Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
104 of your 203 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.
Upstream (GitHub) caused delay on this scan — not Repobility.
  • GitHub API rate-limited (HTTP 403) — preflight skipped, fell back to direct git clone.
  • Clone from GitHub took 157.06s for a 375.2 MB repo slow.
  • Repobility's analysis ran in 43.92s after the clone landed.

warpdotdev/warp

https://github.com/warpdotdev/warp · scanned 2026-06-05 09:36 UTC (5 days, 16 hours ago) · 10 languages

692 raw signals (180 security + 512 graph) 11/13 scanners ran 25th percentile · Rust · huge (>500K LoC) System graph score 68 (higher by 6)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 5 days, 16 hours ago · v2 · 315 actionable findings from 2 signal sources. 121 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
77.2
/100
Security checks
86
73 findings
System graph
68
100.0% cov · 242 findings
Critical
6
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 85.0 0.15 12.75
security_score 100.0 0.25 25.00
testing_score 20.0 0.20 4.00
documentation_score 96.0 0.15 14.40
practices_score 80.0 0.15 12.00
code_quality 58.0 0.10 5.80
Overall 1.00 74.0
security_score may be inflated — optional security scanners were skipped on this fast scan
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 6 High 34 Medium 21 Low 225 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 73 System graph 242 Crowd 0 Layer: Quality 237 Security 21 Cicd 13 Software 28 Api 1 Frontend 3 Network 2 Hardware 10
Scan summary Quality grade B (74/100). Dimensions: security 100, maintainability 85. 180 findings (50 security). 1,626,474 lines analyzed.

Showing 275 of 315 actionable findings. 436 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

high Security checks quality Quality conf 1.00 ✓ Repobility [MINED107] Missing import: `html` used but not imported: The file uses `html.something(...)` but never imports `html`. This raises NameError at runtime the first time the line executes.
Add `import html` at the top of the file.
resources/bundled/skills/create-skill/eval-viewer/generate_review.py:343
low Security checks cicd CI/CD security conf 0.35 ✓ Repobility 14 occurrences Workflow references repository secrets in a pull_request workflow
Fork pull_request runs do not receive normal repository secrets on GitHub Actions. Review this as a reliability/intent signal, not as direct fork-secret exfiltration. Raise severity only for pull_request_target or another trusted-context path that runs untrusted PR code with secrets.
2 files, 14 locations
.github/workflows/ci.yml:277, 302, 325, 351, 374, 397, 420, 538 (8 hits)
.github/workflows/repo-sync.yml:26, 27, 46, 47, 61, 74 (6 hits)
CI/CD securityworkflow secretsGitHub Actions
critical System graph security Secrets conf 1.00 Possible secret in crates/warp_core/src/channel/config.rs
Detected pattern matching generic_api_key. Rotate the credential and move to a secret manager.
crates/warp_core/src/channel/config.rs:62
high Security checks quality Quality conf 1.00 ✓ Repobility 23 occurrences [MINED108] `self.path` used but never assigned in __init__: Method `do_GET` of class `ReviewHandler` reads `self.path`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
Initialize `self.path = <default>` in __init__, or add a class-level default.
lines 333, 344, 345, 346, 347, 348, 349, 353, +15 more
resources/bundled/skills/create-skill/eval-viewer/generate_review.py:333, 344, 345, 346, 347, 348, 349, 353, +15 more (23 hits)
high Security checks software dependencies conf 0.90 ✓ Repobility 4 occurrences [MINED118] Dockerfile FROM `archlinux:base-devel` not pinned by digest: `FROM archlinux:base-devel` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
Replace with: `FROM archlinux:base-devel@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot).
