{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "GHSA-gc5v-m9x4-r6x2", "name": "requests: GHSA-gc5v-m9x4-r6x2", "shortDescription": {"text": "requests: GHSA-gc5v-m9x4-r6x2"}, "fullDescription": {"text": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-9wx4-h78v-vm56", "name": "requests: GHSA-9wx4-h78v-vm56", "shortDescription": {"text": "requests: GHSA-9wx4-h78v-vm56"}, "fullDescription": {"text": "Requests `Session` object does not verify requests after making first request with verify=False"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-9hjg-9r4m-mvj7", "name": "requests: GHSA-9hjg-9r4m-mvj7", "shortDescription": {"text": "requests: GHSA-9hjg-9r4m-mvj7"}, "fullDescription": {"text": "Requests vulnerable to .netrc credentials leak via malicious URLs"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `w_getopt` has cognitive complexity 15 (SonarSource scale). Cognitive comp", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `w_getopt` has cognitive complexity 15 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 15."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "MINED124", "name": "requirements.txt: `zope.interface` has no version pin", "shortDescription": {"text": "requirements.txt: `zope.interface` has no version pin"}, "fullDescription": {"text": "Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "Mutable default argument in `__init__` (list)", "shortDescription": {"text": "Mutable default argument in `__init__` (list)"}, "fullDescription": {"text": "`def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.", "shortDescription": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2023-74", "name": "requests: PYSEC-2023-74", "shortDescription": {"text": "requests: PYSEC-2023-74"}, "fullDescription": {"text": "Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorization` header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the `Proxy-Authorization` header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue has been patched in version 2.31.0.\n\n"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2018-28", "name": "requests: PYSEC-2018-28", "shortDescription": {"text": "requests: PYSEC-2018-28"}, "fullDescription": {"text": "The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED021", "name": "[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain \"../\" \u2014 directory escape.", "shortDescription": {"text": "[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain \"../\" \u2014 directory escape."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-22 / A01:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/download-artifact` pinned to mutable ref `@v8`", "shortDescription": {"text": "Action `actions/download-artifact` pinned to mutable ref `@v8`"}, "fullDescription": {"text": "`uses: actions/download-artifact@v8` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_relative_imports_3", "shortDescription": {"text": "Phantom test coverage: test_relative_imports_3"}, "fullDescription": {"text": "Test function `test_relative_imports_3` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.build_interpreters` used but never assigned in __init__", "shortDescription": {"text": "`self.build_interpreters` used but never assigned in __init__"}, "fullDescription": {"text": "Method `run` of class `BuildInterpreters` reads `self.build_interpreters`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf.", "shortDescription": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1238"}, "properties": {"repository": "py2exe/py2exe", "repoUrl": "https://github.com/py2exe/py2exe", "branch": "master"}, "results": [{"ruleId": "GHSA-gc5v-m9x4-r6x2", "level": "warning", "message": {"text": "requests: GHSA-gc5v-m9x4-r6x2"}, "properties": {"repobilityId": 124605, "scanner": "osv-scanner", "fingerprint": "739560fe588448c11f4ff4d4a256139631aedf2ea2d41b81cbd9828659ee554e", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-25645"], "package": "requests", "rule_id": "GHSA-gc5v-m9x4-r6x2", "scanner": "osv-scanner", "correlation_key": "vuln|requests|CVE-2026-25645|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/requests_bundlefiles1_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-9wx4-h78v-vm56", "level": "warning", "message": {"text": "requests: GHSA-9wx4-h78v-vm56"}, "properties": {"repobilityId": 124604, "scanner": "osv-scanner", "fingerprint": "90eec84241fa28563f5e3f4ee205e7ca9df2764f25e2427c50016a6d47dab9ea", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-35195"], "package": "requests", "rule_id": "GHSA-9wx4-h78v-vm56", "scanner": "osv-scanner", "correlation_key": "vuln|requests|CVE-2024-35195|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/requests_bundlefiles1_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-9hjg-9r4m-mvj7", "level": "warning", "message": {"text": "requests: GHSA-9hjg-9r4m-mvj7"}, "properties": {"repobilityId": 124603, "scanner": "osv-scanner", "fingerprint": "852547d8642cf31a7c9177ce24eb735bed909f897c1778bb051e6fa8429aff99", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-47081"], "package": "requests", "rule_id": "GHSA-9hjg-9r4m-mvj7", "scanner": "osv-scanner", "correlation_key": "vuln|requests|CVE-2024-47081|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/requests_bundlefiles1_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `w_getopt` has cognitive complexity 15 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, else=2, except=1, if=2, nested_bonus=8, while=1."