{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "SEC005", "name": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.", "shortDescription": {"text": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input."}, "fullDescription": {"text": "Use subprocess with shell=False and a list of args. Never eval user input."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 0.5, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `run_lldb_for_tests` has cognitive complexity 10 (SonarSource scale). Cogn", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `run_lldb_for_tests` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recu"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 10."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED080", "name": "[MINED080] Cpp Using Namespace Std (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED080] Cpp Using Namespace Std (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED034", "name": "[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command injection.", "shortDescription": {"text": "[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command injection."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `dorny/paths-filter` pinned to mutable ref `@v3`", "shortDescription": {"text": "Action `dorny/paths-filter` pinned to mutable ref `@v3`"}, "fullDescription": {"text": "`uses: dorny/paths-filter@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self._decode_posix_signal` used but never assigned in __init__", "shortDescription": {"text": "`self._decode_posix_signal` used but never assigned in __init__"}, "fullDescription": {"text": "Method `run_test_once` of class `TestRunner` reads `self._decode_posix_signal`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED116", "name": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger", "shortDescription": {"text": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger"}, "fullDescription": {"text": "This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.GIST_SECRET }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "critical", "confidence": 0.9, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/536"}, "properties": {"repository": "imakris/sintra", "repoUrl": "https://github.com/imakris/sintra.git", "branch": "master"}, "results": [{"ruleId": "SEC005", "level": "warning", "message": {"text": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input."}, "properties": {"repobilityId": 33065, "scanner": "repobility-threat-engine", "fingerprint": "0ce12c80ccbcc0e9d4830e84c9cc72f5d9b9d7cf5f732b05c36cd4a408e76501", "category": "injection", "severity": "medium", "confidence": 0.5, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "shell=True detected \u2014 verify command source is not user-controllable", "evidence": {"match": "subprocess.run(\n        cmd,\n        shell=True", "reason": "shell=True detected \u2014 verify command source is not user-controllable", "rule_id": "SEC005", "scanner": "repobility-threat-engine", "confidence": 0.5, "correlation_key": "code|injection|trigger_ci.py|22|sec005"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "trigger_ci.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 33055, "scanner": "repobility-threat-engine", "fingerprint": "5dced3f04265a57ac81dab22e64638e6175bbd32d706f7b4bbdf5abc30c12239", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".exec(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|130|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "example/qt_basic/cursor_sync_sender.cpp"}, "region": {"startLine": 130}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 33054, "scanner": "repobility-threat-engine", "fingerprint": "55041d72971f3d592d2a523357c71856448dc43049fe91624fd35190fc2b9130", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".exec(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|148|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "example/qt_basic/cursor_sync_receiver.cpp"}, "region": {"startLine": 148}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33021, "scanner": "repobility-ast-engine", "fingerprint": "5b541958788f405522e2b6537b9d8bbad66d1c066bb58c679af0cefd021cec5f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5b541958788f405522e2b6537b9d8bbad66d1c066bb58c679af0cefd021cec5f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/windows.py"}, "region": {"startLine": 220}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33020, "scanner": "repobility-ast-engine", "fingerprint": "09fd992eb3bf3199d15b2e76f6f2dd18ae1fc394f00f4fe72755b9027cbae823", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09fd992eb3bf3199d15b2e76f6f2dd18ae1fc394f00f4fe72755b9027cbae823"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/windows.py"}, "region": {"startLine": 212}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33019, "scanner": "repobility-ast-engine", "fingerprint": "217c9ec84039d8c0cbb0b7edf1463a8478eba6306af75196f12da62f26cfdbed", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|217c9ec84039d8c0cbb0b7edf1463a8478eba6306af75196f12da62f26cfdbed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/windows.py"}, "region": {"startLine": 198}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33018, "scanner": "repobility-ast-engine", "fingerprint": "7ade515eae26f6a0a1cd19a30b028858209bac8725ad9411b6e4647fdd273f92", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7ade515eae26f6a0a1cd19a30b028858209bac8725ad9411b6e4647fdd273f92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/windows.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33017, "scanner": "repobility-ast-engine", "fingerprint": "d913e46af866ebafd25381ae499eb2017c360bbd399822ee2362e8d64fae341f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d913e46af866ebafd25381ae499eb2017c360bbd399822ee2362e8d64fae341f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/windows.