← Back to scan
File as GitHub Issue repo: marin-community/marin

Push this scan report to marin-community/marin

Click the green button below to open GitHub’s new-issue form, pre-filled with the report title, summary table, top findings, and an embedded score-card image. No authentication needed — you review on GitHub before submitting. Repobility is credited as the scanner.

Embedded score card image

This image will render at the top of the issue body. Hosted on Repobility, refreshes automatically after re-scans.

Repobility score card

Issue title

`self._write_json` used but never assigned in __init__

Curate findings to include

Pick exactly which findings appear in the issue body. By default the top 5 are included. Uncheck noise, check what matters.

Top 5 (default)
Severity Rule Title File:line
HIGH MINED108 [MINED108] `self._stub_server` used but never assigned in __init__: Method `_handle_compl… tests/evals/openai_stub.py:101
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `_handle_comple… tests/evals/openai_stub.py:75
HIGH MINED108 [MINED108] `self.path` used but never assigned in __init__: Method `_handle_completions` … tests/evals/openai_stub.py:71
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `_handle_comple… tests/evals/openai_stub.py:86
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `_handle_comple… tests/evals/openai_stub.py:83
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `_handle_comple… tests/evals/openai_stub.py:78
HIGH MINED108 [MINED108] `self._stub_server` used but never assigned in __init__: Method `_handle_compl… tests/evals/openai_stub.py:77
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `_handle_comple… tests/evals/openai_stub.py:96
HIGH MINED108 [MINED108] `self.server` used but never assigned in __init__: Method `_stub_server` of cl… tests/evals/openai_stub.py:68
HIGH MINED108 [MINED108] `self._handle_chat_completions` used but never assigned in __init__: Method `d… tests/evals/openai_stub.py:62
HIGH MINED108 [MINED108] `self._handle_completions` used but never assigned in __init__: Method `do_POS… tests/evals/openai_stub.py:59
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `do_POST` of cl… tests/evals/openai_stub.py:64
HIGH MINED108 [MINED108] `self.path` used but never assigned in __init__: Method `do_POST` of class `_D… tests/evals/openai_stub.py:61
HIGH MINED108 [MINED108] `self.path` used but never assigned in __init__: Method `do_POST` of class `_D… tests/evals/openai_stub.py:58
HIGH MINED108 [MINED108] `self._read_json` used but never assigned in __init__: Method `do_POST` of cla… tests/evals/openai_stub.py:57
HIGH MINED108 [MINED108] `self._stub_server` used but never assigned in __init__: Method `do_GET` of cl… tests/evals/openai_stub.py:54
HIGH MINED108 [MINED108] `self._stub_server` used but never assigned in __init__: Method `do_GET` of cl… tests/evals/openai_stub.py:53
HIGH MINED108 [MINED108] `self.path` used but never assigned in __init__: Method `do_GET` of class `_De… tests/evals/openai_stub.py:53
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `do_GET` of cla… tests/evals/openai_stub.py:51
HIGH MINED108 [MINED108] `self._write_json` used but never assigned in __init__: Method `do_GET` of cla… tests/evals/openai_stub.py:54
HIGH MINED108 [MINED108] `self.path` used but never assigned in __init__: Method `do_GET` of class `_De… tests/evals/openai_stub.py:50
HIGH SEC103 [SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDA… scripts/training/get_files_on_gcs.py:61
HIGH DKR006 Dockerfile pipes a remote script into a shell lib/iris/Dockerfile:177
HIGH DKR006 Dockerfile pipes a remote script into a shell lib/iris/Dockerfile:161
HIGH DKR006 Dockerfile pipes a remote script into a shell docker/marin/Dockerfile.tpu-ci:35
HIGH DKR006 Dockerfile pipes a remote script into a shell docker/marin/Dockerfile.tpu-ci:15
HIGH MINED118 [MINED118] Dockerfile FROM `ghcr.io/marin-community/iris-task:latest` not pinned by diges… experiments/swe_rebench_trace/Dockerfile:31
HIGH MINED115 [MINED115] Action `google-github-actions/setup-gcloud` pinned to mutable ref `@v2`: `uses… .github/workflows/marin-canary-datakit-…:49
HIGH MINED115 [MINED115] Action `google-github-actions/auth` pinned to mutable ref `@v2`: `uses: google… .github/workflows/marin-canary-datakit-…:44
HIGH MINED115 [MINED115] Action `astral-sh/setup-uv` pinned to mutable ref `@v7`: `uses: astral-sh/setu… .github/workflows/marin-canary-datakit-…:36
HIGH MINED115 [MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setu… .github/workflows/marin-canary-datakit-…:31
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout… .github/workflows/marin-canary-datakit-…:28