4 files, 4 locations
.github/actions/bundle_arch_package/Dockerfile:1
app/tests/ssh/Dockerfile:1
docker/agent-dev/Dockerfile:1
docker/linux-dev/Dockerfile:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/arm64/conpty.dll` committed in source repo: `app/assets/windows/arm64/conpty.dll` is a .dll binary (95,232 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/arm64/conpty.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/arm64/dxcompiler.dll` committed in source repo: `app/assets/windows/arm64/dxcompiler.dll` is a .dll binary (22,581,808 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/arm64/dxcompiler.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/arm64/dxil.dll` committed in source repo: `app/assets/windows/arm64/dxil.dll` is a .dll binary (1,792,584 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/arm64/dxil.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/arm64/msvcp140.dll` committed in source repo: `app/assets/windows/arm64/msvcp140.dll` is a .dll binary (1,372,192 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/arm64/msvcp140.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/arm64/OpenConsole.exe` committed in source repo: `app/assets/windows/arm64/OpenConsole.exe` is a .exe binary (1,192,960 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/arm64/OpenConsole.exe:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/arm64/vcruntime140.dll` committed in source repo: `app/assets/windows/arm64/vcruntime140.dll` is a .dll binary (199,200 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/arm64/vcruntime140.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/arm64/vcruntime140_1.dll` committed in source repo: `app/assets/windows/arm64/vcruntime140_1.dll` is a .dll binary (53,280 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/arm64/vcruntime140_1.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/x64/conpty.dll` committed in source repo: `app/assets/windows/x64/conpty.dll` is a .dll binary (98,816 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/x64/conpty.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/x64/dxcompiler.dll` committed in source repo: `app/assets/windows/x64/dxcompiler.dll` is a .dll binary (18,091,048 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/x64/dxcompiler.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/x64/dxil.dll` committed in source repo: `app/assets/windows/x64/dxil.dll` is a .dll binary (1,525,280 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/x64/dxil.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/x64/msvcp140.dll` committed in source repo: `app/assets/windows/x64/msvcp140.dll` is a .dll binary (557,136 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/x64/msvcp140.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/x64/OpenConsole.exe` committed in source repo: `app/assets/windows/x64/OpenConsole.exe` is a .exe binary (1,145,344 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/x64/OpenConsole.exe:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/x64/vcruntime140.dll` committed in source repo: `app/assets/windows/x64/vcruntime140.dll` is a .dll binary (124,520 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/x64/vcruntime140.dll:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED134] Binary file `app/assets/windows/x64/vcruntime140_1.dll` committed in source repo: `app/assets/windows/x64/vcruntime140_1.dll` is a .dll binary (49,792 bytes) committed to a repo that otherwise has 3502 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts.
Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source.
app/assets/windows/x64/vcruntime140_1.dll:1
high Security checks security path traversal conf 0.80 [SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads.
.agents/skills/changelog-draft/scripts/convert_to_release_json.py:100
high Security checks security path traversal conf 0.80 [SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads.
.agents/skills/changelog-draft/scripts/build_slack_payload.py:166
high Security checks cicd CI/CD security conf 0.92 3 occurrences Dockerfile pipes a remote script into a shell
Download the artifact, verify its checksum or signature, pin the version, and then execute it.
2 files, 3 locations
docker/agent-dev/Dockerfile:26, 51 (2 hits)
docker/linux-dev/Dockerfile:51
CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.90 ✓ Repobility 10 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `warpdotdev/repo-sync/actions/validate-markers` pinned to mutable ref `@main`: `uses: warpdotdev/repo-sync/actions/validate-markers@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025)…
6 files, 10 locations
.github/workflows/repo-sync.yml:19, 39, 54, 65 (4 hits)
.github/workflows/feature_flag_cleanup.yml:38, 170 (2 hits)
.github/workflows/ci.yml:690
.github/workflows/update-dedupe-local.yml:17
.github/workflows/update-pr-review-local.yml:17
.github/workflows/update-triage-local.yml:17
CI/CD securitySupply chainGitHub Actions
high System graph hardware Supply chain conf 1.00 Dockerfile pipes a remote installer into a shell
Executing downloaded code during image build gives the remote endpoint build-time code execution. Prefer pinned packages or verify downloaded installers by checksum/signature.
docker/agent-dev/Dockerfile:51 containersRemote installer
high System graph hardware Supply chain conf 1.00 Dockerfile pipes a remote installer into a shell
Executing downloaded code during image build gives the remote endpoint build-time code execution. Prefer pinned packages or verify downloaded installers by checksum/signature.
