{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "WEB003", "name": "Public web service has no security.txt", "shortDescription": {"text": "Public web service has no security.txt"}, "fullDescription": {"text": "Add /.well-known/security.txt with Contact, Expires, Canonical, Preferred-Languages, and Policy fields. Keep the contact endpoint monitored."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "AUC012", "name": "[AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json", "shortDescription": {"text": "[AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, protect them behind admin authentication, "}, "fullDescription": {"text": "Set docs_url=None, redoc_url=None, and openapi_url=None for production apps unless the docs are intentionally public and protected by routing, ingress, or an authenticated docs handler."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AUC009", "name": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function", "shortDescription": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: GET /wh"}, "fullDescription": {"text": "Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.68, "cwe": "", "owasp": ""}}, {"id": "AUC002", "name": "[AUC002] Low visible authorization coverage in route inventory: Only 3.0% of discovered routes show nearby authenticatio", "shortDescription": {"text": "[AUC002] Low visible authorization coverage in route inventory: Only 3.0% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence."}, "fullDescription": {"text": "Review the access matrix and add explicit framework auth declarations or policy-file exceptions for intentionally public routes."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "DKR001", "name": "Docker final stage has no non-root USER", "shortDescription": {"text": "Docker final stage has no non-root USER"}, "fullDescription": {"text": "Add a non-root USER in the final runtime stage after files and permissions are prepared."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "DKR014", "name": "Dockerfile copies broad context with incomplete .dockerignore", "shortDescription": {"text": "Dockerfile copies broad context with incomplete .dockerignore"}, "fullDescription": {"text": "Tighten .dockerignore or replace COPY . with explicit COPY statements."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.76, "cwe": "", "owasp": ""}}, {"id": "DKR009", "name": "Dockerfile separates apt update from install", "shortDescription": {"text": "Dockerfile separates apt update from install"}, "fullDescription": {"text": "Combine update and install in the same RUN instruction and clean package indexes in that layer."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC004", "name": "Suspicious implementation file appears unreferenced", "shortDescription": {"text": "Suspicious implementation file appears unreferenced"}, "fullDescription": {"text": "Confirm whether this file is reachable. If not, delete it; if yes, wire it through explicit imports, routes, or entry points and add a test that proves the path executes."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "SEC015", "name": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.", "shortDescription": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "fullDescription": {"text": "Use secrets module (Python) or crypto.getRandomValues() (JS) for security-sensitive randomness."}, "properties": {"scanner": "repobility-threat-engine", "category": "crypto", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC127", "name": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedEr", "shortDescription": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or "}, "fullDescription": {"text": "Either implement the body, or fail closed at module-load time so the deploy can't ship a half-built route. A CI gate that fails build on `raise NotImplementedError` in non-abstract code catches this cleanly."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC011", "name": "[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted", "shortDescription": {"text": "[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted model files."}, "fullDescription": {"text": "Use torch.load(..., weights_only=True) or use safetensors format."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "DKC010", "name": "Compose service lacks no-new-privileges hardening", "shortDescription": {"text": "Compose service lacks no-new-privileges hardening"}, "fullDescription": {"text": "Add `security_opt: [\"no-new-privileges:true\"]` unless the service has a documented need for privilege escalation."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "DKC006", "name": "Compose service does not declare a runtime user", "shortDescription": {"text": "Compose service does not declare a runtime user"}, "fullDescription": {"text": "Set a non-root `user:` in Compose or ensure the final image stage has a non-root USER directive."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.56, "cwe": "", "owasp": ""}}, {"id": "DKR012", "name": "Dockerfile keeps pip download cache", "shortDescription": {"text": "Dockerfile keeps pip download cache"}, "fullDescription": {"text": "Use `pip install --no-cache-dir ...` in container builds."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "DKR008", "name": ".dockerignore misses sensitive defaults", "shortDescription": {"text": ".dockerignore misses sensitive defaults"}, "fullDescription": {"text": "Add missing patterns such as .env, .git, private keys, certificates, dependency folders, and local databases."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Rename it to the domain concept it implements or merge it into the existing module it was meant to change."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "SEC132", "name": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the la", "shortDescription": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on it"}, "fullDescription": {"text": "Python: `f\"prefix {var} suffix\"`. JS/TS: `` `prefix ${var} suffix` ``. Add a lint rule (pyupgrade UP032, eslint prefer-template) so future PRs catch this automatically."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `start_new_strategy` has cognitive complexity 9 (SonarSource scale). Cogni", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `start_new_strategy` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recur"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 9."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "DKR002", "name": "Dockerfile base image is selected through a build variable", "shortDescription": {"text": "Dockerfile base image is selected through a build variable"}, "fullDescription": {"text": "Resolve the variable to a versioned tag or digest in production builds and document the allowed images."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "info", "confidence": 0.48, "cwe": "", "owasp": ""}}, {"id": "MINED065", "name": "[MINED065] Cors Wildcard: Access-Control-Allow-Origin: * exposes the API to any browser origin. Acceptable for public re", "shortDescription": {"text": "[MINED065] Cors Wildcard: Access-Control-Allow-Origin: * exposes the API to any browser origin. Acceptable for public read-only endpoints; dangerous when paired with credentials or write endpoints."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-942,CWE-346 / A05:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED072] Python Pass Only Class (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data (and 1 more): Same pattern found in 1 additional files. Review if", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 6 more): Same pattern found in 6 addit", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED009", "name": "[MINED009] Floats For Money (and 6 more): Same pattern found in 6 additional files. Review if needed.", "shortDescription": {"text": "[MINED009] Floats For Money (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-682 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED067", "name": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.", "shortDescription": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-400 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC078", "name": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsiv", "shortDescription": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a re"}, "fullDescription": {"text": "Add `timeout=10` (or appropriate value) to every requests call."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 29 more): Same pattern found in 29 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 29 more): Same pattern found in 29 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC007", "name": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.", "shortDescription": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "fullDescription": {"text": "Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "[MINED118] Dockerfile FROM `freqtradeorg/freqtrade:develop_freqairl` not pinned by digest: `FROM freqtradeorg/freqtrade:", "shortDescription": {"text": "[MINED118] Dockerfile FROM `freqtradeorg/freqtrade:develop_freqairl` not pinned by digest: `FROM freqtradeorg/freqtrade:develop_freqairl` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every "}, "fullDescription": {"text": "Replace with: `FROM freqtradeorg/freqtrade:develop_freqairl@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "[MINED131] pre-commit hook `https://github.com/woodruffw/zizmor-pre-commit` pinned to mutable rev `v1.25.2`: `.pre-commi", "shortDescription": {"text": "[MINED131] pre-commit hook `https://github.com/woodruffw/zizmor-pre-commit` pinned to mutable rev `v1.25.2`: `.pre-commit-config.yaml` references `https://github.com/woodruffw/zizmor-pre-commit` at `rev: v1.25.2`. If `{rev}` is a branch or "}, "fullDescription": {"text": "Pin to a commit SHA: `rev: <40-char-sha>` and bump it through `pre-commit autoupdate` (which writes to PRs that are reviewed)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED112", "name": "[MINED112] FastAPI DELETE /backtest has no auth: Handler `api_delete_backtest` is registered with router/app.delete(...)", "shortDescription": {"text": "[MINED112] FastAPI DELETE /backtest has no auth: Handler `api_delete_backtest` is registered with router/app.delete(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "fullDescription": {"text": "Add Depends(get_current_user) or Security(...) to the handler signature. If the route is truly public, document it with a code comment so the rule knows it's intentional."}, "properties": {"scanner": "repobility-route-auth", "category": "quality", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_parse_args_backtesting_invalid: Test function `test_parse_args_backtesting_invali", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_parse_args_backtesting_invalid: Test function `test_parse_args_backtesting_invalid` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage witho"}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_process_stopped` of class `Worker` reads `self", "shortDescription": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_process_stopped` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the fi"}, "fullDescription": {"text": "Initialize `self.freqtrade = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AUC003", "name": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby a", "shortDescription": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: DELETE /locks/{lockid}."}, "fullDescription": {"text": "Add ownership, tenant, relationship, or policy checks before reading or mutating the target object."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "high", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "SEC135", "name": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without", "shortDescription": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI bu"}, "fullDescription": {"text": "Add the project's auth decorator/middleware: `@login_required` (Django/Flask), `@permission_classes([IsAuthenticated])` (DRF), `Depends(get_current_user)` (FastAPI), `requireAuth` middleware (Express). For genuinely public endpoints, add a `# public-endpoint` marker comment so future scans skip them."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC013", "name": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows ", "shortDescription": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "fullDescription": {"text": "Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED004", "name": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).", "shortDescription": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled ", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes e"}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED116", "name": "[MINED116] Workflow uses `secrets.REPO_SCOPED_TOKEN_DEP` on a `pull_request` trigger: This workflow triggers on `pull_re", "shortDescription": {"text": "[MINED116] Workflow uses `secrets.REPO_SCOPED_TOKEN_DEP` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.REPO_SCOPED_TOKEN_DEP }` lets a PR from any fork exfil"}, "fullDescription": {"text": "Either remove the secret reference, or switch the trigger to `pull_request_target` AND ensure no fork-controlled code runs before the secret is consumed."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "critical", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`", "shortDescription": {"text": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import queue` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED018", "name": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/fi", "shortDescription": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-502 / A08:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC116", "name": "[SEC116] Ruby YAML.load / Marshal.load on untrusted input: `YAML.load` (pre-3.1) and `Marshal.load` instantiate arbitrar", "shortDescription": {"text": "[SEC116] Ruby YAML.load / Marshal.load on untrusted input: `YAML.load` (pre-3.1) and `Marshal.load` instantiate arbitrary Ruby classes \u2014 direct RCE on untrusted input. `unsafe_load` is even more dangerous."}, "fullDescription": {"text": "Use `YAML.safe_load(input, permitted_classes: [Date])` \u2014 explicit class allowlist. Never use `Marshal.load` on untrusted data; serialize as JSON instead."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/950"}, "properties": {"repository": "freqtrade/freqtrade", "repoUrl": "https://github.com/freqtrade/freqtrade", "branch": "develop"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89351, "scanner": "repobility-ast-engine", "fingerprint": "33eca27b4ce2b8eb85f49ac21ded0861310319b105cf9c597b1c6ebddfcf30e9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|33eca27b4ce2b8eb85f49ac21ded0861310319b105cf9c597b1c6ebddfcf30e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ft_client/freqtrade_client/__init__.