HIGH MINED115 [MINED115] Action `astral-sh/setup-uv` pinned to mutable ref `@v5`: `uses: astral-sh/setu… .github/workflows/ops-claude.yaml:204
HIGH MINED115 [MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setu… .github/workflows/ops-claude.yaml:199
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout… .github/workflows/ops-claude.yaml:193
HIGH MINED115 [MINED115] Action `astral-sh/setup-uv` pinned to mutable ref `@v5`: `uses: astral-sh/setu… .github/workflows/ops-claude.yaml:105
HIGH MINED115 [MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setu… .github/workflows/ops-claude.yaml:100
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout… .github/workflows/ops-claude.yaml:95
HIGH MINED115 [MINED115] Action `astral-sh/setup-uv` pinned to mutable ref `@v5`: `uses: astral-sh/setu… .github/workflows/ops-claude.yaml:57
HIGH MINED115 [MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setu… .github/workflows/ops-claude.yaml:52
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout… .github/workflows/ops-claude.yaml:47
HIGH MINED115 [MINED115] Action `astral-sh/setup-uv` pinned to mutable ref `@v6`: `uses: astral-sh/setu… .github/workflows/zephyr-unit.yaml:53
HIGH MINED115 [MINED115] Action `actions/setup-node` pinned to mutable ref `@v4`: `uses: actions/setup-… .github/workflows/zephyr-unit.yaml:48
HIGH MINED115 [MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setu… .github/workflows/zephyr-unit.yaml:43
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout… .github/workflows/zephyr-unit.yaml:40
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout… .github/workflows/zephyr-unit.yaml:21
HIGH MINED115 [MINED115] Action `github/codeql-action/analyze` pinned to mutable ref `@v4`: `uses: gith… .github/workflows/ops-codeql.yaml:67
HIGH MINED115 [MINED115] Action `github/codeql-action/init` pinned to mutable ref `@v4`: `uses: github/… .github/workflows/ops-codeql.yaml:39
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout… .github/workflows/ops-codeql.yaml:37
HIGH MINED115 [MINED115] Action `actions/setup-node` pinned to mutable ref `@v4`: `uses: actions/setup-… .github/workflows/marin-lint.yaml:28
HIGH MINED115 [MINED115] Action `astral-sh/setup-uv` pinned to mutable ref `@v6`: `uses: astral-sh/setu… .github/workflows/marin-lint.yaml:21
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout… .github/workflows/marin-lint.yaml:18
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.11-slim` not pinned by digest: `FROM python:3.11-sli… infra/probes/deploy/Dockerfile:9
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.11-slim` not pinned by digest: `FROM python:3.11-sli… infra/iris-iap-proxy/Dockerfile:3
HIGH MINED118 [MINED118] Dockerfile FROM `node:20-slim` not pinned by digest: `FROM node:20-slim` resol… infra/status-page/Dockerfile:21
HIGH MINED118 [MINED118] Dockerfile FROM `node:20-slim` not pinned by digest: `FROM node:20-slim` resol… infra/status-page/Dockerfile:5
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.11` not pinned by digest: `FROM python:3.11` resolve… lib/levanter/docker/tpu/Dockerfile.base:19
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.11` not pinned by digest: `FROM python:3.11` resolve… lib/levanter/docker/tpu/Dockerfile.base:1
HIGH MINED118 [MINED118] Dockerfile FROM `debian:bookworm-slim` not pinned by digest: `FROM debian:book… lib/finelog/deploy/Dockerfile:64
HIGH MINED118 [MINED118] Dockerfile FROM `rust:1-bookworm` not pinned by digest: `FROM rust:1-bookworm`… lib/finelog/deploy/Dockerfile:34
HIGH MINED118 [MINED118] Dockerfile FROM `node:22-slim` not pinned by digest: `FROM node:22-slim` resol… lib/finelog/deploy/Dockerfile:17
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-sli… lib/iris/Dockerfile:156
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-sli… lib/iris/Dockerfile:29
HIGH MINED118 [MINED118] Dockerfile FROM `node:22-slim` not pinned by digest: `FROM node:22-slim` resol… lib/iris/Dockerfile:15
HIGH MINED118 [MINED118] Dockerfile FROM `rayproject/ray:2.53.0-py311-cpu` not pinned by digest: `FROM … docker/marin/Dockerfile.vllm:18
HIGH MINED118 [MINED118] Dockerfile FROM `rust:1.91-slim` not pinned by digest: `FROM rust:1.91-slim` r… docker/marin/Dockerfile.vllm:14
HIGH MINED118 [MINED118] Dockerfile FROM `ubuntu:22.04` not pinned by digest: `FROM ubuntu:22.04` resol… docker/marin/Dockerfile.vllm:2
HIGH MINED118 [MINED118] Dockerfile FROM `ubuntu:22.04` not pinned by digest: `FROM ubuntu:22.04` resol… docker/marin/Dockerfile.tpu-ci:3
HIGH MINED112 [MINED112] FastAPI POST /v1/tokens has no auth: Handler `fetch_tokens` is registered with… lib/levanter/src/levanter/inference/ope…:768