docker/linux-dev/Dockerfile:51 containersRemote installer
high System graph cicd CI/CD security conf 1.00 10 occurrences GitHub Action tracks a moving branch
warpdotdev/repo-sync/actions/validate-markers@main can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
6 files, 10 locations
.github/workflows/repo-sync.yml:19, 39, 54, 65 (4 hits)
.github/workflows/feature_flag_cleanup.yml:38, 170 (2 hits)
.github/workflows/ci.yml:690
.github/workflows/update-dedupe-local.yml:17
.github/workflows/update-pr-review-local.yml:17
.github/workflows/update-triage-local.yml:17
CI/CD securitySupply chainGithub actions
high System graph security security conf 1.00 Insecure pattern 'eval_used' in crates/warpui_core/src/keymap.rs:788
Found a known-risky pattern (eval_used). Review and replace if possible.
crates/warpui_core/src/keymap.rs:788 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in crates/warpui_core/src/keymap/matcher.rs:262
Found a known-risky pattern (eval_used). Review and replace if possible.
crates/warpui_core/src/keymap/matcher.rs:262 Eval used
medium Security checks security auth conf 0.92 [AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them.
high Security checks security auth conf 0.74 [AUC002] Low visible authorization coverage in route inventory: Only 0.0% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence.
Review the access matrix and add explicit framework auth declarations or policy-file exceptions for intentionally public routes.
medium Security checks cicd CI/CD security conf 0.68 Agent auto-approve or skip-permissions mode is easy to enable
Require an explicit isolated profile for auto-approve modes. Keep safe defaults interactive, add visible warnings, and block these modes when the workspace contains secrets or production deploy credentials.
resources/bundled/skills/oz-platform/references/third-party-clis.md:97 CI/CD securityagent runtimepermissions
low Security checks quality Error handling conf 0.55 ✓ Repobility Broad exception handler needs review
This handler catches Exception/BaseException. It is actionable when it swallows errors without logging, re-raising, or returning a structured error. Handlers that intentionally convert exceptions into typed error results should not be treated as high risk.
resources/bundled/skills/create-skill/scripts/run_eval.py:223 Error handlingquality
low Security checks quality Error handling conf 0.55 ✓ Repobility Broad exception handler needs review
This handler catches Exception/BaseException. It is actionable when it swallows errors without logging, re-raising, or returning a structured error. Handlers that intentionally convert exceptions into typed error results should not be treated as high risk.
resources/bundled/skills/create-skill/scripts/package_skill.py:106 Error handlingquality
medium Security checks cicd CI/CD security conf 0.86 Database dump or local database file is included in Docker build context
Move database dumps outside the Docker build context or exclude them with .dockerignore. Keep backup and restore artifacts in private object storage or a dedicated backup workflow.
.dockerignore CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.82 3 occurrences Docker final stage has no non-root USER
Add a non-root USER in the final runtime stage after files and permissions are prepared.
3 files, 3 locations
app/tests/ssh/Dockerfile:1
docker/agent-dev/Dockerfile:1
docker/linux-dev/Dockerfile:1
CI/CD securitycontainers
high Security checks quality Quality conf 0.74 3 occurrences Frontend API reference is not matched by discovered backend routes
Add the backend route, update the frontend constant to the implemented endpoint, or document that the route is served by another service and exclude it with .repobilityignore.
lines 666, 1012, 1044
resources/bundled/skills/create-skill/eval-viewer/viewer.html:666, 1012, 1044 (3 hits)
medium Security checks quality Quality conf 0.78 React interval is created without an explicit cleanup
Store the interval id and return a useEffect cleanup that calls clearInterval. Also clear the interval in explicit stop/end handlers when relevant.
resources/bundled/mcp_skills/figma/figma-use/references/plugin-api-standalone.d.ts:174
high Security checks software dependencies conf 0.70 Remote install command pipes network code directly to a shell
Publish a package-manager install path or add checksum/signature verification before execution. For docs, show the inspect-then-run flow and pin the downloaded artifact version.