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33016, "scanner": "repobility-ast-engine", "fingerprint": "c5e7f59b4524944da94c6a64233a4745147a27bde5069dacd4d88cc75687bda4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c5e7f59b4524944da94c6a64233a4745147a27bde5069dacd4d88cc75687bda4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/posix.py"}, "region": {"startLine": 327}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33015, "scanner": "repobility-ast-engine", "fingerprint": "4039b53b688172e66044a36aae0d93b69a38e8173e6c5fa4ea7394fff2d1ffd6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4039b53b688172e66044a36aae0d93b69a38e8173e6c5fa4ea7394fff2d1ffd6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/posix.py"}, "region": {"startLine": 322}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33014, "scanner": "repobility-ast-engine", "fingerprint": "ad8480a50a0596cc69acb4da8f102e93e59f10b798c28760ceee5b46280dfb9d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ad8480a50a0596cc69acb4da8f102e93e59f10b798c28760ceee5b46280dfb9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/posix.py"}, "region": {"startLine": 314}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33013, "scanner": "repobility-ast-engine", "fingerprint": "1fe29860103404f7a563daeab0ea6a3301f8592cfe8b2f67682b5251f2961bf2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1fe29860103404f7a563daeab0ea6a3301f8592cfe8b2f67682b5251f2961bf2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/posix.py"}, "region": {"startLine": 296}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33012, "scanner": "repobility-ast-engine", "fingerprint": "e806a875602283c55837e1942b3aeda6f80ec4048fbe979b82d44c93ef6be16e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e806a875602283c55837e1942b3aeda6f80ec4048fbe979b82d44c93ef6be16e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/posix.py"}, "region": {"startLine": 187}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33011, "scanner": "repobility-ast-engine", "fingerprint": "ff0591bfc062d47ff71971afa11af988ffe98cbf27586e9f8e51d63661cab5cc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ff0591bfc062d47ff71971afa11af988ffe98cbf27586e9f8e51d63661cab5cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/posix.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33010, "scanner": "repobility-ast-engine", "fingerprint": "6f42d7d955297f8ec33a29dbcf5e5e53cc475c0d74d3cdb2e4e9c842a023dacf", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6f42d7d955297f8ec33a29dbcf5e5e53cc475c0d74d3cdb2e4e9c842a023dacf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/posix.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33009, "scanner": "repobility-ast-engine", "fingerprint": "6cebe1d526871069737426457d806112844377a7072c91199f57dbf1e0ff7de5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6cebe1d526871069737426457d806112844377a7072c91199f57dbf1e0ff7de5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/utils.py"}, "region": {"startLine": 94}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33008, "scanner": "repobility-ast-engine", "fingerprint": "443821da2aefb3813f9086c7f4ef3cb11a7f6901d6e870a4168e218b1553bed6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|443821da2aefb3813f9086c7f4ef3cb11a7f6901d6e870a4168e218b1553bed6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/utils.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33007, "scanner": "repobility-ast-engine", "fingerprint": "dde53689284fba772fae854016727dbc99e9a91adeb5138b946f565fc5fd27c1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dde53689284fba772fae854016727dbc99e9a91adeb5138b946f565fc5fd27c1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/debuggers/unix.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33006, "scanner": "repobility-ast-engine", "fingerprint": "1ee76f4f917662323123eee68aafe512a6502628ba767d55a8d5fd6d2e716db7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1ee76f4f917662323123eee68aafe512a6502628ba767d55a8d5fd6d2e716db7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1806}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33005, "scanner": "repobility-ast-engine", "fingerprint": "96c02c21f044624522db4e78b6e511d36dc5510a314ce8ff3a4ea65a4661365e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|96c02c21f044624522db4e78b6e511d36dc5510a314ce8ff3a4ea65a4661365e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1795}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33004, "scanner": "repobility-ast-engine", "fingerprint": "d94e9427da914ba058d062a0f91e09252138b020d0f3b4ee093770afd9e79102", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d94e9427da914ba058d062a0f91e09252138b020d0f3b4ee093770afd9e79102"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1740}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33003, "scanner": "repobility-ast-engine", "fingerprint": "d8c3680f4f4f9d7acc5b5656aa82a279e08320fe0f060e789e1dfa47cdeee6a0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d8c3680f4f4f9d7acc5b5656aa82a279e08320fe0f060e789e1dfa47cdeee6a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1734}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33002, "scanner": "repobility-ast-engine", "fingerprint": "57070303df7b1199288e2488d5a659dae5eb32c70cebb2dea60f83970c967fb5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|57070303df7b1199288e2488d5a659dae5eb32c70cebb2dea60f83970c967fb5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1345}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33001, "scanner": "repobility-ast-engine", "fingerprint": "0cba8eaffa0858a09054b6f85a6859d281dfc1df891233660578b7d1c4015d76", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0cba8eaffa0858a09054b6f85a6859d281dfc1df891233660578b7d1c4015d76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1044}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 33000, "scanner": "repobility-ast-engine", "fingerprint": "cf6162d874691471ff75588a4d55ee418f579044a6be7d36f8cd1336646e3794", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf6162d874691471ff75588a4d55ee418f579044a6be7d36f8cd1336646e3794"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 460}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 32999, "scanner": "repobility-ast-engine", "fingerprint": "e60f344ae25d98084e66acb0bf8d94fdfa9a034a0b909f60d71c0e479ea93641", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e60f344ae25d98084e66acb0bf8d94fdfa9a034a0b909f60d71c0e479ea93641"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 2067}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 32998, "scanner": "repobility-ast-engine", "fingerprint": "99e019fd9fc0d69bf345902d2519fa1b660cb57cdd23082ce5508e1eb6bc291f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|99e019fd9fc0d69bf345902d2519fa1b660cb57cdd23082ce5508e1eb6bc291f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 2011}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 32997, "scanner": "repobility-ast-engine", "fingerprint": "6bcd80fa5b2a9e9fff7ce0523359c4739bf51ab1ad190a8b4d43a8fbfcf038fa", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6bcd80fa5b2a9e9fff7ce0523359c4739bf51ab1ad190a8b4d43a8fbfcf038fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 543}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `run_lldb_for_tests` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, except=1, for=2, if=2, nested_bonus=3, ternary=1."