HIGH MINED112 [MINED112] FastAPI POST /v1/completions has no auth: Handler `create_completion` is regis… lib/levanter/src/levanter/inference/ope…:764
HIGH MINED112 [MINED112] FastAPI POST /v1/chat/completions has no auth: Handler `create_chat_completion… lib/levanter/src/levanter/inference/ope…:760
HIGH MINED112 [MINED112] FastAPI POST /api/sync has no auth: Handler `trigger_sync` is registered with … scripts/ops/storage/dashboard/server.py:1368
HIGH MINED112 [MINED112] FastAPI POST /api/delete-patterns/estimate has no auth: Handler `estimate_dele… scripts/ops/storage/dashboard/server.py:1031
HIGH MINED112 [MINED112] FastAPI DELETE /api/delete-rules/{rule_id} has no auth: Handler `remove_delete… scripts/ops/storage/dashboard/server.py:1020
HIGH MINED112 [MINED112] FastAPI POST /api/delete-rules has no auth: Handler `create_delete_rule` is re… scripts/ops/storage/dashboard/server.py:1000
HIGH MINED112 [MINED112] FastAPI DELETE /api/rules/{rule_id} has no auth: Handler `remove_protect_rule`… scripts/ops/storage/dashboard/server.py:780
HIGH MINED112 [MINED112] FastAPI POST /api/rules has no auth: Handler `create_protect_rule` is register… scripts/ops/storage/dashboard/server.py:758
HIGH MINED112 [MINED112] FastAPI POST /api/login has no auth: Handler `login` is registered with router… scripts/ops/storage/dashboard/server.py:300
MED MINED109 [MINED109] Mutable default argument in `run_with_timeout_signal` (dict): `def run_with_ti… lib/marin/src/marin/rl/environments/tin…:568
MED MINED109 [MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set()… lib/marin/src/marin/rl/environments/pri…:30
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… tests/processing/classification/dedupli…:111
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… tests/processing/classification/dedupli…:53
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/github_wandb_metrics.py:66
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/github_wandb_metrics.py:15
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:435
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:1241
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:428
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:696
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:662
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:584
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:537
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:457
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:393
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:971
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:957
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:949
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… infra/pre-commit.py:935
MED SEC045 [SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even … rust/finelog/src/query/udf.rs:139
MED SEC136 [SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all excepti… infra/codehealth/log_stats.py:101
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… infra/codehealth/log_stats.py:201
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… experiments/swe_rebench_trace/tracer.py:209
MED COMP001 [COMP001] High cognitive complexity: Function `_run` has cognitive complexity 21 (SonarSo… experiments/datakit/cluster/domain/v0/o…:172
MED DKR003 Dockerfile base image uses the latest tag experiments/swe_rebench_trace/Dockerfile:31
MED AUC001 [AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks…
MED MINED124 [MINED124] requirements.txt: `haliax` has no version pin: Unpinned pip requirement means … lib/levanter/docs/requirements.txt:10
MED MINED124 [MINED124] requirements.txt: `mkdocs-macros-plugin` has no version pin: Unpinned pip requ… lib/levanter/docs/requirements.txt:9
MED MINED124 [MINED124] requirements.txt: `mkdocs-literate-nav` has no version pin: Unpinned pip requi… lib/levanter/docs/requirements.txt:8
MED MINED124 [MINED124] requirements.txt: `mkdocs-include-markdown-plugin` has no version pin: Unpinne… lib/levanter/docs/requirements.txt:7
MED MINED124 [MINED124] requirements.txt: `mkdocs-autorefs` has no version pin: Unpinned pip requireme… lib/levanter/docs/requirements.txt:6
MED MINED124 [MINED124] requirements.txt: `mkdocs-material-extensions` has no version pin: Unpinned pi… lib/levanter/docs/requirements.txt:5
MED MINED124 [MINED124] requirements.txt: `mkdocs-material` has no version pin: Unpinned pip requireme… lib/levanter/docs/requirements.txt:4
MED MINED124 [MINED124] requirements.txt: `mkdocstrings-python` has no version pin: Unpinned pip requi… lib/levanter/docs/requirements.txt:3
