c749104ed1f7836cf18ad26768d17cd8de", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/douyin/core.py", "duplicate_line": 286, "correlation_key": "fp|21c6256295e6988898044a16203f22c749104ed1f7836cf18ad26768d17cd8de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/core.py"}, "region": {"startLine": 342}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89576, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6673b31ab4a1e016ea47e8355ffa562a747edb2cf8e8a247e98f3916dc66b46e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/core.py", "duplicate_line": 420, "correlation_key": "fp|6673b31ab4a1e016ea47e8355ffa562a747edb2cf8e8a247e98f3916dc66b46e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/core.py"}, "region": {"startLine": 329}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89575, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bdd76366f5b5c12c7a4046c311785e1c4f96412830821ad79c8dd30881f8a0c0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/weibo/core.py", "duplicate_line": 74, "correlation_key": "fp|bdd76366f5b5c12c7a4046c311785e1c4f96412830821ad79c8dd30881f8a0c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/core.py"}, "region": {"startLine": 76}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89574, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0cf4b0794b02f59018262199e62abd549ee3a1f8bfe887e296721f305bec1141", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/tieba/client.py", "duplicate_line": 285, "correlation_key": "fp|0cf4b0794b02f59018262199e62abd549ee3a1f8bfe887e296721f305bec1141"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/client.py"}, "region": {"startLine": 203}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89573, "scanner": "repobility-ai-code-hygiene", "fingerprint": "05be6a370d92ea8355c37f87152e3f60101e89ddd6c66144a321ca5060174dbd", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/login.py", "duplicate_line": 12, "correlation_key": "fp|05be6a370d92ea8355c37f87152e3f60101e89ddd6c66144a321ca5060174dbd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/weibo/login.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89572, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6555d65e598779aa103e98e1ef0dcb8cb5ee37868aaa4d57510a75c3fcc09188", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/core.py", "duplicate_line": 420, "correlation_key": "fp|6555d65e598779aa103e98e1ef0dcb8cb5ee37868aaa4d57510a75c3fcc09188"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/weibo/core.py"}, "region": {"startLine": 288}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89571, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3bf1a57424f1155b77b80d232812921aec5040f9e21ea16937500a6861a52ba7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/login.py", "duplicate_line": 12, "correlation_key": "fp|3bf1a57424f1155b77b80d232812921aec5040f9e21ea16937500a6861a52ba7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/login.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89570, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a1f66a7c41c8f601f808e695b64a0bfd2e8c617a69349d9039df00113d24d790", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/core.py", "duplicate_line": 438, "correlation_key": "fp|a1f66a7c41c8f601f808e695b64a0bfd2e8c617a69349d9039df00113d24d790"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/core.py"}, "region": {"startLine": 499}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89569, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5b508b6e90ea391d9c61179736bf7412a51ddcf77b1f5d35dbdde1da5d2c672f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/kuaishou/core.py", "duplicate_line": 274, "correlation_key": "fp|5b508b6e90ea391d9c61179736bf7412a51ddcf77b1f5d35dbdde1da5d2c672f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/core.py"}, "region": {"startLine": 479}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89568, "scanner": "repobility-ai-code-hygiene", "fingerprint": "87927c8b364404658232340b97a2bed9f5f52912dddb5e04f9518261ee05c107", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/login.py", "duplicate_line": 12, "correlation_key": "fp|87927c8b364404658232340b97a2bed9f5f52912dddb5e04f9518261ee05c107"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/kuaishou/login.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89567, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7dc65d5b6cd174515ac8c8ee25e25044b36bbe626b708a8c7c97aaae5ef92ae6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/core.py", "duplicate_line": 438, "correlation_key": "fp|7dc65d5b6cd174515ac8c8ee25e25044b36bbe626b708a8c7c97aaae5ef92ae6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/kuaishou/core.py"}, "region": {"startLine": 294}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89566, "scanner": "repobility-ai-code-hygiene", "fingerprint": "11b9825c54129053b89639f3ac7cfcbce72da45f20d5a8732ee03f6c757824a0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "media_platform/bilibili/core.py", "duplicate_line": 420, "correlation_key": "fp|11b9825c54129053b89639f3ac7cfcbce72da45f20d5a8732ee03f6c757824a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/douyin/core.py"}, "region": {"startLine": 273}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `check_environment` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=2, except=3, if=2, or=2."}, "properties": {"repobilityId": 89517, "scanner": "repobility-threat-engine", "fingerprint": "af9c121a45b79e4f107d44ae6d2b8780658d6c9b6e062350988544163a04b377", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "check_environment", "breakdown": {"if": 2, "or": 2, "else": 2, "except": 3}, "complexity": 9, "correlation_key": "fp|af9c121a45b79e4f107d44ae6d2b8780658d6c9b6e062350988544163a04b377"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/main.