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89350, "scanner": "repobility-ast-engine", "fingerprint": "8aec5bd3d26f20f9e769e4bfae74a792106d2811ef4c94944beea21ed3979b35", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8aec5bd3d26f20f9e769e4bfae74a792106d2811ef4c94944beea21ed3979b35"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/plugins/pairlist/RemotePairList.py"}, "region": {"startLine": 232}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89349, "scanner": "repobility-ast-engine", "fingerprint": "e22adfaf188f1cbf367897eddbfc18538c2b8fe020e96a461b58e4b706e7e933", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e22adfaf188f1cbf367897eddbfc18538c2b8fe020e96a461b58e4b706e7e933"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/plugins/pairlist/RemotePairList.py"}, "region": {"startLine": 178}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89348, "scanner": "repobility-ast-engine", "fingerprint": "4d22bf7dd6b9bc44cc1b2114d542c0a7fc6316a4351fa4db10198c71714de92a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4d22bf7dd6b9bc44cc1b2114d542c0a7fc6316a4351fa4db10198c71714de92a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/ws/channel.py"}, "region": {"startLine": 189}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89347, "scanner": "repobility-ast-engine", "fingerprint": "20c3b7f6d1beda72c257b018115d4cf32d5eb6d4fe9769bdbbd0348356288b62", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|20c3b7f6d1beda72c257b018115d4cf32d5eb6d4fe9769bdbbd0348356288b62"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/strategy/strategy_wrapper.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89346, "scanner": "repobility-ast-engine", "fingerprint": "80dc1e5c35e56520fd0a13e9041049f198ee1e138a8b369bf458f3018a1b1ba5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|80dc1e5c35e56520fd0a13e9041049f198ee1e138a8b369bf458f3018a1b1ba5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/loggers/ft_rich_handler.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89345, "scanner": "repobility-ast-engine", "fingerprint": "e5d3a750f47c619241280bfd044a9463318cff850c8510cde5240a034005c2a2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e5d3a750f47c619241280bfd044a9463318cff850c8510cde5240a034005c2a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/loggers/std_err_stream_handler.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89344, "scanner": "repobility-ast-engine", "fingerprint": "5a54b4a90c53e45269227e583f9ea794381db960ea2226c22ea263b4b20e8fe0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5a54b4a90c53e45269227e583f9ea794381db960ea2226c22ea263b4b20e8fe0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/configuration/deploy_config.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89343, "scanner": "repobility-ast-engine", "fingerprint": "5e4f4876bb1fe1784212da887429abf4227977341b44715b2f485b583662d12b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5e4f4876bb1fe1784212da887429abf4227977341b44715b2f485b583662d12b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/configuration/deploy_config.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89341, "scanner": "repobility-ast-engine", "fingerprint": "9525dc82bcf7c0055756bac5920b84da9f5279d0153b7a1d72d8ac34055c90aa", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9525dc82bcf7c0055756bac5920b84da9f5279d0153b7a1d72d8ac34055c90aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/data/entryexitanalysis.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89314, "scanner": "repobility-ast-engine", "fingerprint": "7f6854edd0d8ea15a2ab28a16a36a5929877eeab18856a32e2f7ab0964b6b4fd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7f6854edd0d8ea15a2ab28a16a36a5929877eeab18856a32e2f7ab0964b6b4fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/conftest.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 89288, "scanner": "repobility-ast-engine", "fingerprint": "7881bf1c15117851288163276fa0817a88a65549c20e1769b910d56e2b81211f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7881bf1c15117851288163276fa0817a88a65549c20e1769b910d56e2b81211f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/__init__.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "WEB003", "level": "warning", "message": {"text": "Public web service has no security.txt"}, "properties": {"repobilityId": 89287, "scanner": "repobility-web-presence", "fingerprint": "5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app/API but no security.txt file or route was discovered.", "evidence": {"rule_id": "WEB003", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9116", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".well-known/security.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "AUC012", "level": "warning", "message": {"text": "[AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, protect them behind admin authentication, or publish a reviewed OpenAPI spec with declared security requirements."}, "properties": {"repobilityId": 89286, "scanner": "repobility-access-control", "fingerprint": "27f8c50db94c1d5138790446654bd4d0b5823ce185d040059e5a7502358b5899", "category": "auth", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"apps": [{"line": 148, "file_path": "freqtrade/rpc/api_server/webserver.py", "docs_url_disabled": false, "redoc_url_disabled": false, "openapi_url_disabled": false}], "scanner": "repobility-access-control", "correlation_key": "fp|27f8c50db94c1d5138790446654bd4d0b5823ce185d040059e5a7502358b5899"}}}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: GET /whitelist."}, "properties": {"repobilityId": 89285, "scanner": "repobility-access-control", "fingerprint": "2de491d8bcbd9a30467c3209caef2be0c8e0b35387997c8d5440a88f64413de4", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/whitelist", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|295|auc009", "identity_targets": ["unknown"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 295}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /blacklist."}, "properties": {"repobilityId": 89284, "scanner": "repobility-access-control", "fingerprint": "103e331e6e057a33da04d7cb8255aa8c245e8d5ca7fc41130ee2c485581e2a03", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/blacklist", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|288|auc009", "identity_targets": ["unknown"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 288}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /blacklist."}, "properties": {"repobilityId": 89283, "scanner": "repobility-access-control", "fingerprint": "74ecfd6845c0c271d3b433a204fdf4cb08f3f6d39e207956eb308aed939edb51", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/blacklist", "method": "POST", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|283|auc009", "identity_targets": ["unknown"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 283}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /trades/{tradeid}/reload."}, "properties": {"repobilityId": 89282, "scanner": "repobility-access-control", "fingerprint": "1ad2103b5dd1f06084267f0e1f9e011240dc4bf546389bad3c7a11d775e75210", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trades/{tradeid}/reload", "method": "POST", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|198|auc009", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 198}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /trades/{tradeid}/open-order."}, "properties": {"repobilityId": 89281, "scanner": "repobility-access-control", "fingerprint": "45db8ce5133083b57362bd66a4561bd8240dd6d169fa427d3f6495e45cc4250d", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trades/{tradeid}/open-order", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|192|auc009", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 192}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /trades/{tradeid}."}, "properties": {"repobilityId": 89280, "scanner": "repobility-access-control", "fingerprint": "e047433dac227aa0c01f8631de9bcab297dbb685de265532603cd06cc7d0dde2", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trades/{tradeid}", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|187|auc009", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 187}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: PATCH /backtest/history/{file}."}, "properties": {"repobilityId": 89279, "scanner": "repobility-access-control", "fingerprint": "52d4a3e109b2718bdfcb9f5dd91eba0122570a7167c792efd57aa45676b48dba", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/backtest/history/{file}", "method": "PATCH", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|321|auc009", "identity_targets": ["unknown"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_backtest.py"}, "region": {"startLine": 321}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /backtest/history/{file}."}, "properties": {"repobilityId": 89278, "scanner": "repobility-access-control", "fingerprint": "8761b4a15c290080090dc12c0715f90bc59146ae13bc3cb53f64846bfb0c664a", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/backtest/history/{file}", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|305|auc009", "identity_targets": ["unknown"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_backtest.py"}, "region": {"startLine": 305}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: GET /backtest/abort."}, "properties": {"repobilityId": 89277, "scanner": "repobility-access-control", "fingerprint": "3d61f8edc7b243cbf6cc3635b133cc5c8c19755f6f825cdf929d7a87228011f8", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/backtest/abort", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|252|auc009", "identity_targets": ["unknown"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_backtest.py"}, "region": {"startLine": 252}}}]}, {"ruleId": "AUC009", "level": "warning", "message": {"text": "[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /backtest."}, "properties": {"repobilityId": 89276, "scanner": "repobility-access-control", "fingerprint": "31df38b4bf7bd47d32e0db05ac3f6c1f56e50ce571af88bf068311c7f090fed6", "category": "auth", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/backtest", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|225|auc009", "identity_targets": ["unknown"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_backtest.py"}, "region": {"startLine": 225}}}]}, {"ruleId": "AUC002", "level": "warning", "message": {"text": "[AUC002] Low visible authorization coverage in route inventory: Only 3.0% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence."}, "properties": {"repobilityId": 89267, "scanner": "repobility-access-control", "fingerprint": "de46a97230123e28f01a0c29e26db0acdc3ff55d077913ac7afb75adad6d9702", "category": "auth", "severity": "medium", "confidence": 0.74, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "endpoint_count": 67, "correlation_key": "fp|de46a97230123e28f01a0c29e26db0acdc3ff55d077913ac7afb75adad6d9702", "auth_visible_percent": 3.0}}}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 89266, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["FastAPI"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 89263, "scanner": "repobility-docker", "fingerprint": "4f7ef809c47c67d2f04f72ab995d1b5268ccafdf37398366061579c3d191edef", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "${sourceimage}:${sourcetag}", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|4f7ef809c47c67d2f04f72ab995d1b5268ccafdf37398366061579c3d191edef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.plot"}, "region": {"startLine": 3}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 89261, "scanner": "repobility-docker", "fingerprint": "5fc67478adbbb9a0abf977f499efa24d2cd29c1ee26f54ee729e6896d2489782", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "freqtradeorg/freqtrade:develop_plot", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|5fc67478adbbb9a0abf977f499efa24d2cd29c1ee26f54ee729e6896d2489782"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.jupyter"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 89260, "scanner": "repobility-docker", "fingerprint": "5c59ab95882f08f63c6ae9772cdc789fe66d8b02bedc501bba827541cfed7671", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "${sourceimage}:${sourcetag}", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|5c59ab95882f08f63c6ae9772cdc789fe66d8b02bedc501bba827541cfed7671"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.freqai_rl"}, "region": {"startLine": 3}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 89258, "scanner": "repobility-docker", "fingerprint": "434c7b37e9df130cb99b684d7155552db139061ed51b19c92e25d8819d434439", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "${sourceimage}:${sourcetag}", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|434c7b37e9df130cb99b684d7155552db139061ed51b19c92e25d8819d434439"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.freqai"}, "region": {"startLine": 3}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 89256, "scanner": "repobility-docker", "fingerprint": "f801fdfa71c50cf27f79acfbc2911cbbb16a51c54a80f953e71dc44f7c42123a", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "freqtradeorg/freqtrade:develop", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|f801fdfa71c50cf27f79acfbc2911cbbb16a51c54a80f953e71dc44f7c42123a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.custom"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR014", "level": "warning", "message": {"text": "Dockerfile copies broad context with incomplete .dockerignore"}, "properties": {"repobilityId": 89254, "scanner": "repobility-docker", "fingerprint": "fd91f1c4cd6a966c272e0d1e5d4cfb0205a37ed54cac274e14e0774e636f087b", "category": "docker", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Broad context copy found and .dockerignore misses sensitive defaults.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|fd91f1c4cd6a966c272e0d1e5d4cfb0205a37ed54cac274e14e0774e636f087b", "missing_patterns": ["id_rsa", "*.pem", "*.key"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.armhf"}, "region": {"startLine": 49}}}]}, {"ruleId": "DKR009", "level": "warning", "message": {"text": "Dockerfile separates apt update from install"}, "properties": {"repobilityId": 89253, "scanner": "repobility-docker", "fingerprint": "a64cc8ed778b5d9d02a1fcf55a4542838e2f8d6b0b88657b59f5b68d6e9a593e", "category": "docker", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Package index update appears without package installation in the same layer.", "evidence": {"rule_id": "DKR009", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|a64cc8ed778b5d9d02a1fcf55a4542838e2f8d6b0b88657b59f5b68d6e9a593e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.armhf"}, "region": {"startLine": 26}}}]}, {"ruleId": "DKR009", "level": "warning", "message": {"text": "Dockerfile separates apt update from install"}, "properties": {"repobilityId": 89251, "scanner": "repobility-docker", "fingerprint": "0f949dbb968bdc4f8f7879b77d339767d57e1cbedd0afe65cbc0aa093f7df8e7", "category": "docker", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Package index update appears without package installation in the same layer.", "evidence": {"rule_id": "DKR009", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|0f949dbb968bdc4f8f7879b77d339767d57e1cbedd0afe65cbc0aa093f7df8e7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.armhf"}, "region": {"startLine": 12}}}]}, {"ruleId": "DKR014", "level": "warning", "message": {"text": "Dockerfile copies broad context with incomplete .dockerignore"}, "properties": {"repobilityId": 89250, "scanner": "repobility-docker", "fingerprint": "8ed9c692530937db973e0aaedb20312e83d60765e161fff17217034bbca7c274", "category": "docker", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Broad context copy found and .dockerignore misses sensitive defaults.