{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `search_images` has cognitive complexity 25 (SonarSource scale). Cognitive", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `search_images` has cognitive complexity 25 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 25."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_CI", "name": "No CI/CD configuration found", "shortDescription": {"text": "No CI/CD configuration found"}, "fullDescription": {"text": "Add a CI/CD pipeline: create .github/workflows/ci.yml for GitHub Actions with steps to lint, test, and build on every push and pull request."}, "properties": {"scanner": "repobility-core", "category": "practices", "severity": "medium", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "AUC005", "name": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or sup", "shortDescription": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "fullDescription": {"text": "Add regression tests for anonymous denial, cross-user object denial, admin role limits, and super_admin-only behavior."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "low", "confidence": 0.76, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO ", "shortDescription": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 addit", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self._wait_for_write_finish` used but never assigned in __init__: Method `on_created` of class `APIOptimizeI", "shortDescription": {"text": "[MINED108] `self._wait_for_write_finish` used but never assigned in __init__: Method `on_created` of class `APIOptimizeImageEventHandler` reads `self._wait_for_write_finish`, but no assignment to it exists in __init__ (and no class-level fa"}, "fullDescription": {"text": "Initialize `self._wait_for_write_finish = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC103", "name": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inje", "shortDescription": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "fullDescription": {"text": "Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders)."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. T", "shortDescription": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import stat` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1349"}, "properties": {"repository": "victordomingos/optimize-images", "repoUrl": "https://github.com/victordomingos/optimize-images", "branch": "master"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 137769, "scanner": "repobility-ast-engine", "fingerprint": "1f9b8a2291c8da5e88db3d61d6b71f40f24d704ceb8d3b3f24101356e112bcc1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1f9b8a2291c8da5e88db3d61d6b71f40f24d704ceb8d3b3f24101356e112bcc1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_cli.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 137768, "scanner": "repobility-ast-engine", "fingerprint": "aedf48cfe975ae9f6ee1f293993493a14dec00e198dc2085ddbdacc315e21220", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aedf48cfe975ae9f6ee1f293993493a14dec00e198dc2085ddbdacc315e21220"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_cli.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 137767, "scanner": "repobility-ast-engine", "fingerprint": "a729bb8f1eb7d0d8b8367aebff74f1ceaf6601612ff9008960f122214de5388b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a729bb8f1eb7d0d8b8367aebff74f1ceaf6601612ff9008960f122214de5388b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_watch.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 137766, "scanner": "repobility-ast-engine", "fingerprint": "14c0eee637091d7973633423d5e3efaa8fc18727c326dc0062a5b91ff007778c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|14c0eee637091d7973633423d5e3efaa8fc18727c326dc0062a5b91ff007778c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_watch.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 137763, "scanner": "repobility-ast-engine", "fingerprint": "0dd4ddb3b09cca04c27a5ac981bc2bf61565572fb1e895653aca2ee470383a5e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0dd4ddb3b09cca04c27a5ac981bc2bf61565572fb1e895653aca2ee470383a5e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_optimize_webp.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 137759, "scanner": "repobility-ast-engine", "fingerprint": "95397f8af470ba4d4abec11bda2c970d482bd244fb261ffe431253e2df0118e0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|95397f8af470ba4d4abec11bda2c970d482bd244fb261ffe431253e2df0118e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/constants.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 137758, "scanner": "repobility-ast-engine", "fingerprint": "a9bf739f7d26334e2b9f82a91ae670932afda73025060200526a221a7ae26077", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a9bf739f7d26334e2b9f82a91ae670932afda73025060200526a221a7ae26077"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_optimize_jpg.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 137756, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `search_images` has cognitive complexity 25 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=2, else=1, for=3, if=5, nested_bonus=14."}, "properties": {"repobilityId": 137743, "scanner": "repobility-threat-engine", "fingerprint": "5b88f1ba43c596602389762fdc56623e430defac313ad7944017c5d852697829", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 25 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "search_images", "breakdown": {"if": 5, "for": 3, "else": 1, "continue": 2, "nested_bonus": 14}, "complexity": 25, "correlation_key": "fp|5b88f1ba43c596602389762fdc56623e430defac313ad7944017c5d852697829"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/file_utils.