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 89565, "scanner": "repobility-threat-engine", "fingerprint": "b6a92bab5f0677713f0d88f78b2f4b12026b0ed29fdd0b0061511e7b912f109a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b6a92bab5f0677713f0d88f78b2f4b12026b0ed29fdd0b0061511e7b912f109a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/douyin/_store_impl.py"}, "region": {"startLine": 233}}}]}, {"ruleId": "SEC034", "level": "none", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 89564, "scanner": "repobility-threat-engine", "fingerprint": "ef1de2b205a575342e12c9f71cad0f292ab32e48606665e0a711fdbfede1d1af", "category": "log_injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|ef1de2b205a575342e12c9f71cad0f292ab32e48606665e0a711fdbfede1d1af"}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 89560, "scanner": "repobility-threat-engine", "fingerprint": "deede2eb215d875636a96303401dd81bf1c025789980c14394da92c4eaa2dcca", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|deede2eb215d875636a96303401dd81bf1c025789980c14394da92c4eaa2dcca", "aggregated_count": 1}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 89559, "scanner": "repobility-threat-engine", "fingerprint": "501e2b6a20adca3283ba44b1b8bb39c9081b8a8df126fc8f6c395970451c587a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|501e2b6a20adca3283ba44b1b8bb39c9081b8a8df126fc8f6c395970451c587a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/xhs/__init__.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 89558, "scanner": "repobility-threat-engine", "fingerprint": "4069a44a756869315a398ac81d9575f629ba0d4ff5eba4caa04f218e73c6ae3a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4069a44a756869315a398ac81d9575f629ba0d4ff5eba4caa04f218e73c6ae3a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "proxy/proxy_mixin.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 89557, "scanner": "repobility-threat-engine", "fingerprint": "7696b7cbfe3fe9ef54855ffde3b65382c5d549a288e59c9e60732c93a009cf4b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7696b7cbfe3fe9ef54855ffde3b65382c5d549a288e59c9e60732c93a009cf4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "proxy/proxy_ip_pool.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 89550, "scanner": "repobility-threat-engine", "fingerprint": "821cba61ed8ca9932fa4a20b298f5d896106f8bf2152c246419c88b94424b756", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|821cba61ed8ca9932fa4a20b298f5d896106f8bf2152c246419c88b94424b756"}}}, {"ruleId": "MINED013", "level": "none", "message": {"text": "[MINED013] Password In Url (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 89546, "scanner": "repobility-threat-engine", "fingerprint": "085040b8c3d2e5c3560ba1137cf773c78596fa51f6271b6214b5fee56cac4add", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "password-in-url", "owasp": "A07:2021", "cwe_ids": ["CWE-200"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347928+00:00", "triaged_in_corpus": 20, "observations_count": 121646, "ai_coder_pattern_id": 37}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|085040b8c3d2e5c3560ba1137cf773c78596fa51f6271b6214b5fee56cac4add", "aggregated_count": 1}}}, {"ruleId": "ERR001", "level": "none", "message": {"text": "[ERR001] Silent Exception Swallowing (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 89534, "scanner": "repobility-threat-engine", "fingerprint": "8a4bd872da419130753367ef5a61efa729f221dd8f26dbedd7003551d50a5f41", "category": "error_handling", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|8a4bd872da419130753367ef5a61efa729f221dd8f26dbedd7003551d50a5f41"}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 20 more): Same pattern found in 20 additional files. Review if needed."}, "properties": {"repobilityId": 89530, "scanner": "repobility-threat-engine", "fingerprint": "273d6a4223443d5f6ed60683970d1d54de89b1abe4bff38f6638f1334032dfd9", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 20 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|273d6a4223443d5f6ed60683970d1d54de89b1abe4bff38f6638f1334032dfd9", "aggregated_count": 20}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 89529, "scanner": "repobility-threat-engine", "fingerprint": "68e0dc0cb3e1c6b6f6091d088f3be1cece4f93a0d0f2b886fc0dead582fed11a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|68e0dc0cb3e1c6b6f6091d088f3be1cece4f93a0d0f2b886fc0dead582fed11a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/services/crawler_manager.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 89528, "scanner": "repobility-threat-engine", "fingerprint": "b6c89d3c331f7e441d4d4a806eea998b7bc7fa6a20acd0437ae43942e1510739", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b6c89d3c331f7e441d4d4a806eea998b7bc7fa6a20acd0437ae43942e1510739"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/websocket.py"}, "region": {"startLine": 149}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 89527, "scanner": "repobility-threat-engine", "fingerprint": "e3367017a751065acff6cab999d8fad2916c858ca81817150c4ba82dedf9581f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e3367017a751065acff6cab999d8fad2916c858ca81817150c4ba82dedf9581f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/data.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "properties": {"repobilityId": 89526, "scanner": "repobility-threat-engine", "fingerprint": "c0243c95a960df79d347d546f02c8d708977edbd4a97478c529e24c680ef3789", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 4 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|c0243c95a960df79d347d546f02c8d708977edbd4a97478c529e24c680ef3789", "aggregated_count": 4}}}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 24 more): Same pattern found in 24 additional files. Review if needed."