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|8ed9c692530937db973e0aaedb20312e83d60765e161fff17217034bbca7c274", "missing_patterns": ["id_rsa", "*.pem", "*.key"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 45}}}]}, {"ruleId": "DKR009", "level": "warning", "message": {"text": "Dockerfile separates apt update from install"}, "properties": {"repobilityId": 89248, "scanner": "repobility-docker", "fingerprint": "11fd7db2f577efaa65091d8cf86a5ef96ba0363e0a24925c614f2f409b478243", "category": "docker", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Package index update appears without package installation in the same layer.", "evidence": {"rule_id": "DKR009", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|11fd7db2f577efaa65091d8cf86a5ef96ba0363e0a24925c614f2f409b478243"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 26}}}]}, {"ruleId": "DKR009", "level": "warning", "message": {"text": "Dockerfile separates apt update from install"}, "properties": {"repobilityId": 89247, "scanner": "repobility-docker", "fingerprint": "a9fad731827ecf191529cde528fc25cc3ac848633ac380bc07f16a8aa2ca175f", "category": "docker", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Package index update appears without package installation in the same layer.", "evidence": {"rule_id": "DKR009", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|a9fad731827ecf191529cde528fc25cc3ac848633ac380bc07f16a8aa2ca175f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 12}}}]}, {"ruleId": "DKR009", "level": "warning", "message": {"text": "Dockerfile separates apt update from install"}, "properties": {"repobilityId": 89245, "scanner": "repobility-docker", "fingerprint": "e83e94627df89c0c44fc778c3c64f6a1268141dc2aed602c30974ed98f7469dc", "category": "docker", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Package index update appears without package installation in the same layer.", "evidence": {"rule_id": "DKR009", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|e83e94627df89c0c44fc778c3c64f6a1268141dc2aed602c30974ed98f7469dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/.devcontainer/Dockerfile"}, "region": {"startLine": 9}}}]}, {"ruleId": "AIC004", "level": "warning", "message": {"text": "Suspicious implementation file appears unreferenced"}, "properties": {"repobilityId": 89214, "scanner": "repobility-ai-code-hygiene", "fingerprint": "191c28c00f23118f8590c49210f3e086691a498ad06e0d61d9ada916fd70b16a", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Patch-style source file has no detected inbound reference from other repository files.", "evidence": {"suffix": "update", "rule_id": "AIC004", "scanner": "repobility-ai-code-hygiene", "references": ["https://knip.dev/", "https://github.com/jendrikseipp/vulture"], "correlation_key": "fp|191c28c00f23118f8590c49210f3e086691a498ad06e0d61d9ada916fd70b16a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_helpers/pre_commit_update.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC015", "level": "warning", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 89208, "scanner": "repobility-threat-engine", "fingerprint": "c7507316721291e6866de869dc747a9344c06b0d4c5718626ccbeac8011830d3", "category": "crypto", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "evidence": {"match": "def create_token", "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|crypto|token|89|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_auth.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "SEC127", "level": "warning", "message": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident."}, "properties": {"repobilityId": 89201, "scanner": "repobility-threat-engine", "fingerprint": "14750767ef7789c7bffbd0dfc2126e067c62bd3117ffe20fafabf10cdcfced8b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "def _serialize(self, data):\n        raise NotImplementedError", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC127", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|14750767ef7789c7bffbd0dfc2126e067c62bd3117ffe20fafabf10cdcfced8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/ws/serializer.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC127", "level": "warning", "message": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident."}, "properties": {"repobilityId": 89200, "scanner": "repobility-threat-engine", "fingerprint": "d119a0f8b289eb7dc9350c2ac11c4af9cf4b1905cf2425f46314115e51820a0c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "def formatMessage(self, record) -> str:\n        raise NotImplementedError", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC127", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d119a0f8b289eb7dc9350c2ac11c4af9cf4b1905cf2425f46314115e51820a0c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/loggers/json_formatter.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC011", "level": "warning", "message": {"text": "[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted model files."}, "properties": {"repobilityId": 89195, "scanner": "repobility-threat-engine", "fingerprint": "adf74a977584d84a81d6ddda15dbdd156c38d13e8dab1a5d951f45b3ff101dce", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "torch.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC011", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|token|39|sec011"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/torch/PyTorchTrainerInterface.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "SEC011", "level": "warning", "message": {"text": "[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted model files."}, "properties": {"repobilityId": 89194, "scanner": "repobility-threat-engine", "fingerprint": "6d1e11cc60844113a3dc29b441ca107fd55a39f0210533cbbb0601064ad4f499", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "torch.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC011", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|token|221|sec011"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/torch/PyTorchModelTrainer.py"}, "region": {"startLine": 221}}}]}, {"ruleId": "DKC010", "level": "note", "message": {"text": "Compose service lacks no-new-privileges hardening"}, "properties": {"repobilityId": 89265, "scanner": "repobility-docker", "fingerprint": "b475622bc6c7ce56787d76ba73adf53e45403f7a8f2512d3760503f86cb3db5f", "category": "docker", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "App-like service has no security_opt no-new-privileges setting.", "evidence": {"rule_id": "DKC010", "scanner": "repobility-docker", "service": "freqtrade", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|b475622bc6c7ce56787d76ba73adf53e45403f7a8f2512d3760503f86cb3db5f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yml"}, "region": {"startLine": 2}}}]}, {"ruleId": "DKC006", "level": "note", "message": {"text": "Compose service does not declare a runtime user"}, "properties": {"repobilityId": 89264, "scanner": "repobility-docker", "fingerprint": "97dfa280054fe91053c0b8faca2031f5a1f0c150e6a81ab204ad66cc0a0e6cca", "category": "docker", "severity": "low", "confidence": 0.56, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Service has no user setting and Repobility could not prove the image runs non-root.", "evidence": {"rule_id": "DKC006", "scanner": "repobility-docker", "service": "freqtrade", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|97dfa280054fe91053c0b8faca2031f5a1f0c150e6a81ab204ad66cc0a0e6cca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yml"}, "region": {"startLine": 2}}}]}, {"ruleId": "DKR012", "level": "note", "message": {"text": "Dockerfile keeps pip download cache"}, "properties": {"repobilityId": 89255, "scanner": "repobility-docker", "fingerprint": "95d8386eb9c37412a4fb288da7a60a57a41115a498d52b45eeb898a0314d07fe", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "pip install appears without --no-cache-dir.", "evidence": {"rule_id": "DKR012", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|95d8386eb9c37412a4fb288da7a60a57a41115a498d52b45eeb898a0314d07fe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.custom"}, "region": {"startLine": 8}}}]}, {"ruleId": "DKR012", "level": "note", "message": {"text": "Dockerfile keeps pip download cache"}, "properties": {"repobilityId": 89252, "scanner": "repobility-docker", "fingerprint": "1c4d48d40431b62a6594829ae28e84e9c0bc68303afe444dfc48dfe347ab8cf5", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "pip install appears without --no-cache-dir.", "evidence": {"rule_id": "DKR012", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|1c4d48d40431b62a6594829ae28e84e9c0bc68303afe444dfc48dfe347ab8cf5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.armhf"}, "region": {"startLine": 12}}}]}, {"ruleId": "DKR012", "level": "note", "message": {"text": "Dockerfile keeps pip download cache"}, "properties": {"repobilityId": 89249, "scanner": "repobility-docker", "fingerprint": "08f4f99a750a176b35a1ae7b7f71174a64a7903aec4abb25bcad9cecf072c2c7", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "pip install appears without --no-cache-dir.", "evidence": {"rule_id": "DKR012", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|08f4f99a750a176b35a1ae7b7f71174a64a7903aec4abb25bcad9cecf072c2c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 26}}}]}, {"ruleId": "DKR008", "level": "note", "message": {"text": ".dockerignore misses sensitive defaults"}, "properties": {"repobilityId": 89246, "scanner": "repobility-docker", "fingerprint": "aea2ad92c68c4ee1f8432bb1ec25e7d45ac12c9e1790ac2d3fffe638b1acce12", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "A Docker build context should exclude secrets and repository metadata.", "evidence": {"rule_id": "DKR008", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|aea2ad92c68c4ee1f8432bb1ec25e7d45ac12c9e1790ac2d3fffe638b1acce12", "missing_patterns": ["id_rsa", "*.pem", "*.key"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89244, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4837f917b7a9d33aaad164da72f815605dc935f302c6e404e4c528a59a8b499a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/prediction_models/PyTorchMLPRegressor.py", "duplicate_line": 12, "correlation_key": "fp|4837f917b7a9d33aaad164da72f815605dc935f302c6e404e4c528a59a8b499a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/prediction_models/PyTorchTransformerRegressor.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89243, "scanner": "repobility-ai-code-hygiene", "fingerprint": "14e20e2bae02473ced4cb5141ffb6aa838bc88cbd2d6eeeb6340a2c0df7b6804", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/prediction_models/PyTorchMLPClassifier.py", "duplicate_line": 17, "correlation_key": "fp|14e20e2bae02473ced4cb5141ffb6aa838bc88cbd2d6eeeb6340a2c0df7b6804"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/prediction_models/PyTorchMLPRegressor.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89242, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4ae6bb5fa63e8d48123fef92ae0b0740606f6ab709cf7dd45e475df8fc03eb0f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/prediction_models/LightGBMClassifierMultiTarget.py", "duplicate_line": 39, "correlation_key": "fp|4ae6bb5fa63e8d48123fef92ae0b0740606f6ab709cf7dd45e475df8fc03eb0f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/prediction_models/LightGBMRegressorMultiTarget.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89241, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9d73fa3a136f2875c2742c10517c0f1371b4498816dcc3146f4ab91d3e1a6375", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/prediction_models/LightGBMClassifier.py", "duplicate_line": 10, "correlation_key": "fp|9d73fa3a136f2875c2742c10517c0f1371b4498816dcc3146f4ab91d3e1a6375"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/prediction_models/LightGBMRegressorMultiTarget.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89240, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ade3a94720054155000369cf2d3d4a0960e103bb9a491e44cbfe4e6047d76a22", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/prediction_models/LightGBMClassifier.py", "duplicate_line": 10, "correlation_key": "fp|ade3a94720054155000369cf2d3d4a0960e103bb9a491e44cbfe4e6047d76a22"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/prediction_models/LightGBMRegressor.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89239, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f101f32d7f696157867158c34d938f26040994f9a86d131371dbbbfc35c4745d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/prediction_models/LightGBMClassifier.py", "duplicate_line": 10, "correlation_key": "fp|f101f32d7f696157867158c34d938f26040994f9a86d131371dbbbfc35c4745d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/prediction_models/LightGBMClassifierMultiTarget.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89238, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3fdf841d3ff64c75170f8d7dc81bf21bdf2e418982a165ccad8b13c6faf745f0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/data_drawer.py", "duplicate_line": 41, "correlation_key": "fp|3fdf841d3ff64c75170f8d7dc81bf21bdf2e418982a165ccad8b13c6faf745f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/freqai_interface.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89237, "scanner": "repobility-ai-code-hygiene", "fingerprint": "17af8f0ec9e2ca425a6a2759534d1b2bf2462118b43399e37530d5b287c601ac", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/data_drawer.py", "duplicate_line": 41, "correlation_key": "fp|17af8f0ec9e2ca425a6a2759534d1b2bf2462118b43399e37530d5b287c601ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/data_kitchen.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89236, "scanner": "repobility-ai-code-hygiene", "fingerprint": "486f8fc359f8b0495af9158229261500c5bb40c365d98eb3d2fcc3d3c28dab91", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/base_models/FreqaiMultiOutputClassifier.py", "duplicate_line": 37, "correlation_key": "fp|486f8fc359f8b0495af9158229261500c5bb40c365d98eb3d2fcc3d3c28dab91"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/FreqaiMultiOutputRegressor.