{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "CFG006", "name": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.", "shortDescription": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "fullDescription": {"text": "Add a .gitignore appropriate for your language/framework."}, "properties": {"scanner": "repobility-threat-engine", "category": "practices", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC134", "name": "[SEC134] AI scaffold leftover \u2014 Lorem ipsum / example.com / John Doe in code: Lorem ipsum / John Doe / example.com left ", "shortDescription": {"text": "[SEC134] AI scaffold leftover \u2014 Lorem ipsum / example.com / John Doe in code: Lorem ipsum / John Doe / example.com left in non-test code. AI agents emit these as 'reasonable defaults' when they don't know real values; the human then forgets"}, "fullDescription": {"text": "Move dummy values to fixtures / seed files. In application code, require these to come from config or fail closed. Add a CI grep that rejects 'lorem ipsum' and 'example.com' outside test files."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `FilterSourceFile` has cognitive complexity 17 (SonarSource scale). Cognit", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `FilterSourceFile` has cognitive complexity 17 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recurs"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 17."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_CI", "name": "No CI/CD configuration found", "shortDescription": {"text": "No CI/CD configuration found"}, "fullDescription": {"text": "Add a CI/CD pipeline: create .github/workflows/ci.yml for GitHub Actions with steps to lint, test, and build on every push and pull request."}, "properties": {"scanner": "repobility-core", "category": "practices", "severity": "medium", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "AUC005", "name": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or sup", "shortDescription": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "fullDescription": {"text": "Add regression tests for anonymous denial, cross-user object denial, admin role limits, and super_admin-only behavior."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "low", "confidence": 0.76, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "ERR003", "name": "[ERR003] Ignored Error (Go): Ignoring error return values.", "shortDescription": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "fullDescription": {"text": "Handle the error or use errcheck linter."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 addit", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete (and 84 more): Same pattern found in 84 additional files. Review if needed.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete (and 84 more): Same pattern found in 84 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED060", "name": "[MINED060] Go Context No Cancel: context.Background() at request handler boundary leaks goroutines.", "shortDescription": {"text": "[MINED060] Go Context No Cancel: context.Background() at request handler boundary leaks goroutines."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED112", "name": "[MINED112] FastAPI PATCH subprocess.check_output has no auth: Handler `testChangingRelevantFilesReturnsDiff` is register", "shortDescription": {"text": "[MINED112] FastAPI PATCH subprocess.check_output has no auth: Handler `testChangingRelevantFilesReturnsDiff` is registered with router/app.patch(...) but no Depends/Security parameter is declared and no auth marker appears in the function b"}, "fullDescription": {"text": "Add Depends(get_current_user) or Security(...) to the handler signature. If the route is truly public, document it with a code comment so the rule knows it's intentional."}, "properties": {"scanner": "repobility-route-auth", "category": "quality", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.foo_file` used but never assigned in __init__: Method `testChangingIrrelevantFilesReturnsNoResults` of ", "shortDescription": {"text": "[MINED108] `self.foo_file` used but never assigned in __init__: Method `testChangingIrrelevantFilesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.foo_file`, but no assignment to it exists in __init__ (and no class-level"}, "fullDescription": {"text": "Initialize `self.foo_file = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED004", "name": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).", "shortDescription": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled ", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes e"}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED016", "name": "[MINED016] Go Error Ignored: _, err := fn() with err not checked. Go anti-pattern.", "shortDescription": {"text": "[MINED016] Go Error Ignored: _, err := fn() with err not checked. Go anti-pattern."