resources/bundled/skills/oz-platform/references/third-party-clis.md:183
medium Security checks quality Quality conf 0.78 Suspicious implementation file appears unreferenced
Confirm whether this file is reachable. If not, delete it; if yes, wire it through explicit imports, routes, or entry points and add a test that proves the path executes.
crates/repo_metadata/src/file_tree_update.rs:1
medium Security checks quality Quality conf 0.78 Suspicious implementation file appears unreferenced
Confirm whether this file is reachable. If not, delete it; if yes, wire it through explicit imports, routes, or entry points and add a test that proves the path executes.
app/src/code_review/git_status_update.rs:1
medium System graph quality Integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — crates/warp_graphql_schema/api/client-schema.ts:132
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
runtime safetyRobustness
medium System graph hardware Security conf 1.00 Dockerfile runs as root: app/tests/ssh/Dockerfile
No non-root USER set. Containers running as root expand the blast radius of any vulnerability inside the image.
Container
medium System graph hardware Security conf 1.00 Dockerfile runs as root: docker/agent-dev/Dockerfile
No non-root USER set. Containers running as root expand the blast radius of any vulnerability inside the image.
Container
medium System graph hardware Security conf 1.00 Dockerfile runs as root: docker/linux-dev/Dockerfile
No non-root USER set. Containers running as root expand the blast radius of any vulnerability inside the image.
Container
medium System graph cicd CI/CD security conf 1.00 5 occurrences GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
5 files, 5 locations
.github/workflows/docubot_reply_to_comment.yml
.github/workflows/feature_flag_cleanup.yml
.github/workflows/update-dedupe-local.yml
.github/workflows/update-pr-review-local.yml
.github/workflows/update-triage-local.yml
CI/CD securitySupply chainGithub actions
medium System graph security security conf 1.00 Insecure pattern 'subprocess_shell_true' in script/font_fallback/generate-families.py:27
Found a known-risky pattern (subprocess_shell_true). Review and replace if possible.
script/font_fallback/generate-families.py:27 Subprocess shell true
medium System graph security security conf 1.00 Insecure pattern 'subprocess_shell_true' in script/font_fallback/generate-mappings.py:78
Found a known-risky pattern (subprocess_shell_true). Review and replace if possible.
script/font_fallback/generate-mappings.py:78 Subprocess shell true
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — resources/bundled/skills/create-skill/scripts/run_eval.py:85
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — resources/bundled/skills/pr-comments/scripts/fetch_github_review_comments.py:24
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — script/font_fallback/generate-families.py:27
`subprocess.check_output(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph network Security conf 1.00 Privileged port 15 in use
Port 15 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
.github/workflows/update-triage-local.yml Ports
medium System graph network Security conf 1.00 Privileged port 30 in use
Port 30 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
.github/workflows/update-dedupe-local.yml Ports
low Security checks cicd CI/CD security conf 0.72 .dockerignore misses sensitive defaults
Add missing patterns such as .env, .git, private keys, certificates, dependency folders, and local databases.
.dockerignore CI/CD securitycontainers
low Security checks security auth conf 0.76 [AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found.
Add regression tests for anonymous denial, cross-user object denial, admin role limits, and super_admin-only behavior.
low Security checks cicd CI/CD security conf 0.72 4 occurrences Dockerfile installs recommended OS packages
Add `--no-install-recommends` and explicitly list only packages the image needs.
2 files, 4 locations
docker/linux-dev/Dockerfile:4, 32, 40 (3 hits)
app/tests/ssh/Dockerfile:5
CI/CD securitycontainers
low Security checks cicd CI/CD security conf 0.74 5 occurrences Dockerfile leaves apt package indexes in the image layer
End the apt install layer with `rm -rf /var/lib/apt/lists/*`.