MED MINED124 [MINED124] requirements.txt: `mkdocstrings` has no version pin: Unpinned pip requirement … lib/levanter/docs/requirements.txt:2
MED MINED124 [MINED124] requirements.txt: `mkdocs` has no version pin: Unpinned pip requirement means … lib/levanter/docs/requirements.txt:1
MED DKR018 Database dump or local database file is included in Docker build context .dockerignore
MED JRN002 Browser storage is used for session token material scripts/ops/storage/dashboard/app.js:1449
MED JRN002 Browser storage is used for session token material scripts/ops/storage/dashboard/app.js:1389
MED JRN002 Browser storage is used for session token material scripts/ops/storage/dashboard/app.js:6
MED JRN002 Browser storage is used for session token material scripts/ops/storage/dashboard/api.js:2
MED DKR001 Docker final stage has no non-root USER lib/levanter/docker/tpu/Dockerfile.incr…:4
MED DKR001 Docker final stage has no non-root USER lib/levanter/docker/tpu/Dockerfile.base:20
MED DKR001 Docker final stage has no non-root USER lib/iris/Dockerfile:156
MED DKR001 Docker final stage has no non-root USER infra/status-page/Dockerfile:21
MED DKR001 Docker final stage has no non-root USER infra/iris-iap-proxy/Dockerfile:4
MED DKR001 Docker final stage has no non-root USER experiments/swe_rebench_trace/Dockerfile:31
MED DKR001 Docker final stage has no non-root USER docker/marin/Dockerfile.vllm:18
MED AGT007 localStorage write failures are swallowed silently lib/finelog/dashboard/src/components/la…:14
MED WEB003 Public web service has no security.txt .well-known/security.txt
MED DKR014 Dockerfile copies broad context with incomplete .dockerignore infra/iris-iap-proxy/Dockerfile:11
MED AGT016 Codex session log reader may expose prompts or tool-call content infra/pre-commit.py:624
MED AGT012 Agent control bridge may listen on a network interface without visible auth lib/fray/src/fray/iris_backend.py:104
LOW SEC132 [SEC132] String concat where the language has interpolation (AI style drift): String buil… scripts/ops/storage/dashboard/api.js:39
LOW COMP001 [COMP001] High cognitive complexity: Function `_inject_special_tokens` has cognitive comp… experiments/create_marin_tokenizer.py:25
LOW COMP001 [COMP001] High cognitive complexity: Function `plot_trajectories` has cognitive complexit… docs/design/plot_plateau_detection.py:103
LOW AIC003 Duplicated implementation block across source files experiments/scaling_law_sweeps/complete…:146
LOW AIC003 Duplicated implementation block across source files experiments/scaling_law_sweeps/complete…:143
LOW AIC003 Duplicated implementation block across source files experiments/scaling_law_sweeps/c_adamc.…:76
LOW AIC003 Duplicated implementation block across source files experiments/rollout_data/synthetic1.py:15
LOW AIC003 Duplicated implementation block across source files experiments/rollout_data/principia.py:15
LOW AIC003 Duplicated implementation block across source files experiments/rollout_data/gpt_oss_rollou…:15
LOW AIC003 Duplicated implementation block across source files experiments/llama.py:15
LOW AIC003 Duplicated implementation block across source files experiments/grug/moe/train.py:53
LOW AIC003 Duplicated implementation block across source files experiments/grug/moe/train.py:52
LOW AIC003 Duplicated implementation block across source files experiments/grug/moe/model.py:145
LOW AIC003 Duplicated implementation block across source files experiments/grug/moe/launch.py:73
LOW AIC003 Duplicated implementation block across source files experiments/grug/moe/launch.py:31
LOW AIC003 Duplicated implementation block across source files experiments/grug/modular_opt/train.py:46
LOW AIC003 Duplicated implementation block across source files experiments/grug/modular_opt/model.py:12
LOW AIC003 Duplicated implementation block across source files experiments/grug/modular_opt/launch.py:123
LOW AIC003 Duplicated implementation block across source files experiments/grug/base/launch.py:190
LOW AIC003 Duplicated implementation block across source files experiments/ferries/datakit_tier2_skewe…:20
LOW AIC003 Duplicated implementation block across source files experiments/ferries/datakit_nemotron_fe…:14
LOW AIC003 Duplicated implementation block across source files experiments/exp_model_perplexity_gap_pr…:28
LOW AIC003 Duplicated implementation block across source files experiments/exp_model_perplexity_gap_pr…:18
LOW AIC003 Duplicated implementation block across source files experiments/exp_model_perplexity_gap_co…:18
LOW AIC003 Duplicated implementation block across source files experiments/exp2166_scaling_ladder_anal…:68
LOW AIC003 Duplicated implementation block across source files experiments/evals/prompt_format_sensiti…:2