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89235, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2649c3e46d1a948bfd69e1eade361f78404e5d23e84bd6b0120cac455f670171", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/base_models/BasePyTorchRegressor.py", "duplicate_line": 64, "correlation_key": "fp|2649c3e46d1a948bfd69e1eade361f78404e5d23e84bd6b0120cac455f670171"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BaseRegressionModel.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89234, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1cd1d20eba61f7b8141a7364aecdbcbb9198664a05e61d7779df9f3c1ca23aed", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/base_models/BaseClassifierModel.py", "duplicate_line": 16, "correlation_key": "fp|1cd1d20eba61f7b8141a7364aecdbcbb9198664a05e61d7779df9f3c1ca23aed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BaseRegressionModel.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89233, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8863c1fea9febd1a062ae704b3d2c4e36fe9f24c80b4e028fcd94a0780956c92", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/base_models/BasePyTorchClassifier.py", "duplicate_line": 53, "correlation_key": "fp|8863c1fea9febd1a062ae704b3d2c4e36fe9f24c80b4e028fcd94a0780956c92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BasePyTorchRegressor.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89232, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f3e3e6e0e9222e417bcf1f86da2a86cf18ae39a1eeafd709a1a95c91deb1d93c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/base_models/BaseClassifierModel.py", "duplicate_line": 66, "correlation_key": "fp|f3e3e6e0e9222e417bcf1f86da2a86cf18ae39a1eeafd709a1a95c91deb1d93c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BasePyTorchRegressor.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89231, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e005101bec65318241192f6eba7654dece94da41ecd32d8c5edb3ce2081628a9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/RL/BaseReinforcementLearningModel.py", "duplicate_line": 107, "correlation_key": "fp|e005101bec65318241192f6eba7654dece94da41ecd32d8c5edb3ce2081628a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BasePyTorchClassifier.py"}, "region": {"startLine": 148}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89230, "scanner": "repobility-ai-code-hygiene", "fingerprint": "abb0e23b8da27c08948e67cd764b650f795f2a4b55061c86d531195384cb1a1f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/base_models/BaseClassifierModel.py", "duplicate_line": 39, "correlation_key": "fp|abb0e23b8da27c08948e67cd764b650f795f2a4b55061c86d531195384cb1a1f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BasePyTorchClassifier.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89229, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5bf964b4e7538d0383940381cd9b1fa3970bcac487bf79ccbca35454b7495826", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/RL/BaseReinforcementLearningModel.py", "duplicate_line": 107, "correlation_key": "fp|5bf964b4e7538d0383940381cd9b1fa3970bcac487bf79ccbca35454b7495826"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BaseClassifierModel.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89228, "scanner": "repobility-ai-code-hygiene", "fingerprint": "83603cb456664d8930c4c0f813789a20800f8a3a686bbf01a3de7ffed381d307", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/RL/BaseEnvironment.py", "duplicate_line": 286, "correlation_key": "fp|83603cb456664d8930c4c0f813789a20800f8a3a686bbf01a3de7ffed381d307"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/RL/BaseReinforcementLearningModel.py"}, "region": {"startLine": 345}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89227, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dc6fab1e7d7e7a8121e67a55abf2526debbf900afd4c6e7d00e1d7b1e85bd56a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/RL/Base4ActionRLEnv.py", "duplicate_line": 31, "correlation_key": "fp|dc6fab1e7d7e7a8121e67a55abf2526debbf900afd4c6e7d00e1d7b1e85bd56a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/RL/Base5ActionRLEnv.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89226, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3721e5cec4ca21d9a9fd2ac6550ae48e3162d725d7dc46df364719acbb6c323c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/RL/Base3ActionRLEnv.py", "duplicate_line": 13, "correlation_key": "fp|3721e5cec4ca21d9a9fd2ac6550ae48e3162d725d7dc46df364719acbb6c323c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/RL/Base5ActionRLEnv.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89225, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e7cb1294423f45e5d1e48a11d68ef62aac9740afc4ed2769e0e90332d1cf9f82", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/freqai/RL/Base3ActionRLEnv.py", "duplicate_line": 13, "correlation_key": "fp|e7cb1294423f45e5d1e48a11d68ef62aac9740afc4ed2769e0e90332d1cf9f82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/RL/Base4ActionRLEnv.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89224, "scanner": "repobility-ai-code-hygiene", "fingerprint": "045c2cc7836f554415e806d55f9a3dae5f6b48c18ddf9c78a1f27e89d48797e5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/exchange/bitget.py", "duplicate_line": 149, "correlation_key": "fp|045c2cc7836f554415e806d55f9a3dae5f6b48c18ddf9c78a1f27e89d48797e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/okx.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89223, "scanner": "repobility-ai-code-hygiene", "fingerprint": "77a4c909b92eefcdb4ea2b63e3e9bc8ed12ef388f7852a8aab894a72a4f87a04", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/exchange/bitget.py", "duplicate_line": 146, "correlation_key": "fp|77a4c909b92eefcdb4ea2b63e3e9bc8ed12ef388f7852a8aab894a72a4f87a04"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/kraken.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89222, "scanner": "repobility-ai-code-hygiene", "fingerprint": "cbb30d811f84188eafd874c504ae3b02d1df5bfc636a5897ebb92ee4e9a0aff7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/exchange/bybit.py", "duplicate_line": 132, "correlation_key": "fp|cbb30d811f84188eafd874c504ae3b02d1df5bfc636a5897ebb92ee4e9a0aff7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/hyperliquid.py"}, "region": {"startLine": 187}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89221, "scanner": "repobility-ai-code-hygiene", "fingerprint": "235b5dcff6367f74e2d594105eabc7e1c36feedb4e78450ab7e9240282fc9732", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/exchange/bitget.py", "duplicate_line": 141, "correlation_key": "fp|235b5dcff6367f74e2d594105eabc7e1c36feedb4e78450ab7e9240282fc9732"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/gate.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89220, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7952e3199dfed02baeaf54ba426860c84a18aa3a2e009b62c052344c854a6568", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/exchange/bitget.py", "duplicate_line": 129, "correlation_key": "fp|7952e3199dfed02baeaf54ba426860c84a18aa3a2e009b62c052344c854a6568"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/bybit.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89219, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f34d15e7ec2e5c883ff899c8b89191befbb5b9e644fb0cc3891c430764f2ac04", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/exchange/binance.py", "duplicate_line": 263, "correlation_key": "fp|f34d15e7ec2e5c883ff899c8b89191befbb5b9e644fb0cc3891c430764f2ac04"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/bitget.py"}, "region": {"startLine": 167}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89218, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a089821e6d57771db552590a814dfec6a9a53d6cc1eb780243fc269e2e1eba0c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/data/history/datahandlers/jsondatahandler.py", "duplicate_line": 96, "correlation_key": "fp|a089821e6d57771db552590a814dfec6a9a53d6cc1eb780243fc269e2e1eba0c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/data/history/datahandlers/parquetdatahandler.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89217, "scanner": "repobility-ai-code-hygiene", "fingerprint": "09cb6002038c8b1f26f24c31fc3e51318e87347624c6dcd18f30e8953aec04f2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/data/history/datahandlers/featherdatahandler.py", "duplicate_line": 10, "correlation_key": "fp|09cb6002038c8b1f26f24c31fc3e51318e87347624c6dcd18f30e8953aec04f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/data/history/datahandlers/parquetdatahandler.py"}, "region": {"startLine": 9}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89216, "scanner": "repobility-ai-code-hygiene", "fingerprint": "15877e5dee6d47282c45a2c8531dbf1ff24feb2af7a62879757a6ccb4e2d2d5a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/data/history/datahandlers/featherdatahandler.py", "duplicate_line": 10, "correlation_key": "fp|15877e5dee6d47282c45a2c8531dbf1ff24feb2af7a62879757a6ccb4e2d2d5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/data/history/datahandlers/jsondatahandler.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 89215, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b43dfb4fe362ec482a0a88279015bfc708f65d477b9fb0ff5c50086a0fb8416f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "freqtrade/data/history/datahandlers/featherdatahandler.py", "duplicate_line": 29, "correlation_key": "fp|b43dfb4fe362ec482a0a88279015bfc708f65d477b9fb0ff5c50086a0fb8416f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/data/history/datahandlers/idatahandler.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 89213, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3b8232f569dc6ee8f7ccc95ed392a380ca81fb0095415ce0dc94143c6643c93a", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "update", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|3b8232f569dc6ee8f7ccc95ed392a380ca81fb0095415ce0dc94143c6643c93a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_helpers/pre_commit_update.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 89207, "scanner": "repobility-threat-engine", "fingerprint": "182cdd6cc1f58fc403d4b6297c2b9f64d5259db6e2426dc58565e6aeb1bfe4a3", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"Freqtrade/\" + __version__ + \" Remotepairlist\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|182cdd6cc1f58fc403d4b6297c2b9f64d5259db6e2426dc58565e6aeb1bfe4a3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/plugins/pairlist/RemotePairList.py"}, "region": {"startLine": 163}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `start_new_strategy` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=2, if=4, nested_bonus=3."}, "properties": {"repobilityId": 89158, "scanner": "repobility-threat-engine", "fingerprint": "fa7e66f5d080f4e36eee143a1d6c06f267f5856896978a7d4d00adbec34a374f", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "start_new_strategy", "breakdown": {"if": 4, "else": 2, "nested_bonus": 3}, "complexity": 9, "correlation_key": "fp|fa7e66f5d080f4e36eee143a1d6c06f267f5856896978a7d4d00adbec34a374f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/deploy_commands.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `start_list_data` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=1, for=1, if=4, nested_bonus=2."}, "properties": {"repobilityId": 89157, "scanner": "repobility-threat-engine", "fingerprint": "e40709e2568d4991bf902659e1dd46620f70076b62c29cc10fed957f396cd700", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "start_list_data", "breakdown": {"if": 4, "for": 1, "else": 1, "nested_bonus": 2}, "complexity": 8, "correlation_key": "fp|e40709e2568d4991bf902659e1dd46620f70076b62c29cc10fed957f396cd700"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/data_commands.py"}, "region": {"startLine": 115}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `extract_command_partials` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: break=1, else=1, for=2, if=3, nested_bonus=2."}, "properties": {"repobilityId": 89156, "scanner": "repobility-threat-engine", "fingerprint": "a0b915017a241ae6d1e69e37953e0a6f70d01603a6e12de99e541d43d70ca8a2", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "extract_command_partials", "breakdown": {"if": 3, "for": 2, "else": 1, "break": 1, "nested_bonus": 2}, "complexity": 9, "correlation_key": "fp|a0b915017a241ae6d1e69e37953e0a6f70d01603a6e12de99e541d43d70ca8a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_helpers/create_command_partials.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "DKR002", "level": "none", "message": {"text": "Dockerfile base image is selected through a build variable"}, "properties": {"repobilityId": 89262, "scanner": "repobility-docker", "fingerprint": "8c24b82ea22830223917cee8a54f6b72b69092e15f64fdbf11d21beb42ea3334", "category": "docker", "severity": "info", "confidence": 0.48, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Base image contains a variable; manual review is needed to avoid false positives.", "evidence": {"image": "${sourceimage}:${sourcetag}", "rule_id": "DKR002", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/"], "correlation_key": "fp|8c24b82ea22830223917cee8a54f6b72b69092e15f64fdbf11d21beb42ea3334"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.plot"}, "region": {"startLine": 3}}}]}, {"ruleId": "DKR002", "level": "none", "message": {"text": "Dockerfile base image is selected through a build variable"}, "properties": {"repobilityId": 89259, "scanner": "repobility-docker", "fingerprint": "f3ffb3468fadc6d963c47a883a9580aa973dadf70726ca6ab28725d3d52dc33a", "category": "docker", "severity": "info", "confidence": 0.48, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Base image contains a variable; manual review is needed to avoid false positives.", "evidence": {"image": "${sourceimage}:${sourcetag}", "rule_id": "DKR002", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/"], "correlation_key": "fp|f3ffb3468fadc6d963c47a883a9580aa973dadf70726ca6ab28725d3d52dc33a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.freqai_rl"}, "region": {"startLine": 3}}}]}, {"ruleId": "DKR002", "level": "none", "message": {"text": "Dockerfile base image is selected through a build variable"}, "properties": {"repobilityId": 89257, "scanner": "repobility-docker", "fingerprint": "9ee6c0d1afc18e590131d66dc2a7b8c754cedb4886d7d57894e0e0cf1d5d7940", "category": "docker", "severity": "info", "confidence": 0.48, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Base image contains a variable; manual review is needed to avoid false positives.", "evidence": {"image": "${sourceimage}:${sourcetag}", "rule_id": "DKR002", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/"], "correlation_key": "fp|9ee6c0d1afc18e590131d66dc2a7b8c754cedb4886d7d57894e0e0cf1d5d7940"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.freqai"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED065", "level": "none", "message": {"text": "[MINED065] Cors Wildcard: Access-Control-Allow-Origin: * exposes the API to any browser origin. Acceptable for public read-only endpoints; dangerous when paired with credentials or write endpoints."