3 files, 5 locations
docker/linux-dev/Dockerfile:4, 32, 40 (3 hits)
app/tests/ssh/Dockerfile:5
docker/agent-dev/Dockerfile:12
CI/CD securitycontainers
low Security checks quality Quality conf 0.60 30 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
12 files, 17 locations
app/src/ai/blocklist/action_model/execute/suggest_prompt.rs:26, 27, 29 (3 hits)
app/src/ai/blocklist/action_model/execute/grep.rs:164, 179 (2 hits)
app/src/ai/blocklist/action_model/execute/read_files.rs:21, 36 (2 hits)
app/src/ai/blocklist/action_model/execute/start_agent.rs:213, 214 (2 hits)
app/src/ai/agent/task_tests.rs:24
app/src/ai/agent_events/message_hydrator_tests.rs:10
app/src/ai/agent_management/notifications/view.rs:212
app/src/ai/agent_sdk/driver/harness/codex.rs:77
duplicationquality
high Security checks quality Quality conf 0.62 Source file name looks like an AI patch artifact
Rename it to the domain concept it implements or merge it into the existing module it was meant to change.
crates/repo_metadata/src/file_tree_update.rs:1
high Security checks quality Quality conf 0.62 Source file name looks like an AI patch artifact
Rename it to the domain concept it implements or merge it into the existing module it was meant to change.
app/src/code_review/git_status_update.rs:1
low System graph quality Maintenance conf 1.00 499 TODO/FIXME markers
High count of TODO/FIXME/HACK markers — track them as issues so they're not forgotten.
low System graph hardware Coverage conf 1.00 Containers defined but no K8s/orchestration manifest found
Repo has Dockerfiles/compose but no Kubernetes/Nomad manifests. If the target deployment is K8s, the manifests may live in a separate ops repo.
Deployment
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: archlinux:base-devel
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
.github/actions/bundle_arch_package/Dockerfile:1 containersPinned dependencies
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: debian:sid
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
docker/linux-dev/Dockerfile:1 containersPinned dependencies
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: ubuntu:24.04
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
docker/agent-dev/Dockerfile:1 containersPinned dependencies
low System graph software Dead code candidate conf 1.00 File has no detected symbols: crates/integration/assets/read_keys.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: crates/integration/assets/read_keys_alternate_text.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: crates/integration/assets/read_keys_event_types.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: crates/integration/assets/read_keys_report_all.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: crates/integration/assets/read_keys_with_protocol.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: crates/warp_graphql_schema/graphql.config.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph quality Integrity conf 1.00 2 occurrences Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: script/run-clang-format.py:run_clang_format_diff_wrapper, script/run-clang-format.py:run_clang_format_diff This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why …
2 occurrences
repo-level (2 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `expected_old` in resources/bundled/skills/pr-comments/scripts/test_trim_diff_hunk.py:312
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `nLegacy` in crates/integration/assets/read_keys_report_all.py:59
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph software Dead code conf 1.00 Possibly dead Python function: do_GET
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
resources/bundled/skills/create-skill/eval-viewer/generate_review.py:332
low System graph software Dead code conf 1.00 Possibly dead Python function: do_POST
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
resources/bundled/skills/create-skill/eval-viewer/generate_review.py:361
low System graph software Dead code conf 1.00 Possibly dead Python function: log_message
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
resources/bundled/skills/create-skill/eval-viewer/generate_review.py:382
low System graph software Dead code conf 1.00 Possibly dead Python function: match_arm
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
script/font_fallback/generate-mappings.py:210
low System graph software Dead code conf 1.00 Possibly dead Python function: run_single_query
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
resources/bundled/skills/create-skill/scripts/run_eval.py:35
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — crates/command-signatures-v2/js/src/main.ts:70
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — resources/bundled/mcp_skills/figma/figma-use/references/plugin-api-standalone.d.ts:520
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph quality Complexity conf 1.00 Very large file: app/assets/bundled/bootstrap/bash_body.sh (1353 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/assets/bundled/bootstrap/zsh_body.sh (1411 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent/api/convert_conversation.rs (2124 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent/api/convert_conversation_tests.rs (2138 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent/conversation.rs (4281 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent/conversation_yaml.rs (1177 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent/mod.rs (3135 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_conversations_model.rs (1915 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_conversations_model_tests.rs (2325 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_management/view.rs (2393 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_sdk/ambient.rs (1416 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_sdk/driver.rs (3391 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_sdk/driver/output.rs (1391 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_sdk/driver/snapshot.rs (1624 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_sdk/driver/snapshot_tests.rs (1465 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/agent_sdk/mod.rs (1705 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/ai_document_view.rs (1362 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/action_model.rs (1417 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/action_model/execute.rs (1265 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/agent_view/agent_input_footer/mod.rs (2931 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/agent_view/orchestration_pill_bar.rs (2584 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/block.rs (6817 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/block/cli.rs (2129 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/block/status_bar.rs (1371 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/block/view_impl.rs (1374 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/block/view_impl/common.rs (3628 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/block/view_impl/output.rs (3891 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/controller.rs (3199 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/history_model.rs (3039 