LOW AIC003 Duplicated implementation block across source files experiments/datakit/dedup/ops/fetch_clu…:84
LOW AIC003 Duplicated implementation block across source files experiments/datakit/decontam/ops/recall…:56
LOW AIC003 Duplicated implementation block across source files experiments/datakit/cluster/quality/v0/…:49
LOW AIC003 Duplicated implementation block across source files experiments/datakit/cluster/quality/v0/…:107
LOW AIC003 Duplicated implementation block across source files experiments/datakit/cluster/quality/v0/…:104
LOW AIC003 Duplicated implementation block across source files experiments/datakit/cluster/quality/dol…:77
LOW AIC003 Duplicated implementation block across source files experiments/datakit/cluster/domain/v0/o…:105
LOW DKR010 Dockerfile leaves apt package indexes in the image layer lib/levanter/docker/tpu/Dockerfile.clus…:8
LOW DKR010 Dockerfile leaves apt package indexes in the image layer lib/levanter/docker/tpu/Dockerfile.base:2
LOW DKR010 Dockerfile leaves apt package indexes in the image layer docker/marin/Dockerfile.vllm:52
LOW DKR011 Dockerfile installs recommended OS packages lib/levanter/docker/tpu/Dockerfile.clus…:17
LOW DKR011 Dockerfile installs recommended OS packages lib/levanter/docker/tpu/Dockerfile.clus…:8
LOW DKR012 Dockerfile keeps pip download cache lib/levanter/docker/tpu/Dockerfile.base:23
LOW DKR012 Dockerfile keeps pip download cache lib/levanter/docker/tpu/Dockerfile.base:6
LOW DKR012 Dockerfile keeps pip download cache lib/levanter/docker/tpu/Dockerfile.base:3
LOW DKR011 Dockerfile installs recommended OS packages lib/levanter/docker/tpu/Dockerfile.base:2
LOW DKR012 Dockerfile keeps pip download cache lib/iris/Dockerfile:93
LOW DKR012 Dockerfile keeps pip download cache docker/marin/Dockerfile.vllm:93
LOW DKR011 Dockerfile installs recommended OS packages docker/marin/Dockerfile.vllm:52
LOW DKR011 Dockerfile installs recommended OS packages docker/marin/Dockerfile.vllm:3
LOW DKR008 .dockerignore misses sensitive defaults .dockerignore
INFO MINED067 [MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang f… scripts/pm/gh_issues_from_markdown.py:143
INFO MINED064 [MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services. scripts/pm/gh_issues_from_markdown.py:208
INFO MINED059 [MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message. rust/finelog/src/query/udf.rs:69
INFO MINED059 [MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message. rust/finelog/src/main.rs:129
INFO MINED059 [MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message. rust/finelog/build.rs:11
INFO MINED068 [MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled i… rust/dupekit/src/minhash_ops.rs:146
INFO MINED044 [MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger … infra/status-page/server/main.ts:71
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… infra/probes/deploy/deploy.py:151
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… infra/iris-iap-proxy/discovery.py:70
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… experiments/swe_rebench_trace/proxy.py:305
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… experiments/swe_rebench_trace/proxy.py:136
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… experiments/posttrain/preference_datase…:110
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… experiments/plantcad/exp1729_plantcad_t…:23
INFO MINED063 [MINED063] Toctou Os Path Exists: if os.path.exists(p): open(p) — file can be replaced/de… experiments/datakit/decontam/ops/recall…:86
INFO MINED063 [MINED063] Toctou Os Path Exists: if os.path.exists(p): open(p) — file can be replaced/de… experiments/datakit/cluster/quality/v0/…:159
INFO MINED063 [MINED063] Toctou Os Path Exists: if os.path.exists(p): open(p) — file can be replaced/de… experiments/create_marin_tokenizer.py:55
INFO MINED049 [MINED049] Print Pii: Logging password/token/email/ssn directly to stdout. experiments/exp2166_scaling_ladder_anal…:141
INFO MINED049 [MINED049] Print Pii: Logging password/token/email/ssn directly to stdout. experiments/exp1337_delphi_suite.py:127
INFO MINED049 [MINED049] Print Pii: Logging password/token/email/ssn directly to stdout. experiments/create_marin_tokenizer.py:164
INFO MINED062 [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model. experiments/datakit/testbed/train.py:96
INFO MINED062 [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model. experiments/datakit/testbed/mixture.py:18
INFO MINED062 [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model. experiments/bio_chem_notation.py:43
Reset to top 5 200 findings available (after auto-suppression of test files + won't-fix)

