Sorted by anomaly — patterns where this repo ranks worst against the corpus, weighted by severity. Fixing these brings the biggest improvement to your corpus percentile.
python repos: 4
· seen in src/flask/config.py:124, src/flask/wrappers.py:206, src/flask/wrappers.py:205, …
python repos: 8
· seen in tests/test_cli.py:217, tests/test_config.py:132, tests/test_config.py:110, …
python repos: 2
· seen in src/flask/cli.py:650, src/flask/cli.py:956, src/flask/app.py:1598, …
python repos: 63
· seen in examples/celery/src/task_app/views.py:30, examples/celery/src/task_app/views.py:36, examples/celery/src/task_app/views.py:22, …
python repos: 4
· seen in src/flask/sessions.py:277
Scan timing: clone 1.89s · analysis 2.23s · 1.8 MB · GitHub preflight 425ms
https://github.com/pallets/flask.git
· scanned 2026-05-19 19:33 UTC (2 weeks, 2 days ago)
· 10 languages
640 findings (88 legacy + 552 scanner) 94th percentile · Python · small (2-20K LoC) Scanner says 68 (higher by 20)
Last scanned 2 weeks, 2 days ago · v8 · 157 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.
| Component | Sub-score | Weight | Contribution |
|---|---|---|---|
structure_score |
100.0 | 0.15 | 15.00 |
security_score |
90.4 | 0.25 | 22.60 |
testing_score |
100.0 | 0.20 | 20.00 |
documentation_score |
73.0 | 0.15 | 10.95 |
practices_score |
82.0 | 0.15 | 12.30 |
code_quality |
64.0 | 0.10 | 6.40 |
| Overall | 1.00 | 87.2 |
All 1513 nodes from the latest scan, grouped by kind. Each node is a unit the engine identified (file, function, endpoint, table…). Most users won't need this view — it's primarily for debugging the engine's graph extraction or for AI agents that want to enumerate the project structure.
| Label | Layer | Status | Path |
|---|---|---|---|
test_options_work |
software | healthy | tests/test_basic.py:32 |
index |
software | healthy | tests/test_basic.py:1941 |
test_options_on_multiple_rules |
software | healthy | tests/test_basic.py:42 |
index_put |
software | healthy | tests/test_basic.py:48 |
test_method_route |
software | healthy | tests/test_basic.py:56 |
hello |
software | healthy | tests/test_basic.py:1360 |
test_method_route_no_methods |
software | healthy | tests/test_basic.py:67 |
test_provide_automatic_options_attr_disable |
software | healthy | tests/test_basic.py:72 |
test_provide_automatic_options_attr_enable |
software | healthy | tests/test_basic.py:86 |
test_provide_automatic_options_arg_disable |
software | healthy | tests/test_basic.py:103 |
test_provide_automatic_options_method_disable |
software | healthy | tests/test_basic.py:116 |
test_request_dispatching |
software | healthy | tests/test_basic.py:129 |
more |
software | healthy | tests/test_basic.py:163 |
test_disallow_string_for_allowed_methods |
software | healthy | tests/test_basic.py:152 |
test_url_mapping |
software | healthy | tests/test_basic.py:157 |
options |
software | healthy | tests/test_basic.py:166 |
test_werkzeug_routing |
software | healthy | tests/test_basic.py:193 |
bar |
software | healthy | tests/test_basic.py:223 |
test_endpoint_decorator |
software | healthy | tests/test_basic.py:214 |
test_session_accessed |
software | healthy | tests/test_basic.py:234 |
do_set |
software | healthy | tests/test_basic.py:236 |
do_get |
software | healthy | tests/test_basic.py:241 |
do_nothing |
software | healthy | tests/test_basic.py:245 |
test_session_path |
software | healthy | tests/test_basic.py:276 |
test_session_using_application_root |
software | healthy | tests/test_basic.py:288 |
__init__ |
software | healthy | tests/test_basic.py:1864 |