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-754 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1029"}, "properties": {"repository": "google/skia", "repoUrl": "https://github.com/google/skia", "branch": "main"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 96577, "scanner": "repobility-ast-engine", "fingerprint": "3af8798bf0653c971c3c62e6408bd9157d4451128c2ee8380d093cac4f757b92", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3af8798bf0653c971c3c62e6408bd9157d4451128c2ee8380d093cac4f757b92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT.py"}, "region": {"startLine": 609}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 96576, "scanner": "repobility-ast-engine", "fingerprint": "904069bd044341efc72e5ee2ddd97429d57c204f86c26b52fb5a36bf6e8c1471", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|904069bd044341efc72e5ee2ddd97429d57c204f86c26b52fb5a36bf6e8c1471"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT.py"}, "region": {"startLine": 471}}}]}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 96549, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Chi"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "CFG006", "level": "warning", "message": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "properties": {"repobilityId": 96545, "scanner": "repobility-threat-engine", "fingerprint": "c65fc71ce58c37a0e07837c0fe294108b731c43ef16027a2f0971c757bbe9a16", "category": "practices", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "No .gitignore file found in repository root", "evidence": {"reason": "No .gitignore file found in repository root", "rule_id": "CFG006", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "repo|practices|cfg006"}}}, {"ruleId": "SEC134", "level": "warning", "message": {"text": "[SEC134] AI scaffold leftover \u2014 Lorem ipsum / example.com / John Doe in code: Lorem ipsum / John Doe / example.com left in non-test code. AI agents emit these as 'reasonable defaults' when they don't know real values; the human then forgets to swap them. In production, these break demo flows, send mail to a real example.com host (it's owned by IANA), and leak that the codebase had an AI scaffolding pass."}, "properties": {"repobilityId": 96544, "scanner": "repobility-threat-engine", "fingerprint": "d773dfeb0fb7e1f242333bf2366f2b6460ffb6cff22197c002f9acbe84bed76d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"Lorem ipsum dolor sit amet", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC134", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d773dfeb0fb7e1f242333bf2366f2b6460ffb6cff22197c002f9acbe84bed76d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/ParagraphBench.cpp"}, "region": {"startLine": 55}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `FilterSourceFile` has cognitive complexity 17 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: break=1, for=2, if=6, nested_bonus=8."}, "properties": {"repobilityId": 96525, "scanner": "repobility-threat-engine", "fingerprint": "40a3bf233f71e90629080b0ade9a8fbfa4acde607d009574cebff8417375b704", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 17 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "FilterSourceFile", "breakdown": {"if": 6, "for": 2, "break": 1, "nested_bonus": 8}, "complexity": 17, "correlation_key": "fp|40a3bf233f71e90629080b0ade9a8fbfa4acde607d009574cebff8417375b704"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test_mocks.py"}, "region": {"startLine": 112}}}]}, {"ruleId": "CORE_NO_CI", "level": "warning", "message": {"text": "No CI/CD configuration found"}, "properties": {"repobilityId": 96524, "scanner": "repobility-core", "fingerprint": "ca5da3551af97272c4f099fc472740148135a15816b81b90bd862e8f91ec66ce", "category": "practices", "severity": "medium", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_CI", "scanner": "repobility-core", "correlation_key": "repo|practices|core_no_ci"}}}, {"ruleId": "AUC005", "level": "note", "message": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "properties": {"repobilityId": 96550, "scanner": "repobility-access-control", "fingerprint": "c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e", "category": "auth", "severity": "low", "confidence": 0.76, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Chi"], "correlation_key": "fp|c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e"}}}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96548, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7cb8b841ab5f26c4b718117231dbea24dd7e59d813a8c2df267f5820093393e2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "bench/BlurBench.cpp", "duplicate_line": 