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "CORE_NO_CI", "level": "warning", "message": {"text": "No CI/CD configuration found"}, "properties": {"repobilityId": 137739, "scanner": "repobility-core", "fingerprint": "ca5da3551af97272c4f099fc472740148135a15816b81b90bd862e8f91ec66ce", "category": "practices", "severity": "medium", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_CI", "scanner": "repobility-core", "correlation_key": "repo|practices|core_no_ci"}}}, {"ruleId": "AUC005", "level": "note", "message": {"text": "[AUC005] No authorization-focused tests detected: No test files with common authorization, ownership, 403, admin, or super_admin assertions were found."}, "properties": {"repobilityId": 137757, "scanner": "repobility-access-control", "fingerprint": "c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e", "category": "auth", "severity": "low", "confidence": 0.76, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django"], "correlation_key": "fp|c58bb88e6682225dc480b3036f30153044953a3d94f500396678a77324e8d30e"}}}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 137755, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8b9bf9a44c73026685820ad17bc26472d197ae6ce42a185f78cc4067a2fbcb73", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "optimize_images/api.py", "duplicate_line": 44, "correlation_key": "fp|8b9bf9a44c73026685820ad17bc26472d197ae6ce42a185f78cc4067a2fbcb73"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/data_structures.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 137754, "scanner": "repobility-ai-code-hygiene", "fingerprint": "512e1790f5051d8fc5f2bccd31ec12e3620f45b704a356cde16124568482ea82", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "optimize_images/__main__.py", "duplicate_line": 66, "correlation_key": "fp|512e1790f5051d8fc5f2bccd31ec12e3620f45b704a356cde16124568482ea82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/api.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `do_reduce_colors` has cognitive complexity 14 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=3, else=2, for=2, if=4, nested_bonus=3."}, "properties": {"repobilityId": 137744, "scanner": "repobility-threat-engine", "fingerprint": "7978a43fe332ac8ae3097eb717d14e8849ea819688bb5b21ddaba9c878d74a75", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 14 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "do_reduce_colors", "breakdown": {"if": 4, "for": 2, "elif": 3, "else": 2, "nested_bonus": 3}, "complexity": 14, "correlation_key": "fp|7978a43fe332ac8ae3097eb717d14e8849ea819688bb5b21ddaba9c878d74a75"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_aux_processing.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 137751, "scanner": "repobility-threat-engine", "fingerprint": "112077cc49a591dbdd618719b8f522942ce1aeb48b3f71f6c1ab16486f1e81d4", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|112077cc49a591dbdd618719b8f522942ce1aeb48b3f71f6c1ab16486f1e81d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/reporting.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 137750, "scanner": "repobility-threat-engine", "fingerprint": "ca6e01459ea3e807fc981a8eeba2433b17c0fd256010020fb47e8028f587639e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ca6e01459ea3e807fc981a8eeba2433b17c0fd256010020fb47e8028f587639e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/platforms.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 137749, "scanner": "repobility-threat-engine", "fingerprint": "2cd220107759c389357ea1e0b2a749255d62455820f15b6cc9e05e77d2c17c58", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|2cd220107759c389357ea1e0b2a749255d62455820f15b6cc9e05e77d2c17c58"}}}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 137745, "scanner": "repobility-threat-engine", "fingerprint": "7195ad2ed9d17b05fb3343deb30e489e47b88806e32e44e36b1ae21ff4fb7c7d", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "optimize_batch", "breakdown": {"if": 9, "for": 1, "else": 3, "except": 2, "ternary": 3, "continue": 1, "nested_bonus": 11}, "aggregated": true, "complexity": 30, "correlation_key": "fp|7195ad2ed9d17b05fb3343deb30e489e47b88806e32e44e36b1ae21ff4fb7c7d", "aggregated_count": 6}}}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._wait_for_write_finish` used but never assigned in __init__: Method `on_created` of class `APIOptimizeImageEventHandler` reads `self._wait_for_write_finish`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 137764, "scanner": "repobility-ast-engine", "fingerprint": "af5f75671da1f223a1c6e210a3fbd26d31f8af82f3a2b93d62ce212b5010b175", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|af5f75671da1f223a1c6e210a3fbd26d31f8af82f3a2b93d62ce212b5010b175"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/api.py"}, "region": {"startLine": 320}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.line_width` used but never assigned in __init__: Method `on_created` of class `OptimizeImageEventHandler` reads `self.line_width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 137761, "scanner": "repobility-ast-engine", "fingerprint": "5795bf3ec5f429a965b4040522e2a273c5b64a8eff2ae885f9e79ba5f8e925f7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5795bf3ec5f429a965b4040522e2a273c5b64a8eff2ae885f9e79ba5f8e925f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/watch.