Issue body (markdown)

## Code-quality scan: `marin-community/marin`

**Score: 72/100 (A-)**  ·  312 findings  ·  scanned 2026-06-05 20:17 UTC  ·  467,770 LOC

| Severity | Count |
|---|---|
| CRITICAL | 36 |
| HIGH | 103 |
| MEDIUM | 53 |
| LOW | 47 |

📊 [Full filterable report](https://repobility.com/scan/3265d277-6008-4ed1-b5b4-1344b358efda/)  ·  ![scorecard](https://repobility.com/scan/3265d277-6008-4ed1-b5b4-1344b358efda/report.png?v=1780690656-s2)

### Top findings

1. **HIGH** `MINED108` — `self._stub_server` used but never assigned in __init__
   `tests/evals/openai_stub.py:101` · ✓ Repobility
2. **HIGH** `MINED108` — `self._write_json` used but never assigned in __init__
   `tests/evals/openai_stub.py:75` · ✓ Repobility
3. **HIGH** `MINED108` — `self.path` used but never assigned in __init__
   `tests/evals/openai_stub.py:71` · ✓ Repobility
4. **HIGH** `MINED108` — `self._write_json` used but never assigned in __init__
   `tests/evals/openai_stub.py:86` · ✓ Repobility
5. **HIGH** `MINED108` — `self._write_json` used but never assigned in __init__
   `tests/evals/openai_stub.py:83` · ✓ Repobility

---

_Filed automatically. Close this issue if not useful — we won't refile. Full report: https://repobility.com/scan/3265d277-6008-4ed1-b5b4-1344b358efda/_
Megaproject â high spam risk
Could not determine 'marin-community/marin' star count (GitHub API rate-limited or unreachable). When in doubt about repo size, prefer opening a focused PR or a discussion rather than an issue.
Already filed
138/325 findings (42%) on this scan are already flagged as test-file, won't-fix, or suppressed. The scan is too noisy to file as a single issue. Curate down to specific actionable findings, or address the FP source first.
Open in GitHub to file this issue Filing guard overridden Cancel

The button opens GitHubâs new-issue page in a new tab. You will see the title + body pre-filled â review, edit if you want, then click GitHubâs "Submit new issue" button. Repobility never posts anything on your behalf.

For real security findings on big repos: use the project's SECURITY.md or private advisory flow instead of a public issue.