}, "properties": {"repobilityId": 89212, "scanner": "repobility-threat-engine", "fingerprint": "732a79badd4d110d873092224d422f35308e224f363f48a5c02fe0053fb29395", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cors-wildcard", "owasp": "A05:2021", "cwe_ids": ["CWE-942", "CWE-346"], "languages": ["python", "javascript", "typescript", "yaml", "json"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348052+00:00", "triaged_in_corpus": 12, "observations_count": 63910, "ai_coder_pattern_id": 46}, "scanner": "repobility-threat-engine", "correlation_key": "fp|732a79badd4d110d873092224d422f35308e224f363f48a5c02fe0053fb29395"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/webserver.py"}, "region": {"startLine": 272}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 89205, "scanner": "repobility-threat-engine", "fingerprint": "3e86de09a574bbaf2087ff7789d3ec2c4f275272886b2948ea2387049b252214", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3e86de09a574bbaf2087ff7789d3ec2c4f275272886b2948ea2387049b252214"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ft_client/freqtrade_client/ft_client.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 89204, "scanner": "repobility-threat-engine", "fingerprint": "86e4f5787b5725e29920fe50b9fc9d4a678f1ff1dbb7bf59eec22e1a0c9bb620", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'test\\b' detected on same line", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|86e4f5787b5725e29920fe50b9fc9d4a678f1ff1dbb7bf59eec22e1a0c9bb620"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/persistence/models.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 89203, "scanner": "repobility-threat-engine", "fingerprint": "b77bb8063afa2aa79755ebe63fa2e54ad8c1b909795dba4ea5c0efc0c169e48c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b77bb8063afa2aa79755ebe63fa2e54ad8c1b909795dba4ea5c0efc0c169e48c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/optimize/hyperopt_loss/hyperopt_loss_sortino_daily.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 89199, "scanner": "repobility-threat-engine", "fingerprint": "ab8da9b5986ecd12b37a79c2996b8e50407d9cea73fb774fd0a38602f68fdc76", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|ab8da9b5986ecd12b37a79c2996b8e50407d9cea73fb774fd0a38602f68fdc76", "aggregated_count": 1}}}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 89198, "scanner": "repobility-threat-engine", "fingerprint": "1ef7e238cdf3af18f361be5d1874dc9344811d3e0f2f66f3d5222365fac13754", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|1ef7e238cdf3af18f361be5d1874dc9344811d3e0f2f66f3d5222365fac13754"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/persistence/base.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 89197, "scanner": "repobility-threat-engine", "fingerprint": "9cbaa01894dc8426626b7d3e2558d6b79c66f889c473564427b868f0306e2670", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9cbaa01894dc8426626b7d3e2558d6b79c66f889c473564427b868f0306e2670"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/optimize/hyperopt_loss/hyperopt_loss_short_trade_dur.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 89196, "scanner": "repobility-threat-engine", "fingerprint": "7484897b13746942dae14b3258d2b9f2b32944c5dba568aec9b465b620b92aa6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7484897b13746942dae14b3258d2b9f2b32944c5dba568aec9b465b620b92aa6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/ft_types/backtest_result_type.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 89193, "scanner": "repobility-threat-engine", "fingerprint": "c59edcd8286991ab7caac4493f8f01b268fef2a5d218265ad20f6e2d1172fefb", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|c59edcd8286991ab7caac4493f8f01b268fef2a5d218265ad20f6e2d1172fefb"}}}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 89192, "scanner": "repobility-threat-engine", "fingerprint": "848b3201cbadf4a497c8dcbda2d1ecb241c9e9e7745bc678d8b2f667ca3d58c0", "category": "injection", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern '\\.eval\\(' detected on same line", "evidence": {"match": ".eval(", "reason": "Safe pattern '\\.eval\\(' detected on same line", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|injection|token|129|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/prediction_models/PyTorchTransformerRegressor.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 89191, "scanner": "repobility-threat-engine", "fingerprint": "65db983206ee73210716358c0b46ebf3d109710b46e292b10789e0328cadfbed", "category": "injection", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern '\\.eval\\(' detected on same line", "evidence": {"match": ".eval(", "reason": "Safe pattern '\\.eval\\(' detected on same line", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|injection|token|50|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BasePyTorchRegressor.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 89190, "scanner": "repobility-threat-engine", "fingerprint": "8c4ff51955b3e827c3a2577e9f80928cbc13fb3f2813d68673ebce595126cd68", "category": "injection", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern '\\.eval\\(' detected on same line", "evidence": {"match": ".eval(", "reason": "Safe pattern '\\.eval\\(' detected on same line", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|injection|token|82|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/freqai/base_models/BasePyTorchClassifier.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 89189, "scanner": "repobility-threat-engine", "fingerprint": "719f16a1467677730b367baa2144dabfe702dd229dc13e6f3e8747ec0afa970d", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|719f16a1467677730b367baa2144dabfe702dd229dc13e6f3e8747ec0afa970d"}}}, {"ruleId": "MINED009", "level": "none", "message": {"text": "[MINED009] Floats For Money (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 89185, "scanner": "repobility-threat-engine", "fingerprint": "83acd2969e035bfee2217931b5cfa5bc922dbf27bb1e8b107e657a60fcf22e05", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|83acd2969e035bfee2217931b5cfa5bc922dbf27bb1e8b107e657a60fcf22e05", "aggregated_count": 6}}}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 89181, "scanner": "repobility-threat-engine", "fingerprint": "7fa035b085c0bd9a31a5276c49da091420eed1825fee6f01486426827fccfced", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|7fa035b085c0bd9a31a5276c49da091420eed1825fee6f01486426827fccfced", "aggregated_count": 5}}}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 89177, "scanner": "repobility-threat-engine", "fingerprint": "c9a72f22ca9f60ff54f15e1be5d13d497a9bbd68d1ffd42465ec1168d1bad165", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c9a72f22ca9f60ff54f15e1be5d13d497a9bbd68d1ffd42465ec1168d1bad165"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/plugins/pairlist/RemotePairList.py"}, "region": {"startLine": 169}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 89176, "scanner": "repobility-threat-engine", "fingerprint": "181a65bdc5fd98b372ec88bc0fbe9b964e44140ecd92cb9d00aae4a679b7709a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|181a65bdc5fd98b372ec88bc0fbe9b964e44140ecd92cb9d00aae4a679b7709a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/deploy_ui.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 89175, "scanner": "repobility-threat-engine", "fingerprint": "4b68f4f7635c713fd7d499ccc6b51d8979a54ecab6211b817fb4a17bf285e811", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'timeout\\s*=' detected on same line", "evidence": {"match": "requests.get(", "reason": "Safe pattern 'timeout\\s*=' detected on same line", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "fp|4b68f4f7635c713fd7d499ccc6b51d8979a54ecab6211b817fb4a17bf285e811"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/plugins/pairlist/RemotePairList.py"}, "region": {"startLine": 169}}}]}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 89174, "scanner": "repobility-threat-engine", "fingerprint": "5cfd6c3bdabb680bc43c6622dca3bdf0b81011000d9aa5e0526cfe20dcb8a3e9", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'timeout\\s*=' detected on same line", "evidence": {"match": "requests.get(", "reason": "Safe pattern 'timeout\\s*=' detected on same line", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "fp|5cfd6c3bdabb680bc43c6622dca3bdf0b81011000d9aa5e0526cfe20dcb8a3e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/deploy_ui.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED006", "level": "none", "message": {"text": "[MINED006] Overcatch Baseexception (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 89170, "scanner": "repobility-threat-engine", "fingerprint": "f87ed9b6811675c97d18c0024fde96dcf647cce402a76a98ff5bf685ee8d2ef2", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|f87ed9b6811675c97d18c0024fde96dcf647cce402a76a98ff5bf685ee8d2ef2", "aggregated_count": 1}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 29 more): Same pattern found in 29 additional files. Review if needed."}, "properties": {"repobilityId": 89166, "scanner": "repobility-threat-engine", "fingerprint": "975664a10247146c6afbaa154aad1bcfecca0ba0721166f8d112e96a1249c103", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 29 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|975664a10247146c6afbaa154aad1bcfecca0ba0721166f8d112e96a1249c103", "aggregated_count": 29}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 89165, "scanner": "repobility-threat-engine", "fingerprint": "6fd1f3468208027abedc0a5e51946388720f1b85e515ac6b25bcdb4fa29669fc", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6fd1f3468208027abedc0a5e51946388720f1b85e515ac6b25bcdb4fa29669fc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/data/history/datahandlers/featherdatahandler.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 89164, "scanner": "repobility-threat-engine", "fingerprint": "cf61277a7d0dcd41cf425ff2288de806894991a8a8e7f365e36f52420f82f86f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cf61277a7d0dcd41cf425ff2288de806894991a8a8e7f365e36f52420f82f86f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/configuration/environment_vars.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 89163, "scanner": "repobility-threat-engine", "fingerprint": "d02125b25192dd3e11d54f939cf2ee96081e1a57cb0b9ae875fc8df86584eae0", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d02125b25192dd3e11d54f939cf2ee96081e1a57cb0b9ae875fc8df86584eae0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/__init__.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "SEC007", "level": "none", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 89160, "scanner": "repobility-threat-engine", "fingerprint": "d3c8aab13d3f89025ac4335f3bc3e74e61d5be6b10873c8060403c38edd37ec5", "category": "deserialization", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'SafeLoader' detected on same line", "evidence": {"match": "yaml.load(", "reason": "Safe pattern 'SafeLoader' detected on same line", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|deserialization|token|59|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_helpers/pre_commit_update.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 102 more): Same pattern found in 102 additional files. Review if needed."}, "properties": {"repobilityId": 89159, "scanner": "repobility-threat-engine", "fingerprint": "1667d3eff90e8546bc0e88b9a94bd5c8d27d15292fd00f3731954309b3fdfb28", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 102 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "extract_command_partials", "breakdown": {"if": 3, "for": 2, "else": 1, "break": 1, "nested_bonus": 2}, "aggregated": true, "complexity": 9, "correlation_key": "fp|1667d3eff90e8546bc0e88b9a94bd5c8d27d15292fd00f3731954309b3fdfb28", "aggregated_count": 102}}}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `freqtradeorg/freqtrade:develop_freqairl` not pinned by digest: `FROM freqtradeorg/freqtrade:develop_freqairl` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 89370, "scanner": "repobility-supply-chain", "fingerprint": "aa234a2fdea9fe7cb9740c0efff03476aca1f375e73fd97ac9adfbdb6aec6c91", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|aa234a2fdea9fe7cb9740c0efff03476aca1f375e73fd97ac9adfbdb6aec6c91"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/.devcontainer/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `freqtradeorg/freqtrade:develop` not pinned by digest: `FROM freqtradeorg/freqtrade:develop` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 89361, "scanner": "repobility-supply-chain", "fingerprint": "a4546dc172d77e5228bb8d48cceed98c97fd03e934b305320f5d79e1c51e46a7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a4546dc172d77e5228bb8d48cceed98c97fd03e934b305320f5d79e1c51e46a7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.custom"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `python:3.11.15-slim-bookworm` not pinned by digest: `FROM python:3.11.15-slim-bookworm` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 89360, "scanner": "repobility-supply-chain", "fingerprint": "6efd002534ae9c39c2c5110dc62b44b4c1b86bc71476f303e721975c7194bf4f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6efd002534ae9c39c2c5110dc62b44b4c1b86bc71476f303e721975c7194bf4f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.armhf"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `freqtradeorg/freqtrade:develop_plot` not pinned by digest: `FROM freqtradeorg/freqtrade:develop_plot` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 89359, "scanner": "repobility-supply-chain", "fingerprint": "0ea84c628552b5d92e8779527e9fbdda30aa8f541f78b9a20bf9fc8e9d9846df", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0ea84c628552b5d92e8779527e9fbdda30aa8f541f78b9a20bf9fc8e9d9846df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile.jupyter"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/woodruffw/zizmor-pre-commit` pinned to mutable rev `v1.25.2`: `.pre-commit-config.yaml` references `https://github.com/woodruffw/zizmor-pre-commit` at `rev: v1.25.2`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 89358, "scanner": "repobility-supply-chain", "fingerprint": "1e6f490c4c90546b5639ba8a47015f7168b1782fadc97a72bdc8dc8079db9caa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1e6f490c4c90546b5639ba8a47015f7168b1782fadc97a72bdc8dc8079db9caa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/codespell-project/codespell` pinned to mutable rev `v2.4.2`: `.pre-commit-config.yaml` references `https://github.com/codespell-project/codespell` at `rev: v2.4.2`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 89357, "scanner": "repobility-supply-chain", "fingerprint": "4b1f61d5fa521a2688fabdc2118dff05e90c77c40148b06a97e1a40a819897d8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4b1f61d5fa521a2688fabdc2118dff05e90c77c40148b06a97e1a40a819897d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/stefmolin/exif-stripper` pinned to mutable rev `1.2.0`: `.pre-commit-config.yaml` references `https://github.com/stefmolin/exif-stripper` at `rev: 1.2.