21, "correlation_key": "fp|7cb8b841ab5f26c4b718117231dbea24dd7e59d813a8c2df267f5820093393e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/MorphologyBench.cpp"}, "region": {"startLine": 22}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96547, "scanner": "repobility-ai-code-hygiene", "fingerprint": "07c5e788eec0e85e435f3b852d18420c4277c127e360563ca90ad905c647b54c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "bench/Matrix44Bench.cpp", "duplicate_line": 20, "correlation_key": "fp|07c5e788eec0e85e435f3b852d18420c4277c127e360563ca90ad905c647b54c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/MatrixBench.cpp"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96546, "scanner": "repobility-ai-code-hygiene", "fingerprint": "580a73fbab6cc1d7fc8ae7f1ade824498bceedfd4c1a0e9e3293fbd3e20591c1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "bench/HardStopGradientBench_ScaleNumColors.cpp", "duplicate_line": 8, "correlation_key": "fp|580a73fbab6cc1d7fc8ae7f1ade824498bceedfd4c1a0e9e3293fbd3e20591c1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/HardStopGradientBench_ScaleNumHardStops.cpp"}, "region": {"startLine": 10}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "properties": {"repobilityId": 96528, "scanner": "repobility-threat-engine", "fingerprint": "97b027ef97305854e74b24a714d7427e6b47288c2d2f503d9c537a6370df206d", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "_ = os.Chdir(", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|97b027ef97305854e74b24a714d7427e6b47288c2d2f503d9c537a6370df206d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bazel/exporter/bazel_query_command.go"}, "region": {"startLine": 95}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "properties": {"repobilityId": 96527, "scanner": "repobility-threat-engine", "fingerprint": "958f551bfeab6b82ba468e0b8e3555c1ba79d759bd5d1de6829bf00f80514b75", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "_ = sb.WriteString(", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|958f551bfeab6b82ba468e0b8e3555c1ba79d759bd5d1de6829bf00f80514b75"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bazel/device_specific_configs/generate/generate.go"}, "region": {"startLine": 25}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `_FindNewViolationsOfRule` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, for=2, if=2, nested_bonus=4."}, "properties": {"repobilityId": 96526, "scanner": "repobility-threat-engine", "fingerprint": "32edb7767b56792fec840206b2268d134265cc1c11d9bf747cf06c150d737655", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "_FindNewViolationsOfRule", "breakdown": {"if": 2, "for": 2, "continue": 1, "nested_bonus": 4}, "complexity": 9, "correlation_key": "fp|32edb7767b56792fec840206b2268d134265cc1c11d9bf747cf06c150d737655"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test_mocks.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 96540, "scanner": "repobility-threat-engine", "fingerprint": "2cd220107759c389357ea1e0b2a749255d62455820f15b6cc9e05e77d2c17c58", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|2cd220107759c389357ea1e0b2a749255d62455820f15b6cc9e05e77d2c17c58"}}}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete (and 84 more): Same pattern found in 84 additional files. Review if needed."}, "properties": {"repobilityId": 96536, "scanner": "repobility-threat-engine", "fingerprint": "8569fbe094b8a51f895e21e674928694ebe2084b3118e9c96b196f5b6da26acb", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 84 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|8569fbe094b8a51f895e21e674928694ebe2084b3118e9c96b196f5b6da26acb", "aggregated_count": 84}}}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 96535, "scanner": "repobility-threat-engine", "fingerprint": "f7ccfed448825af9d46201be129dbf5c305f9d95c822b4fcf3eb7269e075df01", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f7ccfed448825af9d46201be129dbf5c305f9d95c822b4fcf3eb7269e075df01"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/BenchLogger.cpp"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 96534, "scanner": "repobility-threat-engine", "fingerprint": "4c1271eddf942e11f62bd0e711ef8191fde26f808b37c652ad0be8773791ec0b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4c1271eddf942e11f62bd0e711ef8191fde26f808b37c652ad0be8773791ec0b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/AlternatingColorPatternBench.cpp"}, "region": {"startLine": 171}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 96533, "scanner": "repobility-threat-engine", "fingerprint": "16c0ec389a3d48e3c633dc602dd366162ea764c48addf0a8e824b0bc943f9858", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|16c0ec389a3d48e3c633dc602dd366162ea764c48addf0a8e824b0bc943f9858"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/AAClipBench.cpp"}, "region": {"startLine": 241}}}]}, {"ruleId": "MINED060", "level": "none", "message": {"text": "[MINED060] Go Context No Cancel: context.Background() at request handler boundary leaks goroutines."