}, "properties": {"repobilityId": 33064, "scanner": "repobility-threat-engine", "fingerprint": "8de71faefdad5e0f6542e9072ec1a6b5465c9356efaae2cdacd8d16227d91148", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "run_lldb_for_tests", "breakdown": {"if": 2, "for": 2, "except": 1, "ternary": 1, "continue": 1, "nested_bonus": 3}, "complexity": 10, "correlation_key": "fp|8de71faefdad5e0f6542e9072ec1a6b5465c9356efaae2cdacd8d16227d91148"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/collect_lldb_backtraces.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `collect_ctest_metadata` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: break=1, continue=1, for=2, if=2, nested_bonus=4."}, "properties": {"repobilityId": 33063, "scanner": "repobility-threat-engine", "fingerprint": "011303007262318a0d60d827fba111b268927577861171de9141eb4c833fdd96", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "collect_ctest_metadata", "breakdown": {"if": 2, "for": 2, "break": 1, "continue": 1, "nested_bonus": 4}, "complexity": 10, "correlation_key": "fp|011303007262318a0d60d827fba111b268927577861171de9141eb4c833fdd96"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/collect_lldb_backtraces.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32971, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c7e72eacb965aa6633fcb2923fab9ef06743334679de577ff359733eb0edbf01", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/leave_lifecycle_test.cpp", "duplicate_line": 113, "correlation_key": "fp|c7e72eacb965aa6633fcb2923fab9ef06743334679de577ff359733eb0edbf01"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/teardown_targeted_rpc_exception_test.cpp"}, "region": {"startLine": 199}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32970, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e36e17b4a827fb469400a1047f26a9c717421e712e6c36574b62e56b3cf0add3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_guardrails_test.cpp", "duplicate_line": 2, "correlation_key": "fp|e36e17b4a827fb469400a1047f26a9c717421e712e6c36574b62e56b3cf0add3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/teardown_targeted_rpc_exception_test.cpp"}, "region": {"startLine": 28}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32969, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c5d132b66d8ffb422e4606a7cb9f98f356b949a80376a4a40631399d1abd2679", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/external_process_invitation_test.cpp", "duplicate_line": 139, "correlation_key": "fp|c5d132b66d8ffb422e4606a7cb9f98f356b949a80376a4a40631399d1abd2679"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/spinlock_recovery_test.cpp"}, "region": {"startLine": 81}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32968, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fd8ccd6ce7291efec034b159cc87eeb0d5311b598cbca4e840320bf1034436fd", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_delivery_fence_repro_test.cpp", "duplicate_line": 222, "correlation_key": "fp|fd8ccd6ce7291efec034b159cc87eeb0d5311b598cbca4e840320bf1034436fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/shutdown_helper_test.cpp"}, "region": {"startLine": 14}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32967, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1a8e14ec55d40def99af5c2b1c360df1fbddf4c55b4537933bfb3046a9445eef", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/runner/platform/posix.py", "duplicate_line": 271, "correlation_key": "fp|1a8e14ec55d40def99af5c2b1c360df1fbddf4c55b4537933bfb3046a9445eef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/runner/platform/windows.py"}, "region": {"startLine": 187}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32966, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d44d8ebc9c65fea16d45d02e34820107c565ff6697505654912d86ca708aa826", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/recovery_policy_test.cpp", "duplicate_line": 54, "correlation_key": "fp|d44d8ebc9c65fea16d45d02e34820107c565ff6697505654912d86ca708aa826"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/recovery_runner_thread_test.cpp"}, "region": {"startLine": 53}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32965, "scanner": "repobility-ai-code-hygiene", "fingerprint": "77cc99695b2d86e6c4d97119270cd88ab3771420f8a76553344c0f7f28e96e92", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_delivery_fence_repro_test.cpp", "duplicate_line": 1, "correlation_key": "fp|77cc99695b2d86e6c4d97119270cd88ab3771420f8a76553344c0f7f28e96e92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/manual/barrier_delivery_fence_repro_test.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32964, "scanner": "repobility-ai-code-hygiene", "fingerprint": "236c5705ed24bb13dca35a88560ec186dbab6c7d7a093eb9dd9fd6d46335ac32", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_guardrails_test.cpp", "duplicate_line": 2, "correlation_key": "fp|236c5705ed24bb13dca35a88560ec186dbab6c7d7a093eb9dd9fd6d46335ac32"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/leave_lifecycle_test.cpp"}, "region": {"startLine": 8}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32963, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3d44ac529c4d7c7d4250673ccf3ec96a651caa51b2f8e2d14753d36e3be57d8b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_guardrails_test.cpp", "duplicate_line": 2, "correlation_key": "fp|3d44ac529c4d7c7d4250673ccf3ec96a651caa51b2f8e2d14753d36e3be57d8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/leave_coordinator_guardrails_test.cpp"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32962, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b2f37621385f6f1dc53a42e76093bd4f2e987b2bd98020f52553508963ae77b4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/external_process_invitation_lifecycle_negative_test.cpp", "duplicate_line": 177, "correlation_key": "fp|b2f37621385f6f1dc53a42e76093bd4f2e987b2bd98020f52553508963ae77b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/external_process_invitation_test.cpp"}, "region": {"startLine": 100}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32961, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d9795edfcd88db48e897477f5623998f359db2ada5e1aa48d59260c700cc639f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/external_process_invitation_rejection_cleanup_test.cpp", "duplicate_line": 