}, "properties": {"repobilityId": 89520, "scanner": "repobility-threat-engine", "fingerprint": "af630a28f6c930eff2c6fa530e22bc86ce2ec25d3068ff3ac6fe83a4400d0329", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 24 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "check_environment", "breakdown": {"if": 2, "or": 2, "else": 2, "except": 3}, "aggregated": true, "complexity": 9, "correlation_key": "fp|af630a28f6c930eff2c6fa530e22bc86ce2ec25d3068ff3ac6fe83a4400d0329", "aggregated_count": 24}}}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v4`: `uses: actions/deploy-pages@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 89683, "scanner": "repobility-supply-chain", "fingerprint": "f412afb33c4041c403857eed20141f9558050fbe7e90ee71d7fbd57630b00ca4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f412afb33c4041c403857eed20141f9558050fbe7e90ee71d7fbd57630b00ca4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-pages-artifact` pinned to mutable ref `@v3`: `uses: actions/upload-pages-artifact@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 89682, "scanner": "repobility-supply-chain", "fingerprint": "3e8f21954a4a2d1f108096866b8676caf5a4c6b27ddad979d7e9aea982115cd9", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3e8f21954a4a2d1f108096866b8676caf5a4c6b27ddad979d7e9aea982115cd9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/configure-pages` pinned to mutable ref `@v4`: `uses: actions/configure-pages@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 89681, "scanner": "repobility-supply-chain", "fingerprint": "aef9b63af5e47d8e7ce76cb214f5176071b5565233053b7dfeb9ca43c5990fa4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|aef9b63af5e47d8e7ce76cb214f5176071b5565233053b7dfeb9ca43c5990fa4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v4`: `uses: actions/setup-node@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 89680, "scanner": "repobility-supply-chain", "fingerprint": "a8d40a38c06791beaa63d015772e0d8b9afdee82674da8b640da536705ed740a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a8d40a38c06791beaa63d015772e0d8b9afdee82674da8b640da536705ed740a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 89679, "scanner": "repobility-supply-chain", "fingerprint": "c897e46bb6a2e29ef00351a1b713077974643a28d641540b8816d9cc2f41c97d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c897e46bb6a2e29ef00351a1b713077974643a28d641540b8816d9cc2f41c97d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v4.5.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/pre-commit-hooks` at `rev: v4.5.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 89677, "scanner": "repobility-supply-chain", "fingerprint": "a2b5bcee935f6d02397e12744b4c56e8344b7c4b81987403bb394ff4641d276c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a2b5bcee935f6d02397e12744b4c56e8344b7c4b81987403bb394ff4641d276c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED130", "level": "error", "message": {"text": "[MINED130] Lockfile pulls package from off-canonical host `registry.npmmirror.com`: `package-lock.json` resolved URL for `node_modules/@algolia/autocomplete-core` is `https://registry.npmmirror.com/@algolia/autocomplete-core/-/autocomplete-core-1....` \u2014 host `registry.npmmirror.com` is not the canonical registry. Could be a mirror compromise, dependency confusion attack, or a forgotten private registry."}, "properties": {"repobilityId": 89676, "scanner": "repobility-supply-chain", "fingerprint": "697b27d1ac3352d044cd7597b4721515f6552461c7feae084c6b6dae145ddf3c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "npm-lockfile-off-registry", "owasp": null, "cwe_ids": ["CWE-829"], "languages": ["javascript"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|697b27d1ac3352d044cd7597b4721515f6552461c7feae084c6b6dae145ddf3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI POST /stop has no auth: Handler `stop_crawler` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 89675, "scanner": "repobility-route-auth", "fingerprint": "6797661f366e39303c59e1a42b233a80071cee15147510a3ce91c48331685797", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|6797661f366e39303c59e1a42b233a80071cee15147510a3ce91c48331685797"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/crawler.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI POST /start has no auth: Handler `start_crawler` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 89674, "scanner": "repobility-route-auth", "fingerprint": "a4743619d978ae46a2ecb8b6cfe20cec34fedf908bb6337ff726cb64473c46ef", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|a4743619d978ae46a2ecb8b6cfe20cec34fedf908bb6337ff726cb64473c46ef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/crawler.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI POST / has no auth: Handler `receive_sms_notification` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 89673, "scanner": "repobility-route-auth", "fingerprint": "d5b06d0e53e55e7e1ccd597b41de31325a9b66dfa3aadc25ba46ae3ca07b4710", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|d5b06d0e53e55e7e1ccd597b41de31325a9b66dfa3aadc25ba46ae3ca07b4710"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "recv_sms.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_extract_creator_info: Test function `test_extract_creator_info` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89661, "scanner": "repobility-ast-engine", "fingerprint": "8a01736f418512fbf66e6214acfe6f3d9bde1cf9db2a458207d31331f0e42bf3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8a01736f418512fbf66e6214acfe6f3d9bde1cf9db2a458207d31331f0e42bf3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 881}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_extract_tieba_note_list: Test function `test_extract_tieba_note_list` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89660, "scanner": "repobility-ast-engine", "fingerprint": "bbf6a86e1bf3438c5ae8477b239f149560f7310c55e75b5d8e2c4c68e2420d9c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bbf6a86e1bf3438c5ae8477b239f149560f7310c55e75b5d8e2c4c68e2420d9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 872}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_extract_tieba_note_sub_comments: Test function `test_extract_tieba_note_sub_comments` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89659, "scanner": "repobility-ast-engine", "fingerprint": "fd5cf92fc6d136cdb5cf5773aafc337f26e08d318880b9501ac84434edc3d3af", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fd5cf92fc6d136cdb5cf5773aafc337f26e08d318880b9501ac84434edc3d3af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 859}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_extract_tieba_note_parment_comments: Test function `test_extract_tieba_note_parment_comments` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89658, "scanner": "repobility-ast-engine", "fingerprint": "53ab6e69039eeec896936803672aaf2411fe3e630bd0fcfe8790369c48518f3f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|53ab6e69039eeec896936803672aaf2411fe3e630bd0fcfe8790369c48518f3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 851}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_extract_note_detail: Test function `test_extract_note_detail` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89657, "scanner": "repobility-ast-engine", "fingerprint": "3f9476f89367116768202232d7e1f37d4f21740ff122bcff3aa5eaa758f442f2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3f9476f89367116768202232d7e1f37d4f21740ff122bcff3aa5eaa758f442f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 843}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_extract_search_note_list: Test function `test_extract_search_note_list` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89656, "scanner": "repobility-ast-engine", "fingerprint": "707a77fea002ee3632589da85fb78b01a13627b64554f0952b7ee7e1292b20d3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|707a77fea002ee3632589da85fb78b01a13627b64554f0952b7ee7e1292b20d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/tieba/help.py"}, "region": {"startLine": 835}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `get_comments`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 89652, "scanner": "repobility-ast-engine", "fingerprint": "f26fd7676777dffd4577f33c7c2a0436cc52eab5b68d4293aa0aab63f4a50bb6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f26fd7676777dffd4577f33c7c2a0436cc52eab5b68d4293aa0aab63f4a50bb6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/kuaishou/core.py"}, "region": {"startLine": 298}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._create_browser_context` used but never assigned in __init__: Method `_connect_existing_browser` of class `CDPBrowserManager` reads `self._create_browser_context`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89639, "scanner": "repobility-ast-engine", "fingerprint": "225a2c0b418243c6e0a8f3fbd5999a12ae164fe1f4be02f58e4d60c1d212de55", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|225a2c0b418243c6e0a8f3fbd5999a12ae164fe1f4be02f58e4d60c1d212de55"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._connect_via_cdp` used but never assigned in __init__: Method `_connect_existing_browser` of class `CDPBrowserManager` reads `self._connect_via_cdp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89638, "scanner": "repobility-ast-engine", "fingerprint": "3874f3ad7e0c0f3ccaa8c45c751d2e89a25608431f481f6abe9e5e8be52005ac", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3874f3ad7e0c0f3ccaa8c45c751d2e89a25608431f481f6abe9e5e8be52005ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.cleanup` used but never assigned in __init__: Method `launch_and_connect` of class `CDPBrowserManager` reads `self.cleanup`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89637, "scanner": "repobility-ast-engine", "fingerprint": "8d3dd9912ee2bb82c2b95ca90d3af049c2d1cc72b6fe0b2ab28543974c73f5f7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8d3dd9912ee2bb82c2b95ca90d3af049c2d1cc72b6fe0b2ab28543974c73f5f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 137}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._connect_existing_browser` used but never assigned in __init__: Method `launch_and_connect` of class `CDPBrowserManager` reads `self._connect_existing_browser`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89636, "scanner": "repobility-ast-engine", "fingerprint": "744d81ff16c454479a1890e61583bfa330a1ffca1332e901267b5350c35d36fb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|744d81ff16c454479a1890e61583bfa330a1ffca1332e901267b5350c35d36fb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._create_browser_context` used but never assigned in __init__: Method `launch_and_connect` of class `CDPBrowserManager` reads `self._create_browser_context`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89635, "scanner": "repobility-ast-engine", "fingerprint": "7acea5fc11cc1a824dbee4d1c193d9bffb3161cbd5874aebc25be60bc45d9b5d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7acea5fc11cc1a824dbee4d1c193d9bffb3161cbd5874aebc25be60bc45d9b5d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 128}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._connect_via_cdp` used but never assigned in __init__: Method `launch_and_connect` of class `CDPBrowserManager` reads `self._connect_via_cdp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89634, "scanner": "repobility-ast-engine", "fingerprint": "e81807edf64608a13d294d9a0ab7dc9e2d1b2446d219890ac7ac27e02d5c1dc8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e81807edf64608a13d294d9a0ab7dc9e2d1b2446d219890ac7ac27e02d5c1dc8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 125}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._launch_browser` used but never assigned in __init__: Method `launch_and_connect` of class `CDPBrowserManager` reads `self._launch_browser`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89633, "scanner": "repobility-ast-engine", "fingerprint": "9ef20f1f58726e84818533ee537ebbff559f7010387614bb86a9c3f6ec1cb720", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9ef20f1f58726e84818533ee537ebbff559f7010387614bb86a9c3f6ec1cb720"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 119}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_browser_path` used but never assigned in __init__: Method `launch_and_connect` of class `CDPBrowserManager` reads `self._get_browser_path`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89632, "scanner": "repobility-ast-engine", "fingerprint": "ba9b76c9e7ddb0711365c451dec5f7160e9666be834f8a3b8083148fea66253d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ba9b76c9e7ddb0711365c451dec5f7160e9666be834f8a3b8083148fea66253d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 113}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._register_cleanup_handlers` used but never assigned in __init__: Method `launch_and_connect` of class `CDPBrowserManager` reads `self._register_cleanup_handlers`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89631, "scanner": "repobility-ast-engine", "fingerprint": "c4458a1682d55673d7d2519f97a87d3003f8a1c6b719b5633a8caae0321d6392", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c4458a1682d55673d7d2519f97a87d3003f8a1c6b719b5633a8caae0321d6392"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/cdp_browser.