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 89356, "scanner": "repobility-supply-chain", "fingerprint": "8663d761c6883a6d8f9fbbb46e186531217a2e79e300397344b46c5780e115e1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8663d761c6883a6d8f9fbbb46e186531217a2e79e300397344b46c5780e115e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v6.0.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/pre-commit-hooks` at `rev: v6.0.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 89355, "scanner": "repobility-supply-chain", "fingerprint": "708d0544415bd07ce220ad62f3914f99a36b39468dc2fbf29053086570152a3c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|708d0544415bd07ce220ad62f3914f99a36b39468dc2fbf29053086570152a3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/mirrors-mypy` pinned to mutable rev `v2.1.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/mirrors-mypy` at `rev: v2.1.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 89354, "scanner": "repobility-supply-chain", "fingerprint": "73405f2be6504b4edb50923db3806bff54bd26300db2d0aea985a39df8483fb3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|73405f2be6504b4edb50923db3806bff54bd26300db2d0aea985a39df8483fb3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `python:3.14.5-slim-trixie` not pinned by digest: `FROM python:3.14.5-slim-trixie` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 89353, "scanner": "repobility-supply-chain", "fingerprint": "4c9653f753f94a45b702a629c75e7e65dcfc47a8c0cd4f3a0f4f6a66ddb851f0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4c9653f753f94a45b702a629c75e7e65dcfc47a8c0cd4f3a0f4f6a66ddb851f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI DELETE /backtest has no auth: Handler `api_delete_backtest` is registered with router/app.delete(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 89352, "scanner": "repobility-route-auth", "fingerprint": "133bd387d788028daab94c8d7d838dcafbbbd269cd5274e2caecedec13245640", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|133bd387d788028daab94c8d7d838dcafbbbd269cd5274e2caecedec13245640"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_backtest.py"}, "region": {"startLine": 226}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_parse_args_backtesting_invalid: Test function `test_parse_args_backtesting_invalid` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89339, "scanner": "repobility-ast-engine", "fingerprint": "f4b2c2e0e52b4ced87c001028f9783ec65173144fc0b8f303cc777e22339bd72", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f4b2c2e0e52b4ced87c001028f9783ec65173144fc0b8f303cc777e22339bd72"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_arguments.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_parse_args_strategy_path_invalid: Test function `test_parse_args_strategy_path_invalid` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89338, "scanner": "repobility-ast-engine", "fingerprint": "01a8380428c745fab63798fd37589c024bb2fe5950c7ccc00c887a7ab0265023", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|01a8380428c745fab63798fd37589c024bb2fe5950c7ccc00c887a7ab0265023"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_arguments.py"}, "region": {"startLine": 152}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_parse_args_strategy_invalid: Test function `test_parse_args_strategy_invalid` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89337, "scanner": "repobility-ast-engine", "fingerprint": "281c2953c72719332d289052547aea473f62156457e5c985ab9afd897f739cd7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|281c2953c72719332d289052547aea473f62156457e5c985ab9afd897f739cd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_arguments.py"}, "region": {"startLine": 142}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_parse_args_invalid: Test function `test_parse_args_invalid` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89336, "scanner": "repobility-ast-engine", "fingerprint": "6de306f5e958d7ac750002f364cbefed49c726b0126e03ee533d35e171b0e7b7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6de306f5e958d7ac750002f364cbefed49c726b0126e03ee533d35e171b0e7b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_arguments.py"}, "region": {"startLine": 132}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_get_trade_stake_amount_no_stake_amount: Test function `test_get_trade_stake_amount_no_stake_amount` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89335, "scanner": "repobility-ast-engine", "fingerprint": "9fbab67acb9f1c6df1f2116117d832e55b2127b4521f1817813346ad9c372576", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9fbab67acb9f1c6df1f2116117d832e55b2127b4521f1817813346ad9c372576"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_wallets.py"}, "region": {"startLine": 107}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_setup_freqai_backtesting: Test function `test_setup_freqai_backtesting` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89334, "scanner": "repobility-ast-engine", "fingerprint": "0cb0965c3936424bcd5bb62a97445b94c53df82a5e0f56b7a2f9557469c92388", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0cb0965c3936424bcd5bb62a97445b94c53df82a5e0f56b7a2f9557469c92388"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1548}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_setup_hyperopt_freqai: Test function `test_setup_hyperopt_freqai` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89333, "scanner": "repobility-ast-engine", "fingerprint": "992d488339308dee45087b384a727d659a05a9a312e13f1487791afbc9a3ebe2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|992d488339308dee45087b384a727d659a05a9a312e13f1487791afbc9a3ebe2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1517}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_process_removed_setting: Test function `test_process_removed_setting` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89332, "scanner": "repobility-ast-engine", "fingerprint": "34c59ece9fc7289505cad81029596e73edfafb09782b9d6d3065ba655dc17ac3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|34c59ece9fc7289505cad81029596e73edfafb09782b9d6d3065ba655dc17ac3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1424}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_process_removed_settings: Test function `test_process_removed_settings` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89331, "scanner": "repobility-ast-engine", "fingerprint": "1f55d37f041b665013dd917fc0f16f8e8403948ddaa1bbadcbd25f68e527e665", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1f55d37f041b665013dd917fc0f16f8e8403948ddaa1bbadcbd25f68e527e665"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1314}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_pairlist_resolving_with_config_pl_not_exists: Test function `test_pairlist_resolving_with_config_pl_not_exists` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89330, "scanner": "repobility-ast-engine", "fingerprint": "dee6120e7adbcdd9fcd740a5fe1743e89b9a3cf500cde488dd89f2354e02db65", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dee6120e7adbcdd9fcd740a5fe1743e89b9a3cf500cde488dd89f2354e02db65"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1215}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_load_config_stoploss_exchange_limit_ratio: Test function `test_load_config_stoploss_exchange_limit_ratio` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89329, "scanner": "repobility-ast-engine", "fingerprint": "ee49157aa2ee32e50a8a92564276ce1ca857f2bc3d704a0d5094288beb0fb718", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ee49157aa2ee32e50a8a92564276ce1ca857f2bc3d704a0d5094288beb0fb718"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1111}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_validate_edge_removal: Test function `test_validate_edge_removal` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89328, "scanner": "repobility-ast-engine", "fingerprint": "71f3c07dea730197665c05ffbc1679492109be19f5faec3d64454961d1ba8d9a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|71f3c07dea730197665c05ffbc1679492109be19f5faec3d64454961d1ba8d9a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1064}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test__validate_demo_trading: Test function `test__validate_demo_trading` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89327, "scanner": "repobility-ast-engine", "fingerprint": "c3bd8b5e7baccfad0e76ee9d0c79f5c82b50fadc735cab32132468dcfa6a3a99", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c3bd8b5e7baccfad0e76ee9d0c79f5c82b50fadc735cab32132468dcfa6a3a99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1048}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test__validate_orderflow: Test function `test__validate_orderflow` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89326, "scanner": "repobility-ast-engine", "fingerprint": "04c5c0317cbbf15806b7aba5fd6767df8ea5f1568a4116c66f0a02f958448bff", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|04c5c0317cbbf15806b7aba5fd6767df8ea5f1568a4116c66f0a02f958448bff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 1025}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_validate_whitelist: Test function `test_validate_whitelist` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89325, "scanner": "repobility-ast-engine", "fingerprint": "cb92a4e7e2eda139a661819d8753e3ab92aabef12ed48909e59a777663e6cb9b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cb92a4e7e2eda139a661819d8753e3ab92aabef12ed48909e59a777663e6cb9b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 763}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_validate_tsl: Test function `test_validate_tsl` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89324, "scanner": "repobility-ast-engine", "fingerprint": "93535f9e4a06187bb0c9e9a9932f001ebe37f8c8f6a37fbf5ae1c94d9517dc65", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|93535f9e4a06187bb0c9e9a9932f001ebe37f8c8f6a37fbf5ae1c94d9517dc65"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 716}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_validate_price_side: Test function `test_validate_price_side` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89323, "scanner": "repobility-ast-engine", "fingerprint": "d9c1a4d3af451bd9ab25dc675095d2215c5c7c462eeecf3d82a7311e66d5dc54", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d9c1a4d3af451bd9ab25dc675095d2215c5c7c462eeecf3d82a7311e66d5dc54"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 680}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_validate_max_open_trades: Test function `test_validate_max_open_trades` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89322, "scanner": "repobility-ast-engine", "fingerprint": "306c852f9398c960a824949cb4d457d722d50c7a1a916a0e8172dc2e492c6378", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|306c852f9398c960a824949cb4d457d722d50c7a1a916a0e8172dc2e492c6378"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 670}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_validate_fiat_currency_options: Test function `test_validate_fiat_currency_options` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89321, "scanner": "repobility-ast-engine", "fingerprint": "7c04a615f2d31a3345ab18d8ab81c97d9c7fb347f2a3d5b7ae1e25d3bcfaf61e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7c04a615f2d31a3345ab18d8ab81c97d9c7fb347f2a3d5b7ae1e25d3bcfaf61e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 661}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_validate_default_conf: Test function `test_validate_default_conf` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89320, "scanner": "repobility-ast-engine", "fingerprint": "5c731f95e4cebde94d8df7d847030524380c59f1f82b2e38908018a498178212", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5c731f95e4cebde94d8df7d847030524380c59f1f82b2e38908018a498178212"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 655}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_load_config_file_exception: Test function `test_load_config_file_exception` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89319, "scanner": "repobility-ast-engine", "fingerprint": "71035aeb91007d3256f28007fc47a74f3462dfc1993e8b19d810bca1de51cbe3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|71035aeb91007d3256f28007fc47a74f3462dfc1993e8b19d810bca1de51cbe3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 290}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_load_file_error: Test function `test_load_file_error` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89318, "scanner": "repobility-ast-engine", "fingerprint": "b7a04809f9678f5a7e7eeea306358ea2ee3418e2f6841b31ec77b74b61dc6727", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b7a04809f9678f5a7e7eeea306358ea2ee3418e2f6841b31ec77b74b61dc6727"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_load_config_file_error: Test function `test_load_config_file_error` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89317, "scanner": "repobility-ast-engine", "fingerprint": "a49af6889cf8369af8132e1acb660abe91c9a4fe2a40fe24c3955f24305a2688", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a49af6889cf8369af8132e1acb660abe91c9a4fe2a40fe24c3955f24305a2688"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_load_config_incorrect_stake_amount: Test function `test_load_config_incorrect_stake_amount` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89316, "scanner": "repobility-ast-engine", "fingerprint": "156a6c4f18bad2992b823a3bb22085fe2a07c51c1e5f56759d94465df4a10d5c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|156a6c4f18bad2992b823a3bb22085fe2a07c51c1e5f56759d94465df4a10d5c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_load_config_missing_attributes: Test function `test_load_config_missing_attributes` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 89315, "scanner": "repobility-ast-engine", "fingerprint": "173405508e5abe1de9fa3f5b54c23beb90692aa62ec5d9c1b099a62724aba085", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|173405508e5abe1de9fa3f5b54c23beb90692aa62ec5d9c1b099a62724aba085"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_configuration.