__call__ |
software | healthy | tests/test_basic.py:294 |
test_session_using_session_settings |
software | healthy | tests/test_basic.py:310 |
clear |
software | healthy | tests/test_basic.py:558 |
test_session_using_samesite_attribute |
software | healthy | tests/test_basic.py:353 |
test_missing_session |
software | healthy | tests/test_basic.py:380 |
expect_exception |
software | healthy | tests/test_basic.py:383 |
test_session_secret_key_fallbacks |
software | healthy | tests/test_basic.py:393 |
set_session |
software | healthy | tests/test_basic.py:541 |
get_session |
software | healthy | tests/test_basic.py:400 |
test_session_expiration |
software | healthy | tests/test_basic.py:421 |
test |
software | healthy | tests/test_basic.py:641 |
test_session_stored_last |
software | healthy | tests/test_basic.py:453 |
modify_session |
software | healthy | tests/test_basic.py:455 |
dump_session_contents |
software | healthy | tests/test_basic.py:472 |
test_session_special_types |
software | healthy | tests/test_basic.py:467 |
test_session_cookie_setting |
software | healthy | tests/test_basic.py:498 |
bump |
software | healthy | tests/test_basic.py:502 |
read |
software | healthy | tests/test_basic.py:508 |
run_test |
software | healthy | tests/test_basic.py:511 |
test_session_vary_cookie |
software | healthy | tests/test_basic.py:539 |
get |
software | healthy | tests/test_basic.py:546 |
getitem |
software | healthy | tests/test_basic.py:550 |
setdefault |
software | healthy | tests/test_basic.py:554 |
vary_cookie_header_set |
software | healthy | tests/test_basic.py:563 |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
PrefixPathMiddleware |
software | healthy | tests/test_basic.py:289 |
MyException |
software | healthy | tests/test_basic.py:971 |
ForbiddenSubclass |
software | healthy | tests/test_basic.py:987 |
E1 |
software | healthy | tests/test_basic.py:1019 |
E2 |
software | healthy | tests/test_basic.py:1022 |
E3 |
software | healthy | tests/test_basic.py:1025 |
View |
software | healthy | tests/test_basic.py:1863 |
FakePath |
software | healthy | tests/test_helpers.py:11 |
PyBytesIO |
software | healthy | tests/test_helpers.py:25 |
TestSendfile |
software | healthy | tests/test_helpers.py:33 |
StaticFileApp |
software | healthy | tests/test_helpers.py:69 |
TestUrlFor |
software | healthy | tests/test_helpers.py:94 |
MyView |
software | healthy | tests/test_helpers.py:138 |
MyAborter |
software | healthy | tests/test_helpers.py:189 |
MyFlask |
software | healthy | tests/test_helpers.py:192 |
My900Error |
software | healthy | tests/test_helpers.py:200 |
TestNoImports |
software | healthy | tests/test_helpers.py:209 |
TestStreaming |
software | healthy | tests/test_helpers.py:228 |
Wrapper |
software | healthy | tests/test_helpers.py:259 |
TestHelpers |
software | healthy | tests/test_helpers.py:327 |
Namespace |
software | healthy | tests/test_testing.py:275 |
SubRunner |
software | healthy | tests/test_testing.py:330 |
NS |
software | healthy | tests/test_testing.py:353 |
Index |
software | healthy | tests/test_views.py:186 |
Other |
software | healthy | tests/test_views.py:50 |
BetterIndex |
software | healthy | tests/test_views.py:71 |
BaseView |
software | healthy | tests/test_views.py:202 |
ChildView |
software | healthy | tests/test_views.py:205 |
GetView |
software | healthy | tests/test_views.py:239 |
DeleteView |
software | healthy | tests/test_views.py:224 |
GetDeleteView |
software | healthy | tests/test_views.py:228 |
OtherView |
software | healthy | tests/test_views.py:243 |
View |
software | healthy | tests/test_views.py:247 |