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.wait_for_write_finish` used but never assigned in __init__: Method `on_created` of class `OptimizeImageEventHandler` reads `self.wait_for_write_finish`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 137760, "scanner": "repobility-ast-engine", "fingerprint": "3d4f2e7282cab0f75d15d867a2504c34714b3c0dbf7d9eb796d5a27d1a3e9beb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3d4f2e7282cab0f75d15d867a2504c34714b3c0dbf7d9eb796d5a27d1a3e9beb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/watch.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 137753, "scanner": "repobility-threat-engine", "fingerprint": "761844624e5522e4ceffde623799c8b1db2b67a7cb12a1cb7b6b6528c77d50d9", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search(r'^__version__\\s*=\\s*[\\'\"]([^\\'\"]+)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|setup.py|44|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 137752, "scanner": "repobility-threat-engine", "fingerprint": "0b97aff6b361391c53c8ca32353b8fe27257c0e552d6a4570401f71f2cb4d527", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0b97aff6b361391c53c8ca32353b8fe27257c0e552d6a4570401f71f2cb4d527"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/reporting.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 137748, "scanner": "repobility-threat-engine", "fingerprint": "9d6aa1cb9dad5e414118338a3966d740ec2d715e572adcfe714a3fe9fb94c4c6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "img.save(tmp_buffer, **save_kwargs)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9d6aa1cb9dad5e414118338a3966d740ec2d715e572adcfe714a3fe9fb94c4c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_optimize_jpg.py"}, "region": {"startLine": 73}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 137747, "scanner": "repobility-threat-engine", "fingerprint": "82f6b0a368ac9dc8170b8f78b42a0f2dd93635ff0ba4ee122fd1587d9fafdcef", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "img.save(tempfile, quality=80, format=\"JPEG\")", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|82f6b0a368ac9dc8170b8f78b42a0f2dd93635ff0ba4ee122fd1587d9fafdcef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_info.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 137746, "scanner": "repobility-threat-engine", "fingerprint": "72f589a9bab9aa2be30e1e39651a08616617ace2614879aa510645600381dfdf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "photo.save(diff_photo, format=\"JPEG\", quality=quality, progressive=True)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|72f589a9bab9aa2be30e1e39651a08616617ace2614879aa510645600381dfdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_dynamic_quality.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "COMP001", "level": "error", "message": {"text": "[COMP001] High cognitive complexity: Function `optimize_batch` has cognitive complexity 30 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, else=3, except=2, for=1, if=9, nested_bonus=11, ternary=3."}, "properties": {"repobilityId": 137742, "scanner": "repobility-threat-engine", "fingerprint": "584aed379ac2afe7bfb499feae342e228e3fae0cee461de5cf5ebcf5e9bf74e5", "category": "quality", "severity": "high", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 30 (severity threshold for high: 25+).", "evidence": {"scanner": "repobility-threat-engine", "function": "optimize_batch", "breakdown": {"if": 9, "for": 1, "else": 3, "except": 2, "ternary": 3, "continue": 1, "nested_bonus": 11}, "complexity": 30, "correlation_key": "fp|584aed379ac2afe7bfb499feae342e228e3fae0cee461de5cf5ebcf5e9bf74e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/__main__.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 137741, "scanner": "repobility-threat-engine", "fingerprint": "af88a6173f8be8de4e58b64082da29ec91c3b8d4ff89e0b9697c91483d274f3e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|af88a6173f8be8de4e58b64082da29ec91c3b8d4ff89e0b9697c91483d274f3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/watch.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 137740, "scanner": "repobility-threat-engine", "fingerprint": "34d4d591f6ee3d8a61d45b092aecf843c8a0f6233e490f4ddaf8bcda1871525d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|34d4d591f6ee3d8a61d45b092aecf843c8a0f6233e490f4ddaf8bcda1871525d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/__main__.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 137765, "scanner": "repobility-ast-engine", "fingerprint": "211f6af4acdd8d81e177692c85d668e54ad15eb3543effebe33e6a2daaf60df8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|211f6af4acdd8d81e177692c85d668e54ad15eb3543effebe33e6a2daaf60df8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_dynamic_quality.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `tempfile` used but not imported: The file uses `tempfile.something(...)` but never imports `tempfile`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 137762, "scanner": "repobility-ast-engine", "fingerprint": "267ac63511fdf50fbcd2f8f7be05fecd13664d663f4bb9f4e7b2ea2991dc07ac", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|267ac63511fdf50fbcd2f8f7be05fecd13664d663f4bb9f4e7b2ea2991dc07ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "optimize_images/img_info.py"}, "region": {"startLine": 50}}}]}]}]}