}, "properties": {"repobilityId": 96532, "scanner": "repobility-threat-engine", "fingerprint": "c20e9706e5427f608352eb45e8cb847ab9b17e263fb5f9ff5d69bd5413eeba1e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-context-no-cancel", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348041+00:00", "triaged_in_corpus": 12, "observations_count": 132905, "ai_coder_pattern_id": 110}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c20e9706e5427f608352eb45e8cb847ab9b17e263fb5f9ff5d69bd5413eeba1e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bazel/gcs_mirror/gcs_mirror.go"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI PATCH subprocess.check_output has no auth: Handler `testChangingRelevantFilesReturnsDiff` is registered with router/app.patch(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 96580, "scanner": "repobility-route-auth", "fingerprint": "24577720049b80fbd689d48067688af532edae5fe1363b2af162d31846198c9b", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|24577720049b80fbd689d48067688af532edae5fe1363b2af162d31846198c9b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI PATCH subprocess.check_output has no auth: Handler `testChangingIrrelevantFilesReturnsNoResults` is registered with router/app.patch(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 96579, "scanner": "repobility-route-auth", "fingerprint": "571550550cfce8e663c9f3f23a46c47e43bd323e0e097d815871a2859d9b07ee", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|571550550cfce8e663c9f3f23a46c47e43bd323e0e097d815871a2859d9b07ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI PATCH subprocess.check_output has no auth: Handler `testNoChangesReturnsNoResults` is registered with router/app.patch(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 96578, "scanner": "repobility-route-auth", "fingerprint": "92faaf5bb3cab87709d27a5da90c2b63489a042ec7e7925bd2f202898675efea", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|92faaf5bb3cab87709d27a5da90c2b63489a042ec7e7925bd2f202898675efea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 98}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.foo_file` used but never assigned in __init__: Method `testChangingIrrelevantFilesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.foo_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96575, "scanner": "repobility-ast-engine", "fingerprint": "dfc30a0a5705f2479c7ccaee2041aa46e135a2c4aef6600662136848089e46eb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dfc30a0a5705f2479c7ccaee2041aa46e135a2c4aef6600662136848089e46eb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 106}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.bar_file` used but never assigned in __init__: Method `testChangingIrrelevantFilesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.bar_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96574, "scanner": "repobility-ast-engine", "fingerprint": "701d1325748fbf9f578ae68eb318b71c7d6e439a065c637a68363ee30be932c4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|701d1325748fbf9f578ae68eb318b71c7d6e439a065c637a68363ee30be932c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.setContents` used but never assigned in __init__: Method `testChangingIrrelevantFilesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.setContents`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96573, "scanner": "repobility-ast-engine", "fingerprint": "64d2f726c5cedefec1b38f26c76bf28752b820eac1a4aa7791c09a2d13d0964e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|64d2f726c5cedefec1b38f26c76bf28752b820eac1a4aa7791c09a2d13d0964e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `testChangingIrrelevantFilesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96572, "scanner": "repobility-ast-engine", "fingerprint": "2d7dbda20c8cad3923c72778e73eea02bcebd93df4245acd395c6185f37997c0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2d7dbda20c8cad3923c72778e73eea02bcebd93df4245acd395c6185f37997c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.mock_output_api` used but never assigned in __init__: Method `testChangingIrrelevantFilesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.mock_output_api`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96571, "scanner": "repobility-ast-engine", "fingerprint": "8100d31320310c5c3445d930d3c88881bf274c9601ab73ab5c6f235bb5b8a431", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8100d31320310c5c3445d930d3c88881bf274c9601ab73ab5c6f235bb5b8a431"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 