CountInit |
software | healthy | tests/test_views.py:260 |
ListConverter |
software | healthy | tests/test_converters.py:9 |
ContextConverter |
software | healthy | tests/test_converters.py:30 |
SessionError |
software | healthy | tests/test_reqctx.py:178 |
FailingSessionInterface |
software | healthy | tests/test_reqctx.py:181 |
CustomFlask |
software | healthy | tests/test_reqctx.py:211 |
PathAwareSessionInterface |
software | healthy | tests/test_reqctx.py:204 |
Base |
software | healthy | tests/test_config.py:133 |
Test |
software | healthy | tests/test_config.py:136 |
Config |
software | healthy | tests/test_config.py:199 |
Flask |
software | healthy | tests/test_config.py:202 |
Foo |
software | healthy | tests/test_regression.py:5 |
Module |
software | healthy | tests/test_cli.py:127 |
MockCtx |
software | healthy | tests/test_cli.py:232 |
TestRoutes |
software | healthy | tests/test_cli.py:446 |
MySessionInterface |
software | healthy | tests/test_session_interface.py:12 |
MyDecoratorException |
software | healthy | tests/test_blueprints.py:47 |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
README.md |
software | healthy | README.md |
.pre-commit-config.yaml |
software | healthy | .pre-commit-config.yaml |
.readthedocs.yaml |
software | healthy | .readthedocs.yaml |
pyproject.toml |
software | healthy | pyproject.toml |
on-create-command.sh |
software | healthy | .devcontainer/on-create-command.sh |
devcontainer.json |
software | healthy | .devcontainer/devcontainer.json |
test_basic.py |
software | healthy | tests/test_basic.py |
conftest.py |
software | healthy | tests/conftest.py |
test_helpers.py |
software | healthy | tests/test_helpers.py |
test_testing.py |
software | healthy | tests/test_testing.py |
test_views.py |
software | healthy | tests/test_views.py |
test_converters.py |
software | healthy | tests/test_converters.py |
test_reqctx.py |
software | healthy | tests/test_reqctx.py |
test_config.py |
software | healthy | tests/test_config.py |
test_signals.py |
software | healthy | tests/test_signals.py |
test_instance_config.py |
software | healthy | tests/test_instance_config.py |
test_regression.py |
software | healthy | tests/test_regression.py |
test_cli.py |
software | healthy | tests/test_cli.py |
test_session_interface.py |
software | healthy | tests/test_session_interface.py |
test_blueprints.py |
software | healthy | tests/test_blueprints.py |
test_subclassing.py |
software | healthy | tests/test_subclassing.py |
test_templating.py |
software | healthy | tests/test_templating.py |
test_json_tag.py |
software | healthy | tests/test_json_tag.py |
test_logging.py |
software | healthy | tests/test_logging.py |
test_request.py |
software | healthy | tests/test_request.py |
test_appctx.py |
software | healthy | tests/test_appctx.py |
test_json.py |
software | healthy | tests/test_json.py |
test_async.py |
software | healthy | tests/test_async.py |
test_user_error_handler.py |
software | healthy | tests/test_user_error_handler.py |
.env |
software | healthy | tests/test_apps/.env |
hello.py |
software | healthy | tests/test_apps/helloworld/hello.py |
wsgi.py |
software | warning | tests/test_apps/helloworld/wsgi.py |
__init__.py |
software | healthy | tests/test_apps/subdomaintestmodule/__init__.py |
__init__.py |
software | healthy | tests/test_apps/blueprintapp/__init__.py |
__init__.py |
software | healthy | tests/test_apps/blueprintapp/apps/__init__.py |
__init__.py |
software | healthy | tests/test_apps/blueprintapp/apps/frontend/__init__.py |
index.html |