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/history_model_tests.rs (3373 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/inline_action/ask_user_question_view.rs (1848 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/inline_action/code_diff_view.rs (3254 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/inline_action/orchestration_controls.rs (2131 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/inline_action/requested_command.rs (1663 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/inline_action/run_agents_card_view.rs (1521 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/orchestration_event_streamer.rs (2212 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/orchestration_event_streamer_tests.rs (1928 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/blocklist/permissions_tests.rs (1521 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/conversation_details_panel.rs (2255 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/document/ai_document_model.rs (1396 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/execution_profiles/editor/mod.rs (1803 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/execution_profiles/profiles.rs (1639 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/llms.rs (1386 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/mcp/templatable_manager/native.rs (1839 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/ai/persisted_workspace.rs (1293 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/auth/login_slide.rs (1350 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/cloud_object/model/model_tests.rs (1982 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/cloud_object/model/persistence.rs (1830 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/editor/element.rs (1690 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/editor/model.rs (3890 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/editor/view.rs (2468 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/editor/view/vim_handler_tests.rs (1734 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/file_tree/view.rs (3191 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/footer.rs (1988 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/global_buffer_model.rs (2454 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/local_code_editor.rs (2588 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code/view.rs (2403 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code_review/code_review_view.rs (7690 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/code_review/diff_state/local.rs (2697 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/context_chips/current_prompt.rs (1510 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/context_chips/display_chip.rs (1988 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/context_chips/display_menu.rs (1503 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/drive/index.rs (5638 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/drive/sharing/dialog/mod.rs (3003 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/drive/workflows/modal.rs (1935 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/editor/view/element.rs (2432 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/editor/view/mod.rs (8777 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/editor/view/mod_tests.rs (4528 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/editor/view/model/buffer/mod.rs (3895 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/editor/view/model/buffer/mod_tests.rs (4456 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/editor/view/model/mod.rs (3207 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/editor/view/vim_handler_tests.rs (7833 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/env_vars/view/env_var_collection.rs (1594 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/font_fallback.rs (1436 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/lib.rs (2617 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/menu.rs (2971 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/notebooks/editor/model.rs (2344 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/notebooks/editor/model_tests.rs (3094 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/notebooks/editor/view.rs (3616 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/notebooks/file/mod.rs (1298 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/notebooks/notebook.rs (2388 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/pane_group/mod.rs (7996 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/pane_group/mod_tests.rs (3322 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/pane_group/pane/terminal_pane.rs (2270 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/pane_group/tree.rs (1584 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/persistence/sqlite.rs (3037 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/remote_server/server_model.rs (2974 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/root_view.rs (3613 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/search/ai_context_menu/view.rs (1711 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/cloud_objects/update_manager.rs (4828 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/cloud_objects/update_manager_tests.rs (7506 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/server_api.rs (1648 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/server_api/ai.rs (3227 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/server_api/object.rs (1415 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/sync_queue.rs (1987 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/sync_queue_tests.rs (1842 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/server/telemetry/events.rs (7363 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings/ai.rs (1989 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings/cloud_preferences_syncer_tests.rs (1752 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings/import/iterm_parser_tests.rs (1609 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/ai_page.rs (8248 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/appearance_page.rs (5252 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/billing_and_usage_page.rs (3624 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/billing_and_usage_page_v2.rs (2243 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/code_page.rs (2848 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/environments_page.rs (2093 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/environments_page_tests.rs (1478 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/features_page.rs (7698 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/mcp_servers/list_page.rs (1820 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/mod.rs (2770 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/privacy_page.rs (2047 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/settings_page.rs (1922 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/teams_page.rs (4467 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/settings_view/update_environment_form.rs (3588 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/tab.rs (1890 