106}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `testNoChangesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96570, "scanner": "repobility-ast-engine", "fingerprint": "170c927986aaa6da52c87167b27fcc427f1d73f784fd2cf960c41be9b525f663", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|170c927986aaa6da52c87167b27fcc427f1d73f784fd2cf960c41be9b525f663"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.mock_output_api` used but never assigned in __init__: Method `testNoChangesReturnsNoResults` of class `RunCommandAndCheckDiffTest` reads `self.mock_output_api`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96569, "scanner": "repobility-ast-engine", "fingerprint": "253ecf4aa16c9e012a40c968e06b056fcf8cdc02bf6a80fb4799f1a27a10cd49", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|253ecf4aa16c9e012a40c968e06b056fcf8cdc02bf6a80fb4799f1a27a10cd49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.bar_file` used but never assigned in __init__: Method `setUp` of class `RunCommandAndCheckDiffTest` reads `self.bar_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96568, "scanner": "repobility-ast-engine", "fingerprint": "3ed827783c432ac122f432c4645ac4635345d0dc670580a1c284f7f9cfbf7251", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3ed827783c432ac122f432c4645ac4635345d0dc670580a1c284f7f9cfbf7251"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.foo_file` used but never assigned in __init__: Method `setUp` of class `RunCommandAndCheckDiffTest` reads `self.foo_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96567, "scanner": "repobility-ast-engine", "fingerprint": "e42b1c7455743036ad36436c02410b0ca580669b2e248f47ea2d36ddc305724d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e42b1c7455743036ad36436c02410b0ca580669b2e248f47ea2d36ddc305724d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.mock_input_api` used but never assigned in __init__: Method `setUp` of class `RunCommandAndCheckDiffTest` reads `self.mock_input_api`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96566, "scanner": "repobility-ast-engine", "fingerprint": "fc194290991e6f87bc1a5afacef8275bf942f38e2d89c71fa3158d4f34ae0fbc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fc194290991e6f87bc1a5afacef8275bf942f38e2d89c71fa3158d4f34ae0fbc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.mock_output_api` used but never assigned in __init__: Method `setUp` of class `RunCommandAndCheckDiffTest` reads `self.mock_output_api`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96565, "scanner": "repobility-ast-engine", "fingerprint": "747f9ccc9fa578020bad3b2fdbeae659c663fc16e1520d2aafee374293737ab4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|747f9ccc9fa578020bad3b2fdbeae659c663fc16e1520d2aafee374293737ab4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.mock_input_api` used but never assigned in __init__: Method `setUp` of class `RunCommandAndCheckDiffTest` reads `self.mock_input_api`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96564, "scanner": "repobility-ast-engine", "fingerprint": "19e8eb24d4705d2b57104e63d9d948997345829c57f9391af7b208ccb863d9af", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|19e8eb24d4705d2b57104e63d9d948997345829c57f9391af7b208ccb863d9af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.bar_file` used but never assigned in __init__: Method `setUp` of class `RunCommandAndCheckDiffTest` reads `self.bar_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96563, "scanner": "repobility-ast-engine", "fingerprint": "3c65ed012f693bc8c1bc7e873a01a956ac6057d075fef13d3e5fbd9c27cb70a4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3c65ed012f693bc8c1bc7e873a01a956ac6057d075fef13d3e5fbd9c27cb70a4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.foo_file` used but never assigned in __init__: Method `setUp` of class `RunCommandAndCheckDiffTest` reads `self.foo_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96562, "scanner": "repobility-ast-engine", "fingerprint": "35699fbd3273fb11e908ad07788ba0149bb8bf08391a98d6f53d786c9695eec6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|35699fbd3273fb11e908ad07788ba0149bb8bf08391a98d6f53d786c9695eec6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `testUpdatePublicHeaderAndReleaseNoteGeneratesNoWarning` of class `ReleaseNotesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96561, "scanner": "repobility-ast-engine", "fingerprint": "4ca55ebd097f8e439a17b5a5391b046cce5b18495fc75b60407355885de3250d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4ca55ebd097f8e439a17b5a5391b046cce5b18495fc75b60407355885de3250d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertIsInstance` used but never