← Back to scan
File as GitHub Issue repo: ansible-collections/community.general

Push this scan report to ansible-collections/community.general

Click the green button below to open GitHub’s new-issue form, pre-filled with the report title, summary table, top findings, and an embedded score-card image. No authentication needed — you review on GitHub before submitting. Repobility is credited as the scanner.

Embedded score card image

This image will render at the top of the issue body. Hosted on Repobility, refreshes automatically after re-scans.

Repobility score card

Issue title

Python: requests without timeout

Curate findings to include

Pick exactly which findings appear in the issue body. By default the top 5 are included. Uncheck noise, check what matters.

Top 5 (default)
Severity Rule Title File:line
HIGH SEC032 [SEC032] Unrestricted File Upload — no extension/MIME validation: File upload accepts the… plugins/modules/kernel_blacklist.py:72
HIGH MINED004 [MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums). plugins/modules/jboss.py:141
HIGH MINED004 [MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums). plugins/modules/iso_extract.py:199
HIGH MINED004 [MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums). plugins/modules/bitbucket_pipeline_know…:131
HIGH SEC078 [SEC078] Python: requests without timeout: requests.get/post without a timeout will hang … plugins/modules/circonus_annotation.py:180
HIGH SEC078 [SEC078] Python: requests without timeout: requests.get/post without a timeout will hang … plugins/module_utils/_gitlab.py:118
HIGH MINED021 [MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can co… plugins/module_utils/_ssh.py:18
HIGH MINED021 [MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can co… plugins/inventory/scaleway.py:320
HIGH MINED021 [MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can co… plugins/inventory/opennebula.py:126
HIGH MINED006 [MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and Syste… plugins/modules/vertica_info.py:295
HIGH MINED006 [MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and Syste… plugins/modules/vertica_configuration.py:191
HIGH MINED006 [MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and Syste… plugins/callback/logentries.py:164
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … plugins/cache/redis.py:187
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … plugins/cache/memcached.py:208
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … plugins/action/shutdown.py:175
HIGH MINED001 [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e… plugins/cache/redis.py:166
HIGH MINED001 [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e… plugins/action/shutdown.py:28
HIGH MINED001 [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e… plugins/action/iptables_state.py:170
HIGH MINED040 [MINED040] Python Yaml Load Unsafe: yaml.load(stream) without SafeLoader can deserialize … docs/docsite/reformat-yaml.py:17
HIGH SEC029 [SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT… plugins/callback/nrdp.py:145
HIGH SEC029 [SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT… plugins/callback/loganalytics.py:96
HIGH SEC029 [SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT… .azure-pipelines/scripts/publish-codeco…:88
HIGH SEC103 [SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDA… plugins/modules/aix_lvol.py:166
HIGH SEC103 [SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDA… plugins/module_utils/_consul.py:86
HIGH SEC103 [SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDA… .azure-pipelines/scripts/combine-covera…:40
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:54
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:60
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:59
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:58
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:57
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:56
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:50
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:49
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:64
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:61
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:58
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:55
HIGH MINED108 `self.vars` used but never assigned in __init__ tests/integration/targets/module_helper…:52
HIGH MINED108 `self._make_safe` used but never assigned in __init__ tests/integration/targets/cmd_runner/ac…:53
HIGH MINED108 `self._templar` used but never assigned in __init__ tests/integration/targets/cmd_runner/ac…:54
HIGH MINED108 `self._loader` used but never assigned in __init__ tests/integration/targets/cmd_runner/ac…:52
HIGH COMP001 [COMP001] High cognitive complexity: Function `run` has cognitive complexity 65 (SonarSou… plugins/action/iptables_state.py:87
HIGH MINED134 Binary file `tests/integration/targets/connection_wsl/files/wsl.exe` committed in source … tests/integration/targets/connection_ws…:1
HIGH MINED115 Action `felixfontein/ansible-test-gh-action` pinned to mutable ref `@main` .github/workflows/ansible-test.yml:153
HIGH MINED115 Action `felixfontein/ansible-test-gh-action` pinned to mutable ref `@main` .github/workflows/ansible-test.yml:71
HIGH MINED115 Action `felixfontein/ansible-test-gh-action` pinned to mutable ref `@main` .github/workflows/ansible-test.yml:36