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._auto_adjust_column_width` used but never assigned in __init__: Method `flush` of class `ExcelStoreBase` reads `self._auto_adjust_column_width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89630, "scanner": "repobility-ast-engine", "fingerprint": "6a9be0b86201553ed4eaceb87b6c8e1cfe4fc91cd6b725da4a6fbd181b4c1f81", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6a9be0b86201553ed4eaceb87b6c8e1cfe4fc91cd6b725da4a6fbd181b4c1f81"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 359}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._auto_adjust_column_width` used but never assigned in __init__: Method `flush` of class `ExcelStoreBase` reads `self._auto_adjust_column_width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89629, "scanner": "repobility-ast-engine", "fingerprint": "c5db88b25eeb0866bea0958851eaff9c79c04e801e1b159f9e3ac4543b3e00e8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c5db88b25eeb0866bea0958851eaff9c79c04e801e1b159f9e3ac4543b3e00e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 357}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._auto_adjust_column_width` used but never assigned in __init__: Method `flush` of class `ExcelStoreBase` reads `self._auto_adjust_column_width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89628, "scanner": "repobility-ast-engine", "fingerprint": "489fcf60585618f49b2e026387181f596cc5d900e12b6f26b3fd43cd64b44f6c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|489fcf60585618f49b2e026387181f596cc5d900e12b6f26b3fd43cd64b44f6c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 355}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._auto_adjust_column_width` used but never assigned in __init__: Method `flush` of class `ExcelStoreBase` reads `self._auto_adjust_column_width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89627, "scanner": "repobility-ast-engine", "fingerprint": "7fde7a8e598444e7532c9f2053dc3d44e040adf07e8ee1627481beaca7e2e9f2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7fde7a8e598444e7532c9f2053dc3d44e040adf07e8ee1627481beaca7e2e9f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 354}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._auto_adjust_column_width` used but never assigned in __init__: Method `flush` of class `ExcelStoreBase` reads `self._auto_adjust_column_width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89626, "scanner": "repobility-ast-engine", "fingerprint": "ea94f406d07439366354c2af3a869f6bc4ab077ceaba891c8a8d734b1f05edfa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ea94f406d07439366354c2af3a869f6bc4ab077ceaba891c8a8d734b1f05edfa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 353}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_headers` used but never assigned in __init__: Method `store_dynamic` of class `ExcelStoreBase` reads `self._write_headers`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89625, "scanner": "repobility-ast-engine", "fingerprint": "97165999e04e01fffe2fa6e3ad8f3ccff2da3686d3614caf11f6a7b7518db0f6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|97165999e04e01fffe2fa6e3ad8f3ccff2da3686d3614caf11f6a7b7518db0f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 339}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_row` used but never assigned in __init__: Method `store_dynamic` of class `ExcelStoreBase` reads `self._write_row`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89624, "scanner": "repobility-ast-engine", "fingerprint": "3795b2150394cc76070c3656dc7361fcad8700ba5e210105568635d4b08b5a08", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3795b2150394cc76070c3656dc7361fcad8700ba5e210105568635d4b08b5a08"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 343}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_headers` used but never assigned in __init__: Method `store_contact` of class `ExcelStoreBase` reads `self._write_headers`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89623, "scanner": "repobility-ast-engine", "fingerprint": "b2644b0f105cda07d9cc3b0fb74920bf837251b892ae20770ced10501f0e9736", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b2644b0f105cda07d9cc3b0fb74920bf837251b892ae20770ced10501f0e9736"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 315}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_row` used but never assigned in __init__: Method `store_contact` of class `ExcelStoreBase` reads `self._write_row`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89622, "scanner": "repobility-ast-engine", "fingerprint": "5cd0461f3451c3f723f0dc4fe8bd89a5ad32becb44ad6da7206cc351dfb4c4b3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5cd0461f3451c3f723f0dc4fe8bd89a5ad32becb44ad6da7206cc351dfb4c4b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 319}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_headers` used but never assigned in __init__: Method `store_creator` of class `ExcelStoreBase` reads `self._write_headers`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89621, "scanner": "repobility-ast-engine", "fingerprint": "c8a9cf0ce4e1185a6539dd4d90904c2a4b1574b6dd1f7293b2f3922ef74529ad", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c8a9cf0ce4e1185a6539dd4d90904c2a4b1574b6dd1f7293b2f3922ef74529ad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 291}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_row` used but never assigned in __init__: Method `store_creator` of class `ExcelStoreBase` reads `self._write_row`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89620, "scanner": "repobility-ast-engine", "fingerprint": "192aca7f019d3462e3d54df80e815558971dfd2aa614602b541495a774bd0378", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|192aca7f019d3462e3d54df80e815558971dfd2aa614602b541495a774bd0378"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 295}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_headers` used but never assigned in __init__: Method `store_comment` of class `ExcelStoreBase` reads `self._write_headers`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89619, "scanner": "repobility-ast-engine", "fingerprint": "aa27d1c060459bbfb54180bfb2feeb8536b52f0b9185f36d4edb74344569c8d2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa27d1c060459bbfb54180bfb2feeb8536b52f0b9185f36d4edb74344569c8d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 271}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_row` used but never assigned in __init__: Method `store_comment` of class `ExcelStoreBase` reads `self._write_row`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89618, "scanner": "repobility-ast-engine", "fingerprint": "ede7c5dd722e7678786bde00d7a3b58dc07e1b66681843cb3bccc7cf5ffd1f50", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ede7c5dd722e7678786bde00d7a3b58dc07e1b66681843cb3bccc7cf5ffd1f50"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 275}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_headers` used but never assigned in __init__: Method `store_content` of class `ExcelStoreBase` reads `self._write_headers`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89617, "scanner": "repobility-ast-engine", "fingerprint": "e8913af25351d5aa9fe3a0d7e44fb1636b03d21a500c4d8f349e84c9586d06fb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e8913af25351d5aa9fe3a0d7e44fb1636b03d21a500c4d8f349e84c9586d06fb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 249}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._write_row` used but never assigned in __init__: Method `store_content` of class `ExcelStoreBase` reads `self._write_row`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89616, "scanner": "repobility-ast-engine", "fingerprint": "9f085ee0b924e8dd44206f242369039565cc17e800387a7f540cee79e182de22", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9f085ee0b924e8dd44206f242369039565cc17e800387a7f540cee79e182de22"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 253}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._apply_header_style` used but never assigned in __init__: Method `_write_headers` of class `ExcelStoreBase` reads `self._apply_header_style`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89615, "scanner": "repobility-ast-engine", "fingerprint": "fa2ed0a769551d437dcde258089eeba75d78e4aaa399b94ed46699c5290c7952", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fa2ed0a769551d437dcde258089eeba75d78e4aaa399b94ed46699c5290c7952"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/excel_store_base.py"}, "region": {"startLine": 204}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 89556, "scanner": "repobility-threat-engine", "fingerprint": "429fff05a356608e9339a5a582fb12e10bac0bd308bfa31e701bac722f6c11c2", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search(\n            r\"<script>window.__INITIAL_STATE__=(.+)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|61|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/extractor.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 89555, "scanner": "repobility-threat-engine", "fingerprint": "a764fa3e3393619ec9242f32f6bec42a5f29a468c32e532c3d4919b3a19153ec", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a764fa3e3393619ec9242f32f6bec42a5f29a468c32e532c3d4919b3a19153ec"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/xhs/playwright_sign.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 89554, "scanner": "repobility-threat-engine", "fingerprint": "b407dbfdc93344d9aa14d50c0dddca423b89021db8aedd2170d055c699e87536", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b407dbfdc93344d9aa14d50c0dddca423b89021db8aedd2170d055c699e87536"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/bilibili/help.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 89553, "scanner": "repobility-threat-engine", "fingerprint": "8b075ba63aafe8923910e5de386ae4b5d3113e1d714c4995f1f00e682a772a26", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.params.update({\"num\": need_get_count})", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8b075ba63aafe8923910e5de386ae4b5d3113e1d714c4995f1f00e682a772a26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "proxy/providers/kuaidl_proxy.py"}, "region": {"startLine": 114}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 89552, "scanner": "repobility-threat-engine", "fingerprint": "d0fc133529d421e6c2199ba157189886362906f100f854972fa3ff74b473e244", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.params.update({\"num\": need_get_count})", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d0fc133529d421e6c2199ba157189886362906f100f854972fa3ff74b473e244"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "proxy/providers/jishu_http_proxy.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 89551, "scanner": "repobility-threat-engine", "fingerprint": "1aebcc538fa3495ea59bd8796648c6aed4bea7f5f24b8ad4c16a3d9e0cf0b133", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "req_data.update({\"wts\": current_ts})", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1aebcc538fa3495ea59bd8796648c6aed4bea7f5f24b8ad4c16a3d9e0cf0b133"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/bilibili/help.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 89549, "scanner": "repobility-threat-engine", "fingerprint": "4ea1c40dba1105d65c5c368b48d337bfe5219669d2ad6c357fda70e6921ca83a", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(u", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|4ea1c40dba1105d65c5c368b48d337bfe5219669d2ad6c357fda70e6921ca83a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/kuaishou/help.