assigned in __init__: Method `testUpdatePublicHeaderAndNoReleaseNoteGeneratesWarning` of class `ReleaseNotesTest` reads `self.assertIsInstance`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96560, "scanner": "repobility-ast-engine", "fingerprint": "161921331aede1b8dccd0925ec9089aa691a3a09c34a193e4de50df1ee2a8e37", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|161921331aede1b8dccd0925ec9089aa691a3a09c34a193e4de50df1ee2a8e37"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `testUpdatePublicHeaderAndNoReleaseNoteGeneratesWarning` of class `ReleaseNotesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96559, "scanner": "repobility-ast-engine", "fingerprint": "58187e1107e73f85d03c339cf0818db6b7950f8a842e8e12f8553aa7f690275d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|58187e1107e73f85d03c339cf0818db6b7950f8a842e8e12f8553aa7f690275d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `testUpdateTopReleaseNotesNoWarning` of class `ReleaseNotesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96558, "scanner": "repobility-ast-engine", "fingerprint": "f9eb41a92eece36fd8cd7afdd52ff1bd35efdf2cc784e54d5535d575b29d78ee", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9eb41a92eece36fd8cd7afdd52ff1bd35efdf2cc784e54d5535d575b29d78ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertTrue` used but never assigned in __init__: Method `testUpdateTopReleaseNotesIssuesWarning` of class `ReleaseNotesTest` reads `self.assertTrue`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96557, "scanner": "repobility-ast-engine", "fingerprint": "057aae0c13b1f5f4b5b8e6f7e1f25d7fbc2efd35d3837904061ffdd26020765e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|057aae0c13b1f5f4b5b8e6f7e1f25d7fbc2efd35d3837904061ffdd26020765e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertIsInstance` used but never assigned in __init__: Method `testUpdateTopReleaseNotesIssuesWarning` of class `ReleaseNotesTest` reads `self.assertIsInstance`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96556, "scanner": "repobility-ast-engine", "fingerprint": "2ece15d546ee05616591d930b28e82f53f6609da3a4484210bfda6942604e011", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2ece15d546ee05616591d930b28e82f53f6609da3a4484210bfda6942604e011"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `testUpdateTopReleaseNotesIssuesWarning` of class `ReleaseNotesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96555, "scanner": "repobility-ast-engine", "fingerprint": "660eedb696c69b53a4aaf5ded0c92b1491314154a068b7a65055f6c9de584f8e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|660eedb696c69b53a4aaf5ded0c92b1491314154a068b7a65055f6c9de584f8e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `testNoEditTopReleaseNotesNoWarning` of class `ReleaseNotesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96554, "scanner": "repobility-ast-engine", "fingerprint": "81a2385bc9878c8a9c594bf023857a2e160937173115826339b9c9736dba6c23", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|81a2385bc9878c8a9c594bf023857a2e160937173115826339b9c9736dba6c23"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._local_path` used but never assigned in __init__: Method `AbsoluteLocalPath` of class `MockAffectedFile` reads `self._local_path`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96553, "scanner": "repobility-ast-engine", "fingerprint": "96ecbec537356e4a2b687e63bc8cd19ddc685e87a50ba0833379fd7f8949f6e3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|96ecbec537356e4a2b687e63bc8cd19ddc685e87a50ba0833379fd7f8949f6e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test_mocks.py"}, "region": {"startLine": 262}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.AffectedFiles` used but never assigned in __init__: Method `AffectedSourceFiles` of class `MockInputApi` reads `self.AffectedFiles`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96552, "scanner": "repobility-ast-engine", "fingerprint": "6e0e6909fd0a50b2357d8c15154e15a8efaf4373a512e57c93cfdddf4a63fe55", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6e0e6909fd0a50b2357d8c15154e15a8efaf4373a512e57c93cfdddf4a63fe55"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test_mocks.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.AffectedSourceFiles` used but never assigned in __init__: Method `RightHandSideLines` of class `MockInputApi` reads `self.AffectedSourceFiles`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 96551, "scanner": "repobility-ast-engine", "fingerprint": "df72aa7353089d76edcc841c7af99e938cddfe9a62a6045e8b063cd0cffb230a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|df72aa7353089d76edcc841c7af99e938cddfe9a62a6045e8b063cd0cffb230a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PRESUBMIT_test_mocks.