HIGH MINED115 Action `ansible-community/antsibull-nox` pinned to mutable ref `@main` .github/workflows/docs.yml:32
HIGH MINED115 Action `actions/checkout` pinned to mutable ref `@v6` .github/workflows/docs.yml:28
HIGH MINED115 Action `ansible-community/antsibull-nox` pinned to mutable ref `@main` .github/workflows/nox.yml:28
HIGH MINED115 Action `actions/checkout` pinned to mutable ref `@v6` .github/workflows/nox.yml:24
HIGH MINED115 Action `github/codeql-action/analyze` pinned to mutable ref `@v4` .github/workflows/codeql-analysis.yml:38
HIGH MINED115 Action `github/codeql-action/init` pinned to mutable ref `@v4` .github/workflows/codeql-analysis.yml:33
HIGH MINED115 Action `actions/checkout` pinned to mutable ref `@v6` .github/workflows/codeql-analysis.yml:27
HIGH SEC013 [SEC013] Path Traversal — User Input in File Path: User-controlled input used in file pat… plugins/lookup/cyberarkpassword.py:142
HIGH SEC004 [SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection. plugins/modules/redis_data.py:188
HIGH SEC004 [SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection. plugins/modules/mssql_db.py:120
HIGH SEC004 [SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection. plugins/modules/ipwcli_dns.py:255
MED SEC042 [SEC042] SQL identifier injection via f-string in cursor execute: f-string SQL normalizes… plugins/modules/vertica_role.py:130
MED SEC042 [SEC042] SQL identifier injection via f-string in cursor execute: f-string SQL normalizes… plugins/modules/vertica_configuration.py:128
MED SEC042 [SEC042] SQL identifier injection via f-string in cursor execute: f-string SQL normalizes… plugins/modules/mssql_db.py:120
MED SEC107 [SEC107] Weak TLS version requested (TLSv1.0, TLSv1.1, SSLv3, SSLv2): TLS 1.0 and 1.1 wer… plugins/modules/mqtt.py:149
MED SEC045 [SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even … plugins/modules/memset_zone_domain.py:229
MED SEC045 [SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even … plugins/modules/memset_dns_reload.py:159
MED SEC134 [SEC134] AI scaffold leftover — Lorem ipsum / example.com / John Doe in code: Lorem ipsum… plugins/modules/gitlab_project_badge.py:86
MED SEC015 [SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. … plugins/modules/github_key.py:188
MED SEC015 [SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. … plugins/modules/consul_session.py:170
MED SEC015 [SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. … plugins/modules/bitbucket_access_key.py:167
MED SEC127 [SEC127] AI agent stub — TODO: implement / pass placeholder body: Function body left as T… plugins/module_utils/_mh/base.py:58
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… plugins/modules/hwc_smn_topic.py:259
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… plugins/modules/bzr.py:91
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… plugins/module_utils/_ldap.py:101
MED SEC136 [SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all excepti… plugins/module_utils/_gitlab.py:62
MED SEC136 [SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all excepti… plugins/lookup/etcd.py:131
MED SEC007 [SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code. plugins/cache/pickle.py:60
MED MINED111 Bare except continues silently plugins/modules/mail.py:409
MED MINED111 Bare except continues silently plugins/modules/capabilities.py:162
MED MINED111 Bare except continues silently plugins/modules/utm_proxy_frontend_info…:138
MED MINED111 Bare except continues silently plugins/modules/datadog_monitor.py:498
MED MINED111 Bare except continues silently plugins/modules/datadog_monitor.py:485
MED MINED111 Bare except continues silently plugins/modules/datadog_monitor.py:462
MED MINED111 Bare except continues silently plugins/modules/datadog_monitor.py:417
MED MINED111 Bare except continues silently plugins/modules/datadog_monitor.py:384
MED MINED111 Bare except continues silently plugins/modules/datadog_monitor.py:249
MED MINED111 Bare except continues silently plugins/modules/utm_network_interface_a…:129
MED MINED111 Bare except continues silently plugins/modules/ipa_hbacrule.py:432
MED MINED111 Bare except continues silently plugins/modules/runit.py:204
MED MINED111 Bare except continues silently plugins/modules/btrfs_subvolume.py:273
MED MINED111 Bare except continues silently plugins/modules/consul.py:625
MED MINED111 Bare except continues silently plugins/modules/manageiq_group.py:484
MED MINED111 Bare except continues silently plugins/modules/manageiq_group.py:394
MED MINED111 Bare except continues silently plugins/modules/manageiq_group.py:315
MED MINED111 Bare except continues silently plugins/modules/gitlab_project_approval…:146
MED MINED111 Bare except continues silently plugins/modules/gitlab_project_approval…:131
MED MINED111 Bare except continues silently tests/sanity/extra/botmeta.py:149
MED MINED111 Bare except continues silently tests/sanity/extra/botmeta.py:88
MED MINED111 Bare except continues silently tests/integration/targets/cmd_runner/li…:58
MED SEC014 [SEC014] SSL Verification Disabled: SSL certificate verification is disabled, allowing ma… plugins/modules/irc.py:252
MED SEC007 [SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code. docs/docsite/reformat-yaml.py:17
MED COMP001 [COMP001] High cognitive complexity: Function `v2_runner_on_ok` has cognitive complexity … plugins/callback/counter_enabled.py:143