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_process_stopped` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89313, "scanner": "repobility-ast-engine", "fingerprint": "d64555b3c86aafea4c18d918439ae866698787b37ac24abc19a79847497d105b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d64555b3c86aafea4c18d918439ae866698787b37ac24abc19a79847497d105b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 195}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._sleep` used but never assigned in __init__: Method `_throttle` of class `Worker` reads `self._sleep`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89312, "scanner": "repobility-ast-engine", "fingerprint": "68c8ed9a3d684d81216d01541d2a0115e5f3d9cfffce04410a3e5f16431591bd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|68c8ed9a3d684d81216d01541d2a0115e5f3d9cfffce04410a3e5f16431591bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 186}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89311, "scanner": "repobility-ast-engine", "fingerprint": "479168c8f5261db3e5d4db72ce211a2a5bf03f15145a47f7b2043cbef43545b1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|479168c8f5261db3e5d4db72ce211a2a5bf03f15145a47f7b2043cbef43545b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 135}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._throttle_secs` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._throttle_secs`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89310, "scanner": "repobility-ast-engine", "fingerprint": "62c93f481961f4b171f45b1f486bd46a0efea9381ce88b1d345bbb7477517e4d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|62c93f481961f4b171f45b1f486bd46a0efea9381ce88b1d345bbb7477517e4d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._process_running` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._process_running`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89309, "scanner": "repobility-ast-engine", "fingerprint": "17eac78521661b7f2190bd78edb06a03cc3959fbeb961735ade85ca04a5d2e17", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|17eac78521661b7f2190bd78edb06a03cc3959fbeb961735ade85ca04a5d2e17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 125}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89308, "scanner": "repobility-ast-engine", "fingerprint": "e23fa8ef5cdac181f352236f066f1f780852ca1610af60adc6a1fbeef11c655c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e23fa8ef5cdac181f352236f066f1f780852ca1610af60adc6a1fbeef11c655c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 106}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89307, "scanner": "repobility-ast-engine", "fingerprint": "d7e898b3a6928a24fdaecfe9968bf22315ac069e534a75c7ed5f95c6b2684e11", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d7e898b3a6928a24fdaecfe9968bf22315ac069e534a75c7ed5f95c6b2684e11"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89306, "scanner": "repobility-ast-engine", "fingerprint": "0ea950d8da077b8057d1558c5d1855cc6702ff27d414ebed4d00326943ea3116", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0ea950d8da077b8057d1558c5d1855cc6702ff27d414ebed4d00326943ea3116"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 94}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._throttle` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._throttle`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89305, "scanner": "repobility-ast-engine", "fingerprint": "aa7437d0b190aba065315ab9cc091e0c5df5311d4e55a43c10084c2bc0fcd086", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa7437d0b190aba065315ab9cc091e0c5df5311d4e55a43c10084c2bc0fcd086"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._notify` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._notify`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89304, "scanner": "repobility-ast-engine", "fingerprint": "854dfdc33c6abcc136b38a33762f36514a44c7b62786b9e77b4c8887ea1cde82", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|854dfdc33c6abcc136b38a33762f36514a44c7b62786b9e77b4c8887ea1cde82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._throttle_secs` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._throttle_secs`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89303, "scanner": "repobility-ast-engine", "fingerprint": "33cd415355dd2f19d1ef1bd59455a4f2e703b5b846a143c0a43b0870b4abc1f3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|33cd415355dd2f19d1ef1bd59455a4f2e703b5b846a143c0a43b0870b4abc1f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 116}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._process_stopped` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._process_stopped`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89302, "scanner": "repobility-ast-engine", "fingerprint": "a40cb25bcdc468469f3a8b9710ccebe9c81a1e16dd9b1c7283dab1f8345a2841", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a40cb25bcdc468469f3a8b9710ccebe9c81a1e16dd9b1c7283dab1f8345a2841"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 116}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._heartbeat_interval` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._heartbeat_interval`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89301, "scanner": "repobility-ast-engine", "fingerprint": "fb697d6fa370b89be6f6e00ccc2cee6af31d0bba298f9974f68624b2b8ae1754", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fb697d6fa370b89be6f6e00ccc2cee6af31d0bba298f9974f68624b2b8ae1754"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._throttle` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._throttle`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89300, "scanner": "repobility-ast-engine", "fingerprint": "6a08a581409e87bd8bf5dbeacbdb0f2dc7b9d39c79f0fd6827dee8b38e3ff694", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6a08a581409e87bd8bf5dbeacbdb0f2dc7b9d39c79f0fd6827dee8b38e3ff694"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 116}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._notify` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._notify`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89299, "scanner": "repobility-ast-engine", "fingerprint": "01cc5e17e3fb5b48d6b9d397259b2a16049bf7bcbf10da184afa19551f40074a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|01cc5e17e3fb5b48d6b9d397259b2a16049bf7bcbf10da184afa19551f40074a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 114}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89298, "scanner": "repobility-ast-engine", "fingerprint": "13a6b37b6c51713121d2ec47758973c5041001e55d3aa659778a48c685a6757e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|13a6b37b6c51713121d2ec47758973c5041001e55d3aa659778a48c685a6757e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._heartbeat_interval` used but never assigned in __init__: Method `_worker` of class `Worker` reads `self._heartbeat_interval`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89297, "scanner": "repobility-ast-engine", "fingerprint": "5c50adb2dd44bfbbe3a8aa9134b12e4d18af35e7f8880254e1b7981b321b7a49", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5c50adb2dd44bfbbe3a8aa9134b12e4d18af35e7f8880254e1b7981b321b7a49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 131}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._reconfigure` used but never assigned in __init__: Method `run` of class `Worker` reads `self._reconfigure`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89296, "scanner": "repobility-ast-engine", "fingerprint": "78b975a1df495f6fe63e43533371212057a9d3bd4e9c7665f79e69b8b41a0f35", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|78b975a1df495f6fe63e43533371212057a9d3bd4e9c7665f79e69b8b41a0f35"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._worker` used but never assigned in __init__: Method `run` of class `Worker` reads `self._worker`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89295, "scanner": "repobility-ast-engine", "fingerprint": "3a71c24adb8a694d942f92049a0620189eec790baac7d11df7c7490030ca58b2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3a71c24adb8a694d942f92049a0620189eec790baac7d11df7c7490030ca58b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._sd_notify` used but never assigned in __init__: Method `_notify` of class `Worker` reads `self._sd_notify`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89294, "scanner": "repobility-ast-engine", "fingerprint": "87343ebc2699ea88f8bc8073a4361042d7271c2af8b99375050de1736bca1336", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|87343ebc2699ea88f8bc8073a4361042d7271c2af8b99375050de1736bca1336"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._sd_notify` used but never assigned in __init__: Method `_notify` of class `Worker` reads `self._sd_notify`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89293, "scanner": "repobility-ast-engine", "fingerprint": "0e55cc8ceaf19709b09cb52666b405378c0206c445c658a7eff7a6463d46a6aa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0e55cc8ceaf19709b09cb52666b405378c0206c445c658a7eff7a6463d46a6aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._sd_notify` used but never assigned in __init__: Method `_init` of class `Worker` reads `self._sd_notify`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89292, "scanner": "repobility-ast-engine", "fingerprint": "070633f67fc09e413a069794e02291a9bb16fe4fe3bf4a3937afcb585beeec87", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|070633f67fc09e413a069794e02291a9bb16fe4fe3bf4a3937afcb585beeec87"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._heartbeat_interval` used but never assigned in __init__: Method `_init` of class `Worker` reads `self._heartbeat_interval`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89291, "scanner": "repobility-ast-engine", "fingerprint": "b180ed9fe6febd931e6129047ee7a25dec908c8995298c298a487105b3b6e1d5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b180ed9fe6febd931e6129047ee7a25dec908c8995298c298a487105b3b6e1d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._throttle_secs` used but never assigned in __init__: Method `_init` of class `Worker` reads `self._throttle_secs`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89290, "scanner": "repobility-ast-engine", "fingerprint": "047cd261f7350c1a31aa9f495921521ba689c962a409324e746339fe205b9faa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|047cd261f7350c1a31aa9f495921521ba689c962a409324e746339fe205b9faa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.freqtrade` used but never assigned in __init__: Method `_init` of class `Worker` reads `self.freqtrade`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 89289, "scanner": "repobility-ast-engine", "fingerprint": "5ce41906de94545408264c69b34223ef730b181b6158a42f9ace08619a6abfeb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5ce41906de94545408264c69b34223ef730b181b6158a42f9ace08619a6abfeb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/worker.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: DELETE /locks/{lockid}."}, "properties": {"repobilityId": 89275, "scanner": "repobility-access-control", "fingerprint": "2e4ea40ca1eae2e8ab5af536e1fb9e1ba63c8430415e20cf4365cfcadd172efc", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/locks/{lockid}", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|305|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 305}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /trades/{trade_id}/custom-data."}, "properties": {"repobilityId": 89274, "scanner": "repobility-access-control", "fingerprint": "fcc374f090f5133244ce459946524b549f6b820d7c15e4a01986400e4c4d2a43", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trades/{trade_id}/custom-data", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|222|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 222}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: POST /trades/{tradeid}/reload."}, "properties": {"repobilityId": 89273, "scanner": "repobility-access-control", "fingerprint": "07d732e6124a6508b5b7997bfd31e408aa7fbe23a26f8ca2a4ec924b64352945", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trades/{tradeid}/reload", "method": "POST", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|198|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 198}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: DELETE /trades/{tradeid}/open-order."}, "properties": {"repobilityId": 89272, "scanner": "repobility-access-control", "fingerprint": "533e9a205292f28fedf302294d60c7d6aab95aaabd4a6cc26ec927e94dfc48fd", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trades/{tradeid}/open-order", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|192|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 192}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: DELETE /trades/{tradeid}."}, "properties": {"repobilityId": 89271, "scanner": "repobility-access-control", "fingerprint": "b984dc2534e26b8cdede9ff9855b5d6fcc98364325fdd2c748a203c1def645c7", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trades/{tradeid}", "method": "DELETE", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|187|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 187}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /trade/{tradeid}."}, "properties": {"repobilityId": 89270, "scanner": "repobility-access-control", "fingerprint": "7449276afbcaf312afca8c132faa269832db7023bc28eafee28c35c55b3c32b9", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/trade/{tradeid}", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|179|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_trading.py"}, "region": {"startLine": 179}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /background/{jobid}."}, "properties": {"repobilityId": 89269, "scanner": "repobility-access-control", "fingerprint": "c946b70091b9b6ecc8dbf529be599c03c8df34136edef73c7452b3f0ff4dcc7f", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/background/{jobid}", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|32|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_background_tasks.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "AUC003", "level": "error", "message": {"text": "[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /pairlists/evaluate/{jobid}."