52, "correlation_key": "fp|d9795edfcd88db48e897477f5623998f359db2ada5e1aa48d59260c700cc639f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/external_process_invitation_test.cpp"}, "region": {"startLine": 44}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32960, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9d40535c3828440b1df68288443ed40375437bc601a580cdd63d6153f7ae79b7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/external_process_invitation_admission_negative_test.cpp", "duplicate_line": 27, "correlation_key": "fp|9d40535c3828440b1df68288443ed40375437bc601a580cdd63d6153f7ae79b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/external_process_invitation_test.cpp"}, "region": {"startLine": 23}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32959, "scanner": "repobility-ai-code-hygiene", "fingerprint": "12954324f99425d0549ea44d57b19bf99a458589853cca7f974d45fd34064e4e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/external_process_invitation_lifecycle_negative_test.cpp", "duplicate_line": 177, "correlation_key": "fp|12954324f99425d0549ea44d57b19bf99a458589853cca7f974d45fd34064e4e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/external_process_invitation_rejection_cleanup_test.cpp"}, "region": {"startLine": 108}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32958, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4833f43e730c5b2c79a5863726c7bf38697286020a1fbe3510ef97223d276ade", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/external_process_invitation_admission_negative_test.cpp", "duplicate_line": 27, "correlation_key": "fp|4833f43e730c5b2c79a5863726c7bf38697286020a1fbe3510ef97223d276ade"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/external_process_invitation_rejection_cleanup_test.cpp"}, "region": {"startLine": 31}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32957, "scanner": "repobility-ai-code-hygiene", "fingerprint": "45d99bcba847e67d6668be3fbb6f9fa9c899710748fd0bc90a18c00a45e30199", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/external_process_invitation_admission_negative_test.cpp", "duplicate_line": 29, "correlation_key": "fp|45d99bcba847e67d6668be3fbb6f9fa9c899710748fd0bc90a18c00a45e30199"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/external_process_invitation_lifecycle_negative_test.cpp"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32956, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b3cf55c3c769a3f1e3518838db49cda057445f0d49041df56cc8587d7b32cfa2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_delivery_fence_repro_test.cpp", "duplicate_line": 244, "correlation_key": "fp|b3cf55c3c769a3f1e3518838db49cda057445f0d49041df56cc8587d7b32cfa2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/barrier_flush_test.cpp"}, "region": {"startLine": 188}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32955, "scanner": "repobility-ai-code-hygiene", "fingerprint": "92868e35a92f707cb99d96a82889849e380294b1c36c6e8856c264a823e243d6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_complex_choreography_test.cpp", "duplicate_line": 358, "correlation_key": "fp|92868e35a92f707cb99d96a82889849e380294b1c36c6e8856c264a823e243d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/barrier_flush_test.cpp"}, "region": {"startLine": 184}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 32954, "scanner": "repobility-ai-code-hygiene", "fingerprint": "740445df3234cb5a6d74758f9db553bcf3c8be97c01e21f1e76bd64729a49d31", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/barrier_complex_choreography_test.cpp", "duplicate_line": 358, "correlation_key": "fp|740445df3234cb5a6d74758f9db553bcf3c8be97c01e21f1e76bd64729a49d31"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/barrier_delivery_fence_repro_test.cpp"}, "region": {"startLine": 240}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 33067, "scanner": "repobility-threat-engine", "fingerprint": "e5d76da4e72fe5d61427f867a7a72d3a2e94351028abff61d751a9e31c8f213e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e5d76da4e72fe5d61427f867a7a72d3a2e94351028abff61d751a9e31c8f213e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "trigger_ci.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 33062, "scanner": "repobility-threat-engine", "fingerprint": "c902da29cf1285e29e2892c25fe28769c1d56a1e455a3d68fef1fa89287c2dc6", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|c902da29cf1285e29e2892c25fe28769c1d56a1e455a3d68fef1fa89287c2dc6", "aggregated_count": 3}}}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 33061, "scanner": "repobility-threat-engine", "fingerprint": "05a9b76f954a563a929d6e3354ee293d983b8a761489391454045edcc809cad6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|05a9b76f954a563a929d6e3354ee293d983b8a761489391454045edcc809cad6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "example/sintra/sintra_example_2_rpc_append.cpp"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 33060, "scanner": "repobility-threat-engine", "fingerprint": "635855552f822dec4e840e40e9cafe50cfc20187addd19861b730c1d8bbf9d18", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|635855552f822dec4e840e40e9cafe50cfc20187addd19861b730c1d8bbf9d18"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "example/sintra/sintra_example_1_ping_pong_multi.cpp"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 33059, "scanner": "repobility-threat-engine", "fingerprint": "14438ec2d2b7092dbd57cba73c6bcdbd4e2ca7791c0ba5f4f38dadf658da9619", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|14438ec2d2b7092dbd57cba73c6bcdbd4e2ca7791c0ba5f4f38dadf658da9619"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "example/sintra/sintra_example_0_basic_pubsub.cpp"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 33058, "scanner": "repobility-threat-engine", "fingerprint": "0f925a25cf84301f7956294d6b88da00960754e920fcc535543c7d832a2392c9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0f925a25cf84301f7956294d6b88da00960754e920fcc535543c7d832a2392c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "include/sintra/detail/messaging/process_message_reader.h"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 33057, "scanner": "repobility-threat-engine", "fingerprint": "9949ff7e38130f8e87956266aacf9536d6bff67df7bc9b404dd7125229d7736d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9949ff7e38130f8e87956266aacf9536d6bff67df7bc9b404dd7125229d7736d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "example/qt_basic/cursor_sync_sender.cpp"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 33056, "scanner": "repobility-threat-engine", "fingerprint": "37f59132b17d8e610bb6c919abed16a476567eca0f5e72ec3ee4c4fc53a09354", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|37f59132b17d8e610bb6c919abed16a476567eca0f5e72ec3ee4c4fc53a09354"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "example/qt_basic/cursor_sync_receiver.cpp"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED034", "level": "error", "message": {"text": "[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command injection."