MED MINED124 requirements.txt: `jsonpatch` has no version pin tests/unit/requirements.txt:57
MED MINED124 requirements.txt: `python-jenkins < 1.8.0 ; python_version < '3.8'` has no version pin tests/unit/requirements.txt:53
MED MINED124 requirements.txt: `passlib[argon2]` has no version pin tests/unit/requirements.txt:47
MED MINED124 requirements.txt: `dnspython` has no version pin tests/unit/requirements.txt:34
MED MINED124 requirements.txt: `semantic_version` has no version pin tests/unit/requirements.txt:25
MED MINED124 requirements.txt: `lxml` has no version pin tests/unit/requirements.txt:24
MED MINED124 requirements.txt: `pynacl` has no version pin tests/unit/requirements.txt:21
MED MINED124 requirements.txt: `httmock` has no version pin tests/unit/requirements.txt:20
MED MINED124 requirements.txt: `PyGithub` has no version pin tests/unit/requirements.txt:19
MED MINED124 requirements.txt: `python-gitlab` has no version pin tests/unit/requirements.txt:18
MED MINED124 requirements.txt: `linode_api4 # APIv4` has no version pin tests/unit/requirements.txt:15
MED MINED124 requirements.txt: `linode-python # APIv3` has no version pin tests/unit/requirements.txt:14
MED MINED124 requirements.txt: `redis` has no version pin tests/unit/requirements.txt:10
MED MINED124 requirements.txt: `andebox` has no version pin .devcontainer/requirements-dev.txt:10
MED MINED124 requirements.txt: `ansible-core` has no version pin .devcontainer/requirements-dev.txt:9
MED MINED124 requirements.txt: `pre-commit` has no version pin .devcontainer/requirements-dev.txt:8
MED MINED124 requirements.txt: `antsibull-nox` has no version pin .devcontainer/requirements-dev.txt:7
MED MINED124 requirements.txt: `ruff` has no version pin .devcontainer/requirements-dev.txt:6
MED MINED124 requirements.txt: `nox` has no version pin .devcontainer/requirements-dev.txt:5
MED DKR002 Compose service `jenkins` image has no explicit tag tests/integration/targets/jenkins_crede…:7
MED DKC015 Database service has no healthcheck tests/integration/targets/keycloak_clie…:8
MED DKC015 Database service has no healthcheck tests/integration/targets/keycloak_clie…:8
MED WEB003 Public web service has no security.txt .well-known/security.txt
MED AIC004 Suspicious implementation file appears unreferenced plugins/modules/scaleway_database_backu…:1
MED AGT012 Agent control bridge may listen on a network interface without visible auth plugins/modules/nmcli.py:152
MED DKC007 Compose service contains a literal secret environment value tests/integration/targets/keycloak_clie…:16
MED DKC007 Compose service contains a literal secret environment value tests/integration/targets/keycloak_clie…:8
MED DKC007 Compose service contains a literal secret environment value tests/integration/targets/keycloak_clie…:16
MED DKC007 Compose service contains a literal secret environment value tests/integration/targets/keycloak_clie…:8
MED DKC007 Compose service contains a literal secret environment value tests/integration/targets/keycloak_clie…:8
MED DKC007 Compose service contains a literal secret environment value tests/integration/targets/jenkins_crede…:7
LOW SEC124 [SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/ex… plugins/modules/lvm_pv.py:101
LOW SEC124 [SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/ex… plugins/modules/gunicorn.py:120
LOW SEC124 [SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/ex… plugins/module_utils/_stormssh.py:113
LOW COMP001 [COMP001] High cognitive complexity: Function `build_become_command` has cognitive comple… plugins/become/sudosu.py:88
LOW AIC003 Duplicated implementation block across source files plugins/modules/django_loaddata.py:43
LOW AIC003 Duplicated implementation block across source files plugins/modules/django_loaddata.py:40
LOW AIC003 Duplicated implementation block across source files plugins/modules/django_loaddata.py:36
LOW AIC003 Duplicated implementation block across source files plugins/modules/django_createcachetable…:27
LOW AIC003 Duplicated implementation block across source files plugins/modules/datadog_monitor.py:228
LOW AIC003 Duplicated implementation block across source files plugins/modules/datadog_monitor.py:10
LOW AIC003 Duplicated implementation block across source files plugins/modules/consul_token.py:11
LOW AIC003 Duplicated implementation block across source files plugins/modules/consul_binding_rule.py:11
LOW AIC003 Duplicated implementation block across source files plugins/modules/consul_binding_rule.py:9
LOW AIC003 Duplicated implementation block across source files plugins/modules/consul_auth_method.py:11
LOW AIC003 Duplicated implementation block across source files plugins/modules/cobbler_system.py:14
LOW AIC003 Duplicated implementation block across source files plugins/modules/btrfs_subvolume.py:153
LOW AIC003 Duplicated implementation block across source files plugins/modules/bitbucket_pipeline_vari…:18
LOW AIC003 Duplicated implementation block across source files plugins/modules/bitbucket_pipeline_vari…:7
LOW AIC003 Duplicated implementation block across source files plugins/modules/bitbucket_pipeline_know…:15
LOW AIC003 Duplicated implementation block across source files plugins/modules/bitbucket_pipeline_key_…:7
LOW AIC003 Duplicated implementation block across source files plugins/module_utils/_scaleway.py:135