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/block_list_element.rs (4871 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/block_list_viewport.rs (2055 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/grid_renderer.rs (2814 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/input.rs (15872 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/input/inline_menu/view.rs (1309 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/input/slash_commands/mod.rs (1379 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/input_tests.rs (7709 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/local_tty/terminal_manager.rs (2732 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/ansi/mod.rs (1868 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/block.rs (3413 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/blocks.rs (3948 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/blocks/selection.rs (1554 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/blocks/selection_tests.rs (1579 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/blocks_tests.rs (2170 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/grid/ansi_handler.rs (1974 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/grid/filtering_tests.rs (2316 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/grid/grid_handler.rs (2747 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/grid/grid_handler_tests.rs (2313 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/session.rs (1802 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/model/terminal_model.rs (3701 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/profile_model_selector.rs (2363 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/share_block_modal.rs (1559 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/shared_session/sharer/network.rs (1884 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/shared_session/viewer/network.rs (1236 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/shared_session/viewer/orchestration_viewer_model_tests.rs (1846 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/shared_session/viewer/terminal_manager.rs (1808 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/view/ambient_agent/model.rs (1856 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/view/init.rs (1229 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/view/load_ai_conversation.rs (1257 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/view/shared_session/view_impl.rs (2042 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/view/shared_session/view_impl_tests.rs (2094 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/view/use_agent_footer/mod.rs (1525 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/terminal/view_tests.rs (7067 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/uri/mod.rs (1673 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/view_components/action_button.rs (1535 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workflows/workflow_view.rs (3269 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspace/cross_window_tab_drag.rs (1851 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspace/mod.rs (1562 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspace/view/conversation_list/view.rs (1366 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspace/view/global_search/view.rs (2281 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspace/view/right_panel.rs (1862 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspace/view/vertical_tabs.rs (6810 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspace/view_tests.rs (3483 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: app/src/workspaces/user_workspaces.rs (1680 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/ai/src/agent/action_result/convert.rs (1457 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/ai/src/agent/action_result/mod.rs (1459 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/ai/src/index/full_source_code_embedding/codebase_index.rs (2346 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/ai/src/index/full_source_code_embedding/codebase_index_tests.rs (2308 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/src/content/buffer.rs (6122 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/src/content/buffer_tests.rs (14393 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/src/content/core.rs (1636 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/src/content/edit.rs (1524 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/src/content/markdown.rs (1295 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/src/content/text.rs (1862 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/src/render/model/mod.rs (4813 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/editor/test_data/test_rust_file.rs (8751 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/integration/src/test.rs (6885 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/integration/src/test/agent_mode.rs (1432 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/markdown_parser/src/markdown_parser.rs (1972 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/markdown_parser/src/markdown_parser_tests.rs (2827 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/onboarding/src/slides/agent_slide.rs (1640 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/remote_server/src/manager.rs (3424 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/repo_metadata/src/local_model.rs (1794 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/repo_metadata/src/local_model_tests.rs (2562 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/vim/src/vim.rs (2064 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warp_cli/src/lib_tests.rs (2180 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warp_completer/src/completer/suggest/test.rs (2299 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui/examples/table-sample/root_view.rs (1290 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui/src/platform/mac/window.rs (1777 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui/src/windowing/winit/event_loop/mod.rs (2057 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui/src/windowing/winit/window.rs (1724 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/core/app.rs (4608 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/core/mod_tests.rs (2853 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/elements/formatted_text_element.rs (2601 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/elements/new_scrollable/mod.rs (1590 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/elements/new_scrollable/scrollable_tests.rs (1448 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/elements/table/mod.rs (1714 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/elements/text.rs (1448 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crates/warpui_core/src/text_layout.rs (1556 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: resources/bundled/mcp_skills/figma/figma-use/references/plugin-api-standalone.d.ts (11293 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/0dd1f97e-6133-4b37-bee6-e7b7a311db71/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/0dd1f97e-6133-4b37-bee6-e7b7a311db71/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.