}, "properties": {"repobilityId": 33066, "scanner": "repobility-threat-engine", "fingerprint": "f3aa3298ab77e7da0cc54c0893fc4d0d71f018850fb81b96ce54c8691ca9ea78", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-subprocess-shell-true", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347977+00:00", "triaged_in_corpus": 15, "observations_count": 3478, "ai_coder_pattern_id": 118}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f3aa3298ab77e7da0cc54c0893fc4d0d71f018850fb81b96ce54c8691ca9ea78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "trigger_ci.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `dorny/paths-filter` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 33053, "scanner": "repobility-supply-chain", "fingerprint": "dfbf0e3231d1675fd5ee0bac290ee90da4b1f3f6288f45cdd492289d525d2a2d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|dfbf0e3231d1675fd5ee0bac290ee90da4b1f3f6288f45cdd492289d525d2a2d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-windows.yml"}, "region": {"startLine": 112}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33052, "scanner": "repobility-supply-chain", "fingerprint": "a7b834a0184e865c572aa7ba480328393183646b54f4a7b2ecb8fc8813e9af10", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a7b834a0184e865c572aa7ba480328393183646b54f4a7b2ecb8fc8813e9af10"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-windows.yml"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `schneegans/dynamic-badges-action` pinned to mutable ref `@v1.7.0`"}, "properties": {"repobilityId": 33049, "scanner": "repobility-supply-chain", "fingerprint": "265cced0e05bffc1dc35a00da2b374fc2a4d5471e9b55990f191fe381b99869a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|265cced0e05bffc1dc35a00da2b374fc2a4d5471e9b55990f191fe381b99869a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-windows.yml"}, "region": {"startLine": 180}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33048, "scanner": "repobility-supply-chain", "fingerprint": "248046b7132e5a7d8721fc9788f9ae0759aa66ea2eb99421bfe3cacc1481b4a6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|248046b7132e5a7d8721fc9788f9ae0759aa66ea2eb99421bfe3cacc1481b4a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-windows.yml"}, "region": {"startLine": 172}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `dorny/paths-filter` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 33047, "scanner": "repobility-supply-chain", "fingerprint": "5f2a013ea15dccc7745bf17189b438eb0bcf4abacaf19314f6d5c713d2728c31", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5f2a013ea15dccc7745bf17189b438eb0bcf4abacaf19314f6d5c713d2728c31"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-windows.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33046, "scanner": "repobility-supply-chain", "fingerprint": "47dcff561c4a749ca2eacda8c02b356cae71ed8dc278e97d777d99d7681023a7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|47dcff561c4a749ca2eacda8c02b356cae71ed8dc278e97d777d99d7681023a7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-windows.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `schneegans/dynamic-badges-action` pinned to mutable ref `@v1.7.0`"}, "properties": {"repobilityId": 33043, "scanner": "repobility-supply-chain", "fingerprint": "d60a7ea302f86a5d04026654b0e4e1cbfde5bb568ded10a3e05253fc7a74812d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d60a7ea302f86a5d04026654b0e4e1cbfde5bb568ded10a3e05253fc7a74812d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-linux.yml"}, "region": {"startLine": 168}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33042, "scanner": "repobility-supply-chain", "fingerprint": "794e7404d8140fc316ef118aaf7b5495c22f0843ebaa0ce8bbacd85493173020", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|794e7404d8140fc316ef118aaf7b5495c22f0843ebaa0ce8bbacd85493173020"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-linux.yml"}, "region": {"startLine": 160}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/cache` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33041, "scanner": "repobility-supply-chain", "fingerprint": "85c1fa3ac97978b15598741231054ab961ba58ddea75e6ce0c77d10699515a9c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|85c1fa3ac97978b15598741231054ab961ba58ddea75e6ce0c77d10699515a9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-linux.yml"}, "region": {"startLine": 101}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `dorny/paths-filter` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 33040, "scanner": "repobility-supply-chain", "fingerprint": "a479d8c3c73c350e1bc0c4481baf405da89d6526c19ef35ad779a59f8eb2b9a3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a479d8c3c73c350e1bc0c4481baf405da89d6526c19ef35ad779a59f8eb2b9a3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-linux.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33039, "scanner": "repobility-supply-chain", "fingerprint": "0fb6fc0a76a0c0061f04b0d42b3b090fe45d57756e51a7f10db0a83047c748cf", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0fb6fc0a76a0c0061f04b0d42b3b090fe45d57756e51a7f10db0a83047c748cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-linux.