LOW AIC003 Duplicated implementation block across source files plugins/lookup/onepassword_ssh_key.py:72
LOW AIC003 Duplicated implementation block across source files plugins/lookup/onepassword_ssh_key.py:69
LOW AIC003 Duplicated implementation block across source files plugins/lookup/onepassword_raw.py:46
LOW AIC003 Duplicated implementation block across source files plugins/lookup/onepassword_doc.py:48
LOW AIC003 Duplicated implementation block across source files plugins/lookup/onepassword_raw.py:53
LOW AIC003 Duplicated implementation block across source files plugins/filter/remove_keys.py:21
LOW AIC003 Duplicated implementation block across source files plugins/connection/zone.py:137
LOW AIC003 Duplicated implementation block across source files plugins/connection/zone.py:110
LOW AIC003 Duplicated implementation block across source files plugins/connection/lxd.py:45
LOW AIC003 Duplicated implementation block across source files plugins/connection/jail.py:91
LOW AIC003 Duplicated implementation block across source files plugins/cache/yaml.py:19
LOW AIC003 Duplicated implementation block across source files plugins/cache/redis.py:19
LOW AIC003 Duplicated implementation block across source files plugins/become/run0.py:77
LOW AIC005 Duplicate top-level symbol appears in a patch-style file plugins/modules/scaleway_database_backu…:1
LOW DKC010 Compose service lacks no-new-privileges hardening tests/integration/targets/keycloak_clie…:16
LOW DKC010 Compose service lacks no-new-privileges hardening tests/integration/targets/keycloak_clie…:16
LOW DKC010 Compose service lacks no-new-privileges hardening tests/integration/targets/keycloak_clie…:8
LOW DKC010 Compose service lacks no-new-privileges hardening tests/integration/targets/jenkins_crede…:7
LOW AIC002 Source file name looks like an AI patch artifact plugins/modules/scaleway_database_backu…:1
LOW DKC006 Compose service does not declare a runtime user tests/integration/targets/keycloak_clie…:16
LOW DKC006 Compose service does not declare a runtime user tests/integration/targets/keycloak_clie…:16
LOW DKC006 Compose service does not declare a runtime user tests/integration/targets/keycloak_clie…:8
LOW DKC006 Compose service does not declare a runtime user tests/integration/targets/jenkins_crede…:7
INFO MINED073 [MINED073] Redos Greedy Quantifier: Pattern with nested quantifiers like (a+)+ applied to… plugins/modules/swdepot.py:77
INFO MINED073 [MINED073] Redos Greedy Quantifier: Pattern with nested quantifiers like (a+)+ applied to… plugins/modules/pkgin.py:179
INFO MINED073 [MINED073] Redos Greedy Quantifier: Pattern with nested quantifiers like (a+)+ applied to… plugins/modules/pkg5.py:113
INFO MINED074 [MINED074] Ai Tell Fake Citation: Plausible-looking but non-existent URLs (e.g., docs.exa… plugins/modules/ipify_facts.py:49
INFO MINED063 [MINED063] Toctou Os Path Exists: if os.path.exists(p): open(p) — file can be replaced/de… plugins/modules/locale_gen.py:145
INFO MINED063 [MINED063] Toctou Os Path Exists: if os.path.exists(p): open(p) — file can be replaced/de… plugins/modules/cloud_init_data_facts.py:109
INFO MINED067 [MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang f… plugins/modules/circonus_annotation.py:180
INFO MINED067 [MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang f… plugins/module_utils/_gitlab.py:118
INFO MINED077 [MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles. plugins/module_utils/_univention_umc.py:91
INFO MINED077 [MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles. plugins/connection/lxc.py:175
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… plugins/lookup/etcd3.py:47
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… plugins/filter/json_query.py:22
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… plugins/callback/splunk.py:78
INFO MINED076 [MINED076] Catch And Reraise Noop: except X: raise X — adds no value, hides traceback if … plugins/lookup/etcd.py:152
INFO MINED076 [MINED076] Catch And Reraise Noop: except X: raise X — adds no value, hides traceback if … plugins/callback/logentries.py:164
INFO MINED053 [MINED053] Placeholder Default Username: [email protected] / [email protected] / admin/admin… plugins/modules/keyring_info.py:61
INFO MINED053 [MINED053] Placeholder Default Username: [email protected] / [email protected] / admin/admin… plugins/modules/etcd3.py:100
INFO MINED053 [MINED053] Placeholder Default Username: [email protected] / [email protected] / admin/admin… plugins/cache/redis.py:19
INFO MINED072 [MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in. plugins/lookup/bitwarden_secrets_manage…:81
INFO MINED072 [MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in. plugins/lookup/bitwarden.py:131
INFO MINED072 [MINED072] Python Pass Only Class: class Foo: pass — stub waiting to be filled in. plugins/action/shutdown.py:28
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… plugins/callback/cgroup_memory_recap.py:98
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… plugins/action/shutdown.py:29
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… plugins/action/iptables_state.py:171
INFO MINED055 [MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versi… .devcontainer/setup.sh:8
INFO MINED055 [MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versi… .azure-pipelines/scripts/report-coverag…:16
Reset to top 5 200 findings available (after auto-suppression of test files + won't-fix)