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 89548, "scanner": "repobility-threat-engine", "fingerprint": "9ac47df13aaba9518e4595b1af526f605f34dc9c6dbb90b48b35743bf2313d8a", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(u", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9ac47df13aaba9518e4595b1af526f605f34dc9c6dbb90b48b35743bf2313d8a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/douyin/help.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 89547, "scanner": "repobility-threat-engine", "fingerprint": "f31a761a59767d3582693480bfc4eccb5e0586b4b653398124007f01dbf7db34", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(u", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|f31a761a59767d3582693480bfc4eccb5e0586b4b653398124007f01dbf7db34"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "media_platform/bilibili/help.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED014", "level": "error", "message": {"text": "[MINED014] Disabled Tls Verify: verify=False in requests, rejectUnauthorized:false in node, InsecureSkipVerify:true in Go."}, "properties": {"repobilityId": 89541, "scanner": "repobility-threat-engine", "fingerprint": "fd3fff8d4db072203bf5503109ab2c7a599f1776dd19a402136530950dfcd97f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "disabled-tls-verify", "owasp": "A02:2021", "cwe_ids": ["CWE-295"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347930+00:00", "triaged_in_corpus": 15, "observations_count": 86916, "ai_coder_pattern_id": 16}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fd3fff8d4db072203bf5503109ab2c7a599f1776dd19a402136530950dfcd97f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "config/base_config.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 89525, "scanner": "repobility-threat-engine", "fingerprint": "5ec1ecdf85aca64863a809a4207efba86db20991db959ea3abef57d319c27e05", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5ec1ecdf85aca64863a809a4207efba86db20991db959ea3abef57d319c27e05"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/services/crawler_manager.py"}, "region": {"startLine": 77}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 89524, "scanner": "repobility-threat-engine", "fingerprint": "5f7c376ccfb31e17fb32c302781950fac2ca4bee64795b25dc776dbd6c9fe249", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5f7c376ccfb31e17fb32c302781950fac2ca4bee64795b25dc776dbd6c9fe249"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/websocket.py"}, "region": {"startLine": 148}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 89523, "scanner": "repobility-threat-engine", "fingerprint": "bf71f522708f59824c0b121672ea7844dc08ca7c0df49d5abc5aca2c45fafccf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bf71f522708f59824c0b121672ea7844dc08ca7c0df49d5abc5aca2c45fafccf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/data.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 89522, "scanner": "repobility-threat-engine", "fingerprint": "6c456d0587e74df30191efddea0979ffb947e932c2e3b49929948f4c6a1873e9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@app.post(\"/\")\ndef receive_sms_notification(sms: SmsNotification)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|6c456d0587e74df30191efddea0979ffb947e932c2e3b49929948f4c6a1873e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "recv_sms.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 89521, "scanner": "repobility-threat-engine", "fingerprint": "65f31f7d472dd57318455349c68afbc33540b8ddb1ac4b1c296e746d632c3551", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@router.post(\"/start\")\nasync def start_crawler(request: CrawlerStartRequest)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|65f31f7d472dd57318455349c68afbc33540b8ddb1ac4b1c296e746d632c3551"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/crawler.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "COMP001", "level": "error", "message": {"text": "[COMP001] High cognitive complexity: Function `get_file_content` has cognitive complexity 27 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: break=1, elif=2, else=2, except=3, for=1, if=6, nested_bonus=12."}, "properties": {"repobilityId": 89518, "scanner": "repobility-threat-engine", "fingerprint": "2096a5304ad1c76cea79097e9eadca1ad1141adbea5eb9a7fbff72186e6f1137", "category": "quality", "severity": "high", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 27 (severity threshold for high: 25+).", "evidence": {"scanner": "repobility-threat-engine", "function": "get_file_content", "breakdown": {"if": 6, "for": 1, "elif": 2, "else": 2, "break": 1, "except": 3, "nested_bonus": 12}, "complexity": 27, "correlation_key": "fp|2096a5304ad1c76cea79097e9eadca1ad1141adbea5eb9a7fbff72186e6f1137"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/data.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `json` used but not imported: The file uses `json.something(...)` but never imports `json`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 89672, "scanner": "repobility-ast-engine", "fingerprint": "cf16291a0d7b31b134c45fe71acc49bc23b8d64643966a3f4088759c769f0430", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf16291a0d7b31b134c45fe71acc49bc23b8d64643966a3f4088759c769f0430"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "store/xhs/__init__.py"}, "region": {"startLine": 225}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 89671, "scanner": "repobility-ast-engine", "fingerprint": "5f32d3641bab4ccbc6ecc04debb75d4084288c2d172e2567b8ba36c6c8ed3fdf", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f32d3641bab4ccbc6ecc04debb75d4084288c2d172e2567b8ba36c6c8ed3fdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/data.py"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 89670, "scanner": "repobility-ast-engine", "fingerprint": "53dc4b4d1bb9cae5a9d935e6554c652ae30f3cd8a6126f95e867c090d30809f1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|53dc4b4d1bb9cae5a9d935e6554c652ae30f3cd8a6126f95e867c090d30809f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/data.