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33037, "scanner": "repobility-supply-chain", "fingerprint": "6724696a07091ce79f81edcc675e38dd134068e1ac9907946a05c8267ddf3329", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6724696a07091ce79f81edcc675e38dd134068e1ac9907946a05c8267ddf3329"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/coverage.yml"}, "region": {"startLine": 156}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `codecov/codecov-action` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 33036, "scanner": "repobility-supply-chain", "fingerprint": "7704cb393754f3be90c153c8d9ee173a0dea2dc7ffb6ca4ca657a4e9b02d754e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7704cb393754f3be90c153c8d9ee173a0dea2dc7ffb6ca4ca657a4e9b02d754e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/coverage.yml"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33035, "scanner": "repobility-supply-chain", "fingerprint": "405ae06c27d29f7a247b6e4b52592a932745619c9953e1077f7b33d616e48d8e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|405ae06c27d29f7a247b6e4b52592a932745619c9953e1077f7b33d616e48d8e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/coverage.yml"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `schneegans/dynamic-badges-action` pinned to mutable ref `@v1.7.0`"}, "properties": {"repobilityId": 33034, "scanner": "repobility-supply-chain", "fingerprint": "0b3b272263d54af18030665b163f0027a6008fc5ff56f06d251feb8f6cd053de", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0b3b272263d54af18030665b163f0027a6008fc5ff56f06d251feb8f6cd053de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-macos.yml"}, "region": {"startLine": 221}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/github-script` pinned to mutable ref `@v8`"}, "properties": {"repobilityId": 33033, "scanner": "repobility-supply-chain", "fingerprint": "6c2bd11627c15bec598b493674db0d0bee62eb769e3f11d87636fcbc7796e6de", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6c2bd11627c15bec598b493674db0d0bee62eb769e3f11d87636fcbc7796e6de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-macos.yml"}, "region": {"startLine": 203}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/github-script` pinned to mutable ref `@v8`"}, "properties": {"repobilityId": 33032, "scanner": "repobility-supply-chain", "fingerprint": "9f762b05a689cc1e0774a47ebb23c20e17313e47e541574da3b890ca7fadf7ce", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9f762b05a689cc1e0774a47ebb23c20e17313e47e541574da3b890ca7fadf7ce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-macos.yml"}, "region": {"startLine": 185}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 33031, "scanner": "repobility-supply-chain", "fingerprint": "eb9b7642ea8384facdf0fa582677426e1222f86f1566fcf6afda7d88e00d4c39", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|eb9b7642ea8384facdf0fa582677426e1222f86f1566fcf6afda7d88e00d4c39"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-macos.yml"}, "region": {"startLine": 164}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/download-artifact` pinned to mutable ref `@v4.1.7`"}, "properties": {"repobilityId": 33030, "scanner": "repobility-supply-chain", "fingerprint": "34e3ce8e679a9aeb5d2e066868ec77fc1aa505997b6a71f1d74c7134a67e432e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|34e3ce8e679a9aeb5d2e066868ec77fc1aa505997b6a71f1d74c7134a67e432e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-macos.yml"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `dorny/paths-filter` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 33029, "scanner": "repobility-supply-chain", "fingerprint": "d36c731f68e3ecdb5d72942af7673264b87a6d28f4cf09256e9f054f18532d9e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d36c731f68e3ecdb5d72942af7673264b87a6d28f4cf09256e9f054f18532d9e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-macos.yml"}, "region": {"startLine": 112}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33028, "scanner": "repobility-supply-chain", "fingerprint": "62db83d0d54268398520bc2ff12cf1650a97699293e6df45959d015944b0fe48", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|62db83d0d54268398520bc2ff12cf1650a97699293e6df45959d015944b0fe48"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/stress-test-macos.yml"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `schneegans/dynamic-badges-action` pinned to mutable ref `@v1.7.0`"}, "properties": {"repobilityId": 33025, "scanner": "repobility-supply-chain", "fingerprint": "743a3edbc110e53030cd359703f2ce908474e9a1358d139650bd2cc8cfcd8c86", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|743a3edbc110e53030cd359703f2ce908474e9a1358d139650bd2cc8cfcd8c86"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-macos.yml"}, "region": {"startLine": 120}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33024, "scanner": "repobility-supply-chain", "fingerprint": "db2f6f9d41290e9c3624eaa0b064015abed4b15ecc899d372bf4ba9fe2a5cea1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|db2f6f9d41290e9c3624eaa0b064015abed4b15ecc899d372bf4ba9fe2a5cea1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-macos.yml"}, "region": {"startLine": 112}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `dorny/paths-filter` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 33023, "scanner": "repobility-supply-chain", "fingerprint": "84b62385d119bdc94cada9e4b070364a85eeec55e838ab8c33ed33475a577d09", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|84b62385d119bdc94cada9e4b070364a85eeec55e838ab8c33ed33475a577d09"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-macos.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 33022, "scanner": "repobility-supply-chain", "fingerprint": "d563ed760eccf8eca3e4712bb4a6def7c7988fc9def010ddcfcaa4b02b61605e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d563ed760eccf8eca3e4712bb4a6def7c7988fc9def010ddcfcaa4b02b61605e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-macos.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._decode_posix_signal` used but never assigned in __init__"}, "properties": {"repobilityId": 32996, "scanner": "repobility-ast-engine", "fingerprint": "28e7ce869cc92a505debfe97b0f420d8392cb3906ef58f55976dcd5ac99f389e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|28e7ce869cc92a505debfe97b0f420d8392cb3906ef58f55976dcd5ac99f389e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1672}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._describe_pids` used but never assigned in __init__"}, "properties": {"repobilityId": 32995, "scanner": "repobility-ast-engine", "fingerprint": "24bd130a78ac6ce223685838f534f7ca1ad332a415536a8d5450bb1d8020059e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|24bd130a78ac6ce223685838f534f7ca1ad332a415536a8d5450bb1d8020059e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 1068}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._cleanup_new_core_dumps` used but never assigned in __init__"}, "properties": {"repobilityId": 32994, "scanner": "repobility-ast-engine", "fingerprint": "d846ead2b6d43bbbc4f960db7e1b0d7476ecff17bee558a72594ceb6c01c066a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d846ead2b6d43bbbc4f960db7e1b0d7476ecff17bee558a72594ceb6c01c066a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 