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 96543, "scanner": "repobility-threat-engine", "fingerprint": "f169f0b62667bd58ce1040acb1d64ace00582bc0c785e7d966c0c72536c0033d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f169f0b62667bd58ce1040acb1d64ace00582bc0c785e7d966c0c72536c0033d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "dm/DMJsonWriter.h"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 96542, "scanner": "repobility-threat-engine", "fingerprint": "fce8890c81a71d0d41cbcec7d69f5ccd0149f90a3ef66d441fdcdff3b52d7465", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fce8890c81a71d0d41cbcec7d69f5ccd0149f90a3ef66d441fdcdff3b52d7465"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "dm/DMJsonWriter.cpp"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 96541, "scanner": "repobility-threat-engine", "fingerprint": "b7f364fc6cbfa36e783cc3e66e664fe42f0f857d5104c7de2f3042eea6c1b858", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b7f364fc6cbfa36e783cc3e66e664fe42f0f857d5104c7de2f3042eea6c1b858"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/ChecksumBench.cpp"}, "region": {"startLine": 67}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 96539, "scanner": "repobility-threat-engine", "fingerprint": "a4b4e5829409b799aedd1d042940ee8364a39f8551156f9e9c84332a8ae86629", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "ctx.save();", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a4b4e5829409b799aedd1d042940ee8364a39f8551156f9e9c84332a8ae86629"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "demos.skia.org/demos/path_performance/shared.js"}, "region": {"startLine": 89}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 96538, "scanner": "repobility-threat-engine", "fingerprint": "4c3c2742017eedc54aab722e7677ac0797f4b9ac7e314e41a7d1048d86f6088f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "decodedImage.delete();", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|4c3c2742017eedc54aab722e7677ac0797f4b9ac7e314e41a7d1048d86f6088f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "demos.skia.org/demos/image_decode_web_worker/main.js"}, "region": {"startLine": 47}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 96537, "scanner": "repobility-threat-engine", "fingerprint": "8f57f4bc34a744f66b256f275f4c6f191ae14cd865b1c828ec01174632abd7bb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "canvas.save();", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8f57f4bc34a744f66b256f275f4c6f191ae14cd865b1c828ec01174632abd7bb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bench/BlurImageFilterBench.cpp"}, "region": {"startLine": 48}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 96531, "scanner": "repobility-threat-engine", "fingerprint": "afaad4b20df9627f39f24b453230649ee8a67c8e94d9b0ba7cbca7d64fe64457", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "http.Get(u", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|afaad4b20df9627f39f24b453230649ee8a67c8e94d9b0ba7cbca7d64fe64457"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bazel/gcs_mirror/gcs_mirror.go"}, "region": {"startLine": 120}}}]}, {"ruleId": "MINED016", "level": "error", "message": {"text": "[MINED016] Go Error Ignored: _, err := fn() with err not checked. Go anti-pattern."}, "properties": {"repobilityId": 96530, "scanner": "repobility-threat-engine", "fingerprint": "3fa4f7915e90dbb94de99744c0471549a07171f30c4753fa9df87a73a8965e96", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-error-ignored", "owasp": null, "cwe_ids": ["CWE-754"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347935+00:00", "triaged_in_corpus": 15, "observations_count": 83036, "ai_coder_pattern_id": 107}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3fa4f7915e90dbb94de99744c0471549a07171f30c4753fa9df87a73a8965e96"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bazel/gcs_mirror/gcs_mirror.go"}, "region": {"startLine": 175}}}]}, {"ruleId": "MINED016", "level": "error", "message": {"text": "[MINED016] Go Error Ignored: _, err := fn() with err not checked. Go anti-pattern."}, "properties": {"repobilityId": 96529, "scanner": "repobility-threat-engine", "fingerprint": "fc5524090768bb8bfa7882bce42c8aa5a8d5c2f9a59330c7c4209f63177e280f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-error-ignored", "owasp": null, "cwe_ids": ["CWE-754"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347935+00:00", "triaged_in_corpus": 15, "observations_count": 83036, "ai_coder_pattern_id": 107}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fc5524090768bb8bfa7882bce42c8aa5a8d5c2f9a59330c7c4209f63177e280f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bazel/exporter/bazel_query_command.go"}, "region": {"startLine": 55}}}]}]}]}