}, "properties": {"repobilityId": 89268, "scanner": "repobility-access-control", "fingerprint": "20f546b2fcc7ff6b3e0495f56096915e6b79d5ca4cc7e16cc10ffbe0fa62abd7", "category": "auth", "severity": "high", "confidence": 0.7, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"path": "/pairlists/evaluate/{jobid}", "method": "GET", "scanner": "repobility-access-control", "framework": "FastAPI", "correlation_key": "code|auth|token|127|auc003", "identity_targets": ["unknown", "owner"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_pairlists.py"}, "region": {"startLine": 127}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 89211, "scanner": "repobility-threat-engine", "fingerprint": "89867cb3e762ed8c2c4c86330a9fdac08a69907eccee6075a939f313d8476773", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@router.post(\"/pairlists/evaluate\", response_model=BgJobStarted)\ndef pairlists_evaluate(\n    payload", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|89867cb3e762ed8c2c4c86330a9fdac08a69907eccee6075a939f313d8476773"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_pairlists.py"}, "region": {"startLine": 73}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 89210, "scanner": "repobility-threat-engine", "fingerprint": "ce7c45c0f9d0d257b7c0d5bdf324b18a6b7ff9e50c8d72e2364cd0cd5127f6fd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@router.post(\"/pair_history\", response_model=PairHistory, tags=[\"Candle data\"])\ndef pair_history_fil", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|ce7c45c0f9d0d257b7c0d5bdf324b18a6b7ff9e50c8d72e2364cd0cd5127f6fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_pair_history.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 89209, "scanner": "repobility-threat-engine", "fingerprint": "dc59729a1daae3b220a87aeb9decb8ec577ae75ceb09e9868d8edb35a312e117", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@router.post(\"/download_data\", response_model=BgJobStarted)\ndef pairlists_evaluate(\n    payload: Dow", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|dc59729a1daae3b220a87aeb9decb8ec577ae75ceb09e9868d8edb35a312e117"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/api_server/api_download_data.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 89206, "scanner": "repobility-threat-engine", "fingerprint": "66ed181e4b00afbc1c92a49fccc22aa7dd134af1f9cade6191e35fb58f30ab6d", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(\"rb\") as strategy_params", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|token|109|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/optimize/optimize_reports/bt_storage.py"}, "region": {"startLine": 109}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 89202, "scanner": "repobility-threat-engine", "fingerprint": "fdff616459ad31546eb4e107757be92e4730c8c043fa24cc29feb51f6405dc1b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fdff616459ad31546eb4e107757be92e4730c8c043fa24cc29feb51f6405dc1b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/optimize/backtest_caching.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 89188, "scanner": "repobility-threat-engine", "fingerprint": "dbda60457137cf2068f2277fbcb8ecc1ef9d983835acf6ebedce951a2f2ac711", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "params.update(\n            {\n                \"stopPrice\": stop_price,\n                \"opera", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|dbda60457137cf2068f2277fbcb8ecc1ef9d983835acf6ebedce951a2f2ac711"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/htx.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 89187, "scanner": "repobility-threat-engine", "fingerprint": "b220663835fe12b606790643a73f3b778ccf62c7776effbdb3a610ec0ff15f84", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "params.update({\"timeInForce\": \"IOC\"})", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b220663835fe12b606790643a73f3b778ccf62c7776effbdb3a610ec0ff15f84"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/gate.py"}, "region": {"startLine": 106}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 89186, "scanner": "repobility-threat-engine", "fingerprint": "47271a87d301b3c3d76347b446d708186d65b14a7805988780286179bac357e1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "kwargs.update({\"count\": count})", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|47271a87d301b3c3d76347b446d708186d65b14a7805988780286179bac357e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/common.py"}, "region": {"startLine": 185}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 89184, "scanner": "repobility-threat-engine", "fingerprint": "6e34a97ffb507935da1c8f88a6bf4a58ec9dd4b3d58fceee4aa3faf0b6b2a772", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6e34a97ffb507935da1c8f88a6bf4a58ec9dd4b3d58fceee4aa3faf0b6b2a772"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/kucoin.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 89183, "scanner": "repobility-threat-engine", "fingerprint": "4421cec2bda18770ee886e196abab7406551612fccd7716b3ac398452c534642", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4421cec2bda18770ee886e196abab7406551612fccd7716b3ac398452c534642"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/exchange_types.py"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 89182, "scanner": "repobility-threat-engine", "fingerprint": "160be4673191bfca7e14716b5f2c9bdf98214f5fbbe2e227791194389cc10ece", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|160be4673191bfca7e14716b5f2c9bdf98214f5fbbe2e227791194389cc10ece"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/bitget.py"}, "region": {"startLine": 204}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 89180, "scanner": "repobility-threat-engine", "fingerprint": "d99b6134df7d234ad73958d9028eb3370e3c0d39794ff4cf36088cf5b2a69bea", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d99b6134df7d234ad73958d9028eb3370e3c0d39794ff4cf36088cf5b2a69bea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/okx.py"}, "region": {"startLine": 226}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 89179, "scanner": "repobility-threat-engine", "fingerprint": "928923004fab8298c45dbc2b57d8ea01157d1c4db980d53cd8e2c36b47c9836d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|928923004fab8298c45dbc2b57d8ea01157d1c4db980d53cd8e2c36b47c9836d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/exchange/bitget.py"}, "region": {"startLine": 125}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 89178, "scanner": "repobility-threat-engine", "fingerprint": "637e400f8387ba7c8b21a71aced7783f5781f0a40f88dce670b3059d4210f5e4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|637e400f8387ba7c8b21a71aced7783f5781f0a40f88dce670b3059d4210f5e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/configuration/environment_vars.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 89173, "scanner": "repobility-threat-engine", "fingerprint": "9ea4eec8a435cf7ebc5bab2fb52f1f66d29226c9d1a8cfb406334b3aa9806c42", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(self._pairlist_url", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9ea4eec8a435cf7ebc5bab2fb52f1f66d29226c9d1a8cfb406334b3aa9806c42"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/plugins/pairlist/RemotePairList.py"}, "region": {"startLine": 169}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 89172, "scanner": "repobility-threat-engine", "fingerprint": "a93e41ec66863acf7ff39c2be2205799d0ac956346a3f1a13856db3d3782429a", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(dl_url", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a93e41ec66863acf7ff39c2be2205799d0ac956346a3f1a13856db3d3782429a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/deploy_ui.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 89171, "scanner": "repobility-threat-engine", "fingerprint": "bf4b8defc27893f53e57693254dd8e00bc34dcd8e76db138d3d00f079f1abe4e", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(\n        a", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|bf4b8defc27893f53e57693254dd8e00bc34dcd8e76db138d3d00f079f1abe4e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/deploy_commands.py"}, "region": {"startLine": 119}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 89169, "scanner": "repobility-threat-engine", "fingerprint": "a368331a06a1c0ac6137289ada0ac48a838b78355ad6ee474873a88f191d3be4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a368331a06a1c0ac6137289ada0ac48a838b78355ad6ee474873a88f191d3be4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/main.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 89168, "scanner": "repobility-threat-engine", "fingerprint": "736afbe7adaa7d1f6a42a503a66e9347271481ebb87308564a9a2af14654ab12", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|736afbe7adaa7d1f6a42a503a66e9347271481ebb87308564a9a2af14654ab12"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/hyperopt_commands.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 89167, "scanner": "repobility-threat-engine", "fingerprint": "28e6b7f635d1c849a916af0288f533f033073601b83025090a72d0208a4f6dad", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|28e6b7f635d1c849a916af0288f533f033073601b83025090a72d0208a4f6dad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/commands/data_commands.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.REPO_SCOPED_TOKEN_DEP` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.REPO_SCOPED_TOKEN_DEP }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89369, "scanner": "repobility-supply-chain", "fingerprint": "3093e3117375455cd6f8e825ce22c2879aaf8fcd856d848a90c7016846b84103", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3093e3117375455cd6f8e825ce22c2879aaf8fcd856d848a90c7016846b84103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pre-commit-types-update.yml"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.DOCKERHUB_TOKEN` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.DOCKERHUB_TOKEN }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89368, "scanner": "repobility-supply-chain", "fingerprint": "0ed813916de5c57ce5383be41355108f83c4172c2aad8f7343f86c08ed725fb0", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0ed813916de5c57ce5383be41355108f83c4172c2aad8f7343f86c08ed725fb0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 419}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.DOCKERHUB_USERNAME` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.DOCKERHUB_USERNAME }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89367, "scanner": "repobility-supply-chain", "fingerprint": "eb47c850d9aa713169a6f33130159efd4e74c6327efdfa4ce87225cda9e42646", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|eb47c850d9aa713169a6f33130159efd4e74c6327efdfa4ce87225cda9e42646"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 418}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.DISCORD_WEBHOOK` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.DISCORD_WEBHOOK }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89366, "scanner": "repobility-supply-chain", "fingerprint": "96abc8ce10f843820e4a5e2f2957fe9915071dd7f33f6e8637e75ff39d0a0db7", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|96abc8ce10f843820e4a5e2f2957fe9915071dd7f33f6e8637e75ff39d0a0db7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 417}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.DISCORD_WEBHOOK` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.DISCORD_WEBHOOK }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89365, "scanner": "repobility-supply-chain", "fingerprint": "5a011652adbdd3a921d1bfe5158df9e62a8d9a0fd5e01a723a5d90bb4ec8730a", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5a011652adbdd3a921d1bfe5158df9e62a8d9a0fd5e01a723a5d90bb4ec8730a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 290}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.DISCORD_WEBHOOK` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.DISCORD_WEBHOOK }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89364, "scanner": "repobility-supply-chain", "fingerprint": "62890c8b28ebea0aad2454b6f5ce838bafa180cce67e42daea502c80cffaf1ca", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|62890c8b28ebea0aad2454b6f5ce838bafa180cce67e42daea502c80cffaf1ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 235}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.DISCORD_WEBHOOK` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.DISCORD_WEBHOOK }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89363, "scanner": "repobility-supply-chain", "fingerprint": "5c6ef652cf6c2c1e4eee5900b084ed62f96e1015abc2b8b9b93e88c4613af2ee", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5c6ef652cf6c2c1e4eee5900b084ed62f96e1015abc2b8b9b93e88c4613af2ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 168}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "[MINED116] Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.CODECOV_TOKEN }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"repobilityId": 89362, "scanner": "repobility-supply-chain", "fingerprint": "4332fa7bd8465688659a5f0c932d68bb5c7142105f3664c45fd5e4a9f4dc1175", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4332fa7bd8465688659a5f0c932d68bb5c7142105f3664c45fd5e4a9f4dc1175"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ci.yml"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 89342, "scanner": "repobility-ast-engine", "fingerprint": "e26f2a0af26fd4a62cf9eff26c5a49f3b7e26c9bb67872529e7fa09f44f9ca49", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e26f2a0af26fd4a62cf9eff26c5a49f3b7e26c9bb67872529e7fa09f44f9ca49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "freqtrade/rpc/rpc_manager.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 89340, "scanner": "repobility-ast-engine", "fingerprint": "67dcbc2eceeb9e461ea20a756b081a5bbac41211912750db94c62b452a48d69e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|67dcbc2eceeb9e461ea20a756b081a5bbac41211912750db94c62b452a48d69e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/rpc/test_rpc_manager.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED018", "level": "error", "message": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "properties": {"repobilityId": 89162, "scanner": "repobility-threat-engine", "fingerprint": "0fc7bdf0b42c846b2c23a428dc506bb8363d0bca9d69a8c5f9aa3278b6a22bf1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "unsafe-deserialization-pickle", "owasp": "A08:2021", "cwe_ids": ["CWE-502"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347940+00:00", "triaged_in_corpus": 20, "observations_count": 58759, "ai_coder_pattern_id": 32}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0fc7bdf0b42c846b2c23a428dc506bb8363d0bca9d69a8c5f9aa3278b6a22bf1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_helpers/pre_commit_update.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "SEC116", "level": "error", "message": {"text": "[SEC116] Ruby YAML.load / Marshal.load on untrusted input: `YAML.load` (pre-3.1) and `Marshal.load` instantiate arbitrary Ruby classes \u2014 direct RCE on untrusted input. `unsafe_load` is even more dangerous."}, "properties": {"repobilityId": 89161, "scanner": "repobility-threat-engine", "fingerprint": "92de7b3283d53a1c697839d9ae3aae33274085900a214fe79a26dc44425b0dda", "category": "deserialization", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "yaml.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC116", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|token|59|sec116"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_helpers/pre_commit_update.py"}, "region": {"startLine": 59}}}]}]}]}