software | healthy | tests/test_apps/blueprintapp/apps/frontend/templates/fronte… |
__init__.py |
software | healthy | tests/test_apps/blueprintapp/apps/admin/__init__.py |
test.css |
software | healthy | tests/test_apps/blueprintapp/apps/admin/static/css/test.css |
index.html |
software | healthy | tests/test_apps/blueprintapp/apps/admin/templates/admin/ind… |
__init__.py |
software | healthy | tests/test_apps/cliapp/__init__.py |
multiapp.py |
software | warning | tests/test_apps/cliapp/multiapp.py |
app.py |
software | warning | tests/test_apps/cliapp/app.py |
factory.py |
software | healthy | tests/test_apps/cliapp/factory.py |
importerrorapp.py |
software | warning | tests/test_apps/cliapp/importerrorapp.py |
__init__.py |
software | healthy | tests/test_apps/cliapp/inner1/__init__.py |
__init__.py |
software | healthy | tests/test_apps/cliapp/inner1/inner2/__init__.py |
flask.py |
software | warning | tests/test_apps/cliapp/inner1/inner2/flask.py |
index.html |
software | healthy | tests/static/index.html |
config.json |
software | healthy | tests/static/config.json |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
.devcontainer |
software | healthy | .devcontainer |
tests |
software | healthy | tests |
test_apps |
software | healthy | tests/test_apps |
helloworld |
software | healthy | tests/test_apps/helloworld |
subdomaintestmodule |
software | healthy | tests/test_apps/subdomaintestmodule |
blueprintapp |
software | healthy | tests/test_apps/blueprintapp |
apps |
software | healthy | tests/test_apps/blueprintapp/apps |
frontend |
software | healthy | tests/test_apps/blueprintapp/apps/frontend |
templates |
software | healthy | tests/test_apps/blueprintapp/apps/frontend/templates |
frontend |
software | healthy | tests/test_apps/blueprintapp/apps/frontend/templates/fronte… |
admin |
software | healthy | tests/test_apps/blueprintapp/apps/admin |
static |
software | healthy | tests/test_apps/blueprintapp/apps/admin/static |
css |
software | healthy | tests/test_apps/blueprintapp/apps/admin/static/css |
templates |
software | healthy | tests/test_apps/blueprintapp/apps/admin/templates |
admin |
software | healthy | tests/test_apps/blueprintapp/apps/admin/templates/admin |
cliapp |
software | healthy | tests/test_apps/cliapp |
inner1 |
software | healthy | tests/test_apps/cliapp/inner1 |
inner2 |
software | healthy | tests/test_apps/cliapp/inner1/inner2 |
static |
software | healthy | tests/static |
templates |
software | healthy | tests/templates |
type_check |
software | healthy | tests/type_check |
docs |
software | healthy | docs |
examples |
software | healthy | examples |
celery |
software | healthy | examples/celery |
src |
software | healthy | examples/celery/src |
task_app |
software | healthy | examples/celery/src/task_app |
templates |
software | healthy | examples/celery/src/task_app/templates |
javascript |
software | healthy | examples/javascript |
tests |
software | healthy | examples/javascript/tests |
js_example |
software | healthy | examples/javascript/js_example |
templates |
software | healthy | examples/javascript/js_example/templates |
tutorial |
software | healthy | examples/tutorial |
tests |
software | healthy | examples/tutorial/tests |
flaskr |
software | healthy | examples/tutorial/flaskr |
static |
software | healthy | examples/tutorial/flaskr/static |
templates |
software | healthy | examples/tutorial/flaskr/templates |
blog |
software | healthy | examples/tutorial/flaskr/templates/blog |
auth |
software | healthy | examples/tutorial/flaskr/templates/auth |
.github |
software | healthy | .github |