2061}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._build_test_environment` used but never assigned in __init__"}, "properties": {"repobilityId": 32993, "scanner": "repobility-ast-engine", "fingerprint": "862ffe969111f2ba857db2e1f24701a44f3d491428aa6b6880ea3f4836560be0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|862ffe969111f2ba857db2e1f24701a44f3d491428aa6b6880ea3f4836560be0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 967}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._instrument_step` used but never assigned in __init__"}, "properties": {"repobilityId": 32992, "scanner": "repobility-ast-engine", "fingerprint": "64e46fe1ef221c975adb03f3a3bd5c82f7903e0bde7dc5b65878b131f6716482", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|64e46fe1ef221c975adb03f3a3bd5c82f7903e0bde7dc5b65878b131f6716482"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 956}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.instrumentation_active` used but never assigned in __init__"}, "properties": {"repobilityId": 32991, "scanner": "repobility-ast-engine", "fingerprint": "dffcc9e68341dc1baff0190b7050f579ea2b6e144046b63ed41cb65044a05ca9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dffcc9e68341dc1baff0190b7050f579ea2b6e144046b63ed41cb65044a05ca9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 955}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._snapshot_core_dumps` used but never assigned in __init__"}, "properties": {"repobilityId": 32990, "scanner": "repobility-ast-engine", "fingerprint": "93f6a7269520b8fa1d9880eb6efe293c3b6549303ef328aa258841d52fa17fa7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|93f6a7269520b8fa1d9880eb6efe293c3b6549303ef328aa258841d52fa17fa7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 952}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._allocate_scratch_directory` used but never assigned in __init__"}, "properties": {"repobilityId": 32989, "scanner": "repobility-ast-engine", "fingerprint": "a4ea9f1193521676d0d870dcc77dc1540c365fd7dd528b2d629986928585b7e1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a4ea9f1193521676d0d870dcc77dc1540c365fd7dd528b2d629986928585b7e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 949}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._list_ipc_rings_tests` used but never assigned in __init__"}, "properties": {"repobilityId": 32988, "scanner": "repobility-ast-engine", "fingerprint": "094f7b65ee1c57341d99bb751e1162fa4b661bf63e258e89fd55a395a7f8c2c6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|094f7b65ee1c57341d99bb751e1162fa4b661bf63e258e89fd55a395a7f8c2c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 879}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._expand_ipc_rings_invocations` used but never assigned in __init__"}, "properties": {"repobilityId": 32987, "scanner": "repobility-ast-engine", "fingerprint": "7cae6cf12e72b66506c951139d230c1e7a9000652b49ad4a1d63e0c47cffef41", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7cae6cf12e72b66506c951139d230c1e7a9000652b49ad4a1d63e0c47cffef41"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 870}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._expand_test_invocations` used but never assigned in __init__"}, "properties": {"repobilityId": 32986, "scanner": "repobility-ast-engine", "fingerprint": "4c4412e87687bd42ad3c7b7d35ae369bbfb3a7af8f48f558d31c3f85e044900a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4c4412e87687bd42ad3c7b7d35ae369bbfb3a7af8f48f558d31c3f85e044900a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 834}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._cleanup_scratch_directory` used but never assigned in __init__"}, "properties": {"repobilityId": 32985, "scanner": "repobility-ast-engine", "fingerprint": "308620a05c906001328a42b81bd21a2c0a13fa42011d110fc5b451e5656c66f2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|308620a05c906001328a42b81bd21a2c0a13fa42011d110fc5b451e5656c66f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 723}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._record_core_cleanup` used but never assigned in __init__"}, "properties": {"repobilityId": 32984, "scanner": "repobility-ast-engine", "fingerprint": "ccb3ef9f4c25e6873fb61d0a5b50353b288f5da1f2e52698749099e3227a602c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ccb3ef9f4c25e6873fb61d0a5b50353b288f5da1f2e52698749099e3227a602c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 711}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._record_core_cleanup` used but never assigned in __init__"}, "properties": {"repobilityId": 32983, "scanner": "repobility-ast-engine", "fingerprint": "611acdc5c11313fede4658952b44986c1bc58c3735897be9a06576a268559a39", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|611acdc5c11313fede4658952b44986c1bc58c3735897be9a06576a268559a39"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 708}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._record_core_cleanup` used but never assigned in __init__"}, "properties": {"repobilityId": 32982, "scanner": "repobility-ast-engine", "fingerprint": "89c5b2589dcba78b4088746e536f713b8fe8a1541e26bd7c67bb85ffdc59f332", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|89c5b2589dcba78b4088746e536f713b8fe8a1541e26bd7c67bb85ffdc59f332"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 700}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._record_core_cleanup` used but never assigned in __init__"}, "properties": {"repobilityId": 32981, "scanner": "repobility-ast-engine", "fingerprint": "29e0a24aa93070f0c25b96ebfee19ae3fb8e792334b255c8f7e536afe7df653b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|29e0a24aa93070f0c25b96ebfee19ae3fb8e792334b255c8f7e536afe7df653b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 675}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._find_new_core_dumps` used but never assigned in __init__"}, "properties": {"repobilityId": 32980, "scanner": "repobility-ast-engine", "fingerprint": "393dcad990b34da972aa955d0267a4a0aa79a78ca6649da26f18d1699bb44bbd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|393dcad990b34da972aa955d0267a4a0aa79a78ca6649da26f18d1699bb44bbd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 658}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._is_core_dump_file` used but never assigned in __init__"}, "properties": {"repobilityId": 32979, "scanner": "repobility-ast-engine", "fingerprint": "08ebe2661c06b6532cd096f09911ff2aecfc4f54f3afef417a2c19244f40b758", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|08ebe2661c06b6532cd096f09911ff2aecfc4f54f3afef417a2c19244f40b758"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 622}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._normalize_core_path` used but never assigned in __init__"}, "properties": {"repobilityId": 32978, "scanner": "repobility-ast-engine", "fingerprint": "d669ca818f8ab37baf7a2021b43ed23c775c5ecea6f2d9b77e41e36a04dd3b83", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d669ca818f8ab37baf7a2021b43ed23c775c5ecea6f2d9b77e41e36a04dd3b83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 625}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._core_dump_search_directories` used but never assigned in __init__"}, "properties": {"repobilityId": 32977, "scanner": "repobility-ast-engine", "fingerprint": "28f335b1ebc18b94f106671b7c90ea0e6ec9bc37046e71ad312c59f2ff54522e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|28f335b1ebc18b94f106671b7c90ea0e6ec9bc37046e71ad312c59f2ff54522e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 613}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._normalize_core_path` used but never assigned in __init__"}, "properties": {"repobilityId": 32976, "scanner": "repobility-ast-engine", "fingerprint": "33ca941fd10b703a2cdaedeb948fbd7f7758e051465ae61e4df2fcc2aaf5a783", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|33ca941fd10b703a2cdaedeb948fbd7f7758e051465ae61e4df2fcc2aaf5a783"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 600}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._is_core_dump_file` used but never assigned in __init__"}, "properties": {"repobilityId": 32975, "scanner": "repobility-ast-engine", "fingerprint": "9c4fef03bb4de4ac21b79f28ce43d162f06a21e8c5cecfb7710ad0ade5244887", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9c4fef03bb4de4ac21b79f28ce43d162f06a21e8c5cecfb7710ad0ade5244887"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 598}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._core_dump_search_directories` used but never assigned in __init__"}, "properties": {"repobilityId": 32974, "scanner": "repobility-ast-engine", "fingerprint": "687d7287075957ed32d7e857667b0884af8f44ce9ac8517b0012cb98681563d8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|687d7287075957ed32d7e857667b0884af8f44ce9ac8517b0012cb98681563d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 589}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._record_scratch_cleanup` used but never assigned in __init__"}, "properties": {"repobilityId": 32973, "scanner": "repobility-ast-engine", "fingerprint": "4e18742d3e84ad5714b120a6545ea36719d51b2385a1e6f9dbdec2c5c7c91fda", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4e18742d3e84ad5714b120a6545ea36719d51b2385a1e6f9dbdec2c5c7c91fda"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 549}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._estimate_directory_size` used but never assigned in __init__"}, "properties": {"repobilityId": 32972, "scanner": "repobility-ast-engine", "fingerprint": "5e86bc4a9b343c22d2d35e8be19f40f2dd9795f804502598e66ccc6136e5e1a7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5e86bc4a9b343c22d2d35e8be19f40f2dd9795f804502598e66ccc6136e5e1a7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/run_tests.py"}, "region": {"startLine": 537}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger"}, "properties": {"repobilityId": 33051, "scanner": "repobility-supply-chain", "fingerprint": "118b7841bd50eed211276f7e4f5d310427e1123ef9daa699758254f2628866dd", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|118b7841bd50eed211276f7e4f5d310427e1123ef9daa699758254f2628866dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-windows.yml"}, "region": {"startLine": 196}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger"}, "properties": {"repobilityId": 33050, "scanner": "repobility-supply-chain", "fingerprint": "c23b55daef69cffee3dc1481a4ee4895671755d90576a62baed5595fe7209f72", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c23b55daef69cffee3dc1481a4ee4895671755d90576a62baed5595fe7209f72"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-windows.yml"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger"}, "properties": {"repobilityId": 33045, "scanner": "repobility-supply-chain", "fingerprint": "c3b7f24d4ab1f47c0767ca54d23fd84dc752ccaef8477230db08f4bba1074fff", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c3b7f24d4ab1f47c0767ca54d23fd84dc752ccaef8477230db08f4bba1074fff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-linux.yml"}, "region": {"startLine": 184}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger"}, "properties": {"repobilityId": 33044, "scanner": "repobility-supply-chain", "fingerprint": "59004cc96d26a0da6101cb994f6414513efcc1152387400abf9bb55018bb536e", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|59004cc96d26a0da6101cb994f6414513efcc1152387400abf9bb55018bb536e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-linux.yml"}, "region": {"startLine": 170}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger"}, "properties": {"repobilityId": 33038, "scanner": "repobility-supply-chain", "fingerprint": "371aa5456da027dda622597749f63bb99f271f48b3e610d210abca01e80bba0e", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|371aa5456da027dda622597749f63bb99f271f48b3e610d210abca01e80bba0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/coverage.yml"}, "region": {"startLine": 148}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger"}, "properties": {"repobilityId": 33027, "scanner": "repobility-supply-chain", "fingerprint": "a57b30116faf5f1d64ad220ebfae85b6688eb5929e8dfa615b7e64fd9c60593c", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a57b30116faf5f1d64ad220ebfae85b6688eb5929e8dfa615b7e64fd9c60593c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-macos.yml"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.GIST_SECRET` on a `pull_request` trigger"}, "properties": {"repobilityId": 33026, "scanner": "repobility-supply-chain", "fingerprint": "b2c740efc489565572f130b8763c06df5d38f48f701265b1b5c4e5e847a652df", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b2c740efc489565572f130b8763c06df5d38f48f701265b1b5c4e5e847a652df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-macos.yml"}, "region": {"startLine": 122}}}]}]}]}