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 89668, "scanner": "repobility-ast-engine", "fingerprint": "3890275472d60834f79e432d87ec16a56ae5d28651ec0fd5c0438cc167753d15", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3890275472d60834f79e432d87ec16a56ae5d28651ec0fd5c0438cc167753d15"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/routers/websocket.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 89646, "scanner": "repobility-ast-engine", "fingerprint": "3747201c0b9a7117d9ceb43c4bd5f2bb38dd377c4006cc5384420592e7a7f976", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3747201c0b9a7117d9ceb43c4bd5f2bb38dd377c4006cc5384420592e7a7f976"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cmd_arg/arg.py"}, "region": {"startLine": 349}}}]}, {"ruleId": "MINED013", "level": "error", "message": {"text": "[MINED013] Password In Url: https://user:password@host \u2014 leaks creds via logs, referrer, error messages."}, "properties": {"repobilityId": 89545, "scanner": "repobility-threat-engine", "fingerprint": "e8786bf55496d37b1b061356b153f29f11ac5dbcb744c3712fa7050acc618968", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "password-in-url", "owasp": "A07:2021", "cwe_ids": ["CWE-200"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347928+00:00", "triaged_in_corpus": 20, "observations_count": 121646, "ai_coder_pattern_id": 37}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e8786bf55496d37b1b061356b153f29f11ac5dbcb744c3712fa7050acc618968"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "proxy/proxy_mixin.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED013", "level": "error", "message": {"text": "[MINED013] Password In Url: https://user:password@host \u2014 leaks creds via logs, referrer, error messages."}, "properties": {"repobilityId": 89544, "scanner": "repobility-threat-engine", "fingerprint": "b3acfa01e4cb4bef04c39bd1c934ae66a5e95dcaf11cb0a7ca1536d9b29857ce", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "password-in-url", "owasp": "A07:2021", "cwe_ids": ["CWE-200"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347928+00:00", "triaged_in_corpus": 20, "observations_count": 121646, "ai_coder_pattern_id": 37}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b3acfa01e4cb4bef04c39bd1c934ae66a5e95dcaf11cb0a7ca1536d9b29857ce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "proxy/proxy_ip_pool.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED013", "level": "error", "message": {"text": "[MINED013] Password In Url: https://user:password@host \u2014 leaks creds via logs, referrer, error messages."}, "properties": {"repobilityId": 89543, "scanner": "repobility-threat-engine", "fingerprint": "ff516e9b4b122be84b639b52ce133e5042113e5e1d73eee96a6c6f4178745cf2", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "password-in-url", "owasp": "A07:2021", "cwe_ids": ["CWE-200"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347928+00:00", "triaged_in_corpus": 20, "observations_count": 121646, "ai_coder_pattern_id": 37}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ff516e9b4b122be84b639b52ce133e5042113e5e1d73eee96a6c6f4178745cf2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "database/mongodb_store_base.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "SEC022", "level": "error", "message": {"text": "[SEC022] Database URL With Embedded Credential: A database connection URL contains an embedded username and password. These URLs are often copied into defaults, docs, and scripts, then leak working credentials."}, "properties": {"repobilityId": 89542, "scanner": "repobility-threat-engine", "fingerprint": "9c79b50e6a801c612678f9d496a563f78d3fbc7a76bef8314f67b42370d15d74", "category": "credential_exposure", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "mongodb://{user}:{password}@", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC022", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "secret|token|6|mongodb:// user : password"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "database/mongodb_store_base.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED030", "level": "error", "message": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "properties": {"repobilityId": 89539, "scanner": "repobility-threat-engine", "fingerprint": "6f76acabd74949a75de90c7c41f89fc6b9e09b7520cf9bd3f330027e31555790", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pickle-loads", "owasp": null, "cwe_ids": ["CWE-502"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347968+00:00", "triaged_in_corpus": 20, "observations_count": 6314, "ai_coder_pattern_id": 119}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6f76acabd74949a75de90c7c41f89fc6b9e09b7520cf9bd3f330027e31555790"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cache/redis_cache.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED018", "level": "error", "message": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "properties": {"repobilityId": 89538, "scanner": "repobility-threat-engine", "fingerprint": "3d368df37a32414f0a67faeaeca6dbdf6fad7fb79c622a8c47071f6b78afab2e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "unsafe-deserialization-pickle", "owasp": "A08:2021", "cwe_ids": ["CWE-502"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347940+00:00", "triaged_in_corpus": 20, "observations_count": 58759, "ai_coder_pattern_id": 32}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3d368df37a32414f0a67faeaeca6dbdf6fad7fb79c622a8c47071f6b78afab2e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cache/redis_cache.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "SEC081", "level": "error", "message": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "properties": {"repobilityId": 89537, "scanner": "repobility-threat-engine", "fingerprint": "b0adca85b5e3b4a9123f9a616fa63b976ea1f03269eb665b367a3232a738cd4b", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.loads(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC081", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b0adca85b5e3b4a9123f9a616fa63b976ea1f03269eb665b367a3232a738cd4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cache/redis_cache.py"}, "region": {"startLine": 65}}}]}]}]}