ISSUE_TEMPLATE |
software | healthy | .github/ISSUE_TEMPLATE |
workflows |
software | healthy | .github/workflows |
src |
software | healthy | src |
flask |
software | healthy | src/flask |
json |
software | healthy | src/flask/json |
sansio |
software | healthy | src/flask/sansio |
| Label | Layer | Status | Path |
|---|---|---|---|
ANY / |
api | healthy | examples/celery/src/task_app/__init__.py |
GET /result/<id> |
api | healthy | examples/celery/src/task_app/views.py |
POST /add |
api | healthy | examples/celery/src/task_app/views.py |
POST /block |
api | healthy | examples/celery/src/task_app/views.py |
POST /process |
api | healthy | examples/celery/src/task_app/views.py |
ANY /<any(xhr, jquery, fetch):js> |
api | healthy | examples/javascript/js_example/views.py |
ANY /add |
api | healthy | examples/javascript/js_example/views.py |
ANY /hello |
api | healthy | examples/tutorial/flaskr/__init__.py |
ANY /register |
api | healthy | examples/tutorial/flaskr/auth.py |
ANY /login |
api | healthy | examples/tutorial/flaskr/auth.py |
ANY /logout |
api | healthy | examples/tutorial/flaskr/auth.py |
ANY /create |
api | healthy | examples/tutorial/flaskr/blog.py |
ANY /<int:id>/update |
api | healthy | examples/tutorial/flaskr/blog.py |
ANY /<int:id>/delete |
api | healthy | examples/tutorial/flaskr/blog.py |
| Label | Layer | Status | Path |
|---|---|---|---|
lock |
cicd | healthy | .github/workflows/lock.yaml |
build |
cicd | healthy | .github/workflows/publish.yaml |
create-release |
cicd | healthy | .github/workflows/publish.yaml |
publish-pypi |
cicd | healthy | .github/workflows/publish.yaml |
tests |
cicd | healthy | .github/workflows/tests.yaml |
typing |
cicd | healthy | .github/workflows/tests.yaml |
zizmor |
cicd | healthy | .github/workflows/zizmor.yaml |
main |
cicd | healthy | .github/workflows/pre-commit.yaml |
| Label | Layer | Status | Path |
|---|---|---|---|
gha::lock |
cicd | healthy | .github/workflows/lock.yaml |
gha::publish |
cicd | healthy | .github/workflows/publish.yaml |
gha::tests |
cicd | healthy | .github/workflows/tests.yaml |
gha::zizmor |
cicd | healthy | .github/workflows/zizmor.yaml |
gha::pre-commit |
cicd | healthy | .github/workflows/pre-commit.yaml |
| Label | Layer | Status | Path |
|---|---|---|---|
127.0.0.1 |
network | healthy | tests/test_basic.py |
192.168.0.22 |
network | healthy | tests/test_testing.py |
127.0.0.2 |
network | healthy | tests/test_testing.py |
3.6.4.0 |
network | healthy | examples/celery/requirements.txt |
| Label | Layer | Status | Path |
|---|---|---|---|
redis |
data | healthy | examples/celery/pyproject.toml |
sqlite |
data | healthy | examples/tutorial/flaskr/__init__.py |
| Label | Layer | Status | Path |
|---|---|---|---|
user |
data | healthy | examples/tutorial/flaskr/schema.sql |
post |
data | healthy | examples/tutorial/flaskr/schema.sql |
| Label | Layer | Status | Path |
|---|---|---|---|
repobility-clone-dx7dhhno |
software | healthy | /tmp/repobility-clone-dx7dhhno |
| Label | Layer | Status | Path |
|---|---|---|---|
celery |
data | healthy | examples/celery/make_celery.py |
| Label | Layer | Status | Path |
|---|---|---|---|
port:5000 |
network | healthy | src/flask/app.py |
| Label | Layer | Status | Path |
|---|---|---|---|
.env in repo |
security | healthy | tests/test_apps/.env |
This page is publicly accessible at:
https://repobility.com/scan/236d5297-cc82-4271-839f-d82abeafbe5c/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/236d5297-cc82-4271-839f-d82abeafbe5c/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.