Issue body (markdown)

## Code-quality scan: `ansible-collections/community.general`

**Score: 58/100 (C+)**  ·  291 findings  ·  scanned 2026-05-31 01:24 UTC  ·  311,257 LOC

| Severity | Count |
|---|---|
| CRITICAL | 23 |
| HIGH | 69 |
| MEDIUM | 73 |
| LOW | 44 |

📊 [Full filterable report](https://repobility.com/scan/29433b5c-fbf4-4b2b-a41c-fe10525cb172/)  ·  ![scorecard](https://repobility.com/scan/29433b5c-fbf4-4b2b-a41c-fe10525cb172/report.png?v=1780190697-s2)

### Top findings

1. **HIGH** `SEC032` — Unrestricted File Upload — no extension/MIME validation
   `plugins/modules/kernel_blacklist.py:72` · CWE-434
2. **HIGH** `MINED004` — Weak Crypto
   `plugins/modules/jboss.py:141` · CWE-327 · ✓ Repobility
3. **HIGH** `MINED004` — Weak Crypto
   `plugins/modules/iso_extract.py:199` · CWE-327 · ✓ Repobility
4. **HIGH** `MINED004` — Weak Crypto
   `plugins/modules/bitbucket_pipeline_known_host.py:131` · CWE-327 · ✓ Repobility
5. **HIGH** `SEC078` — Python: requests without timeout
   `plugins/modules/circonus_annotation.py:180` · A05:2021 Security Misconfiguration

---

**Security note**: this issue is public. If any flagged finding is a real, exploitable vulnerability, please redirect to your `SECURITY.md` policy or open a [private security advisory](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability) instead. We're happy to close this and re-submit privately.

---

_Filed automatically. Close this issue if not useful — we won't refile. Full report: https://repobility.com/scan/29433b5c-fbf4-4b2b-a41c-fe10525cb172/_
Megaproject â high spam risk
Could not determine 'ansible-collections/community.general' star count (GitHub API rate-limited or unreachable). When in doubt about repo size, prefer opening a focused PR or a discussion rather than an issue.
Already filed
143/323 findings (44%) on this scan are already flagged as test-file, won't-fix, or suppressed. The scan is too noisy to file as a single issue. Curate down to specific actionable findings, or address the FP source first.
Open in GitHub to file this issue Filing guard overridden Cancel

The button opens GitHubâs new-issue page in a new tab. You will see the title + body pre-filled â review, edit if you want, then click GitHubâs "Submit new issue" button. Repobility never posts anything on your behalf.

For real security findings on big repos: use the project's SECURITY.md or private advisory flow instead of a public issue.