}, "properties": {"repobilityId": 124592, "scanner": "repobility-threat-engine", "fingerprint": "b7f9599dad3efa896ffee20966cc2c47ab235c7121419ccdd776f3e51d7859f1", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 15 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "w_getopt", "breakdown": {"if": 2, "elif": 1, "else": 2, "while": 1, "except": 1, "nested_bonus": 8}, "complexity": 15, "correlation_key": "fp|b7f9599dad3efa896ffee20966cc2c47ab235c7121419ccdd776f3e51d7859f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/boot_service.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `zope.interface` has no version pin"}, "properties": {"repobilityId": 124570, "scanner": "repobility-supply-chain", "fingerprint": "4b28aaf5492c293a5ebe3c99802e17a56c4ddbbe79acd978e302d21d7e8f7efe", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4b28aaf5492c293a5ebe3c99802e17a56c4ddbbe79acd978e302d21d7e8f7efe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/_zope_interface_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `pyphen` has no version pin"}, "properties": {"repobilityId": 124569, "scanner": "repobility-supply-chain", "fingerprint": "ccbf94c6835a2d9ad5c906c355e8cb0488edb9ad6bbed0e0b0647814ace9e0b6", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ccbf94c6835a2d9ad5c906c355e8cb0488edb9ad6bbed0e0b0647814ace9e0b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/pyphen_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `pywin32` has no version pin"}, "properties": {"repobilityId": 124568, "scanner": "repobility-supply-chain", "fingerprint": "755cd919e42569991153aeb95fcc64a06bd949dd6bb9595184d931e5cbc03ab3", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|755cd919e42569991153aeb95fcc64a06bd949dd6bb9595184d931e5cbc03ab3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/pywin32_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `numpy` has no version pin"}, "properties": {"repobilityId": 124567, "scanner": "repobility-supply-chain", "fingerprint": "80d9e2d78c4266167a7ac1f9f506948d44a31380240d37db49cd5dba7cded9df", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|80d9e2d78c4266167a7ac1f9f506948d44a31380240d37db49cd5dba7cded9df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/numpy_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `semantic_version<2.9.0; python_version < '3.8'` has no version pin"}, "properties": {"repobilityId": 124566, "scanner": "repobility-supply-chain", "fingerprint": "da549bcdca434f04482c15390a17695ac47985660a00e614046121d57f2b4378", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|da549bcdca434f04482c15390a17695ac47985660a00e614046121d57f2b4378"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/metadata_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `certifi` has no version pin"}, "properties": {"repobilityId": 124565, "scanner": "repobility-supply-chain", "fingerprint": "f70f06765abd79de6348fb227838810c974a66afccbf51be7c5fab1ab40d619a", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f70f06765abd79de6348fb227838810c974a66afccbf51be7c5fab1ab40d619a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/certifi_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `pandas` has no version pin"}, "properties": {"repobilityId": 124564, "scanner": "repobility-supply-chain", "fingerprint": "8defbbdaa31afa7515aedd6f6fd63f485ed42847fba06d83ffc3039a993547a0", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8defbbdaa31afa7515aedd6f6fd63f485ed42847fba06d83ffc3039a993547a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/pandas_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `certifi` has no version pin"}, "properties": {"repobilityId": 124563, "scanner": "repobility-supply-chain", "fingerprint": "fb68bb4cd8753caaa0bc385fe54d43dc61e04483f41f4f3077e1f1c0fc6551ee", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fb68bb4cd8753caaa0bc385fe54d43dc61e04483f41f4f3077e1f1c0fc6551ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/certifi_zip_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `winrt` has no version pin"}, "properties": {"repobilityId": 124562, "scanner": "repobility-supply-chain", "fingerprint": "0804f083b10514982b0520f93c49fc3ddd403fd68d6c1212b9834da22eb4ecbb", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0804f083b10514982b0520f93c49fc3ddd403fd68d6c1212b9834da22eb4ecbb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/_winrt_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `scipy` has no version pin"}, "properties": {"repobilityId": 124561, "scanner": "repobility-supply-chain", "fingerprint": "b6533b48e14224b4ca2ac00863e48aae49b290d244596885120de5b48b4c5b38", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b6533b48e14224b4ca2ac00863e48aae49b290d244596885120de5b48b4c5b38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/scipy_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `pycryptodome` has no version pin"}, "properties": {"repobilityId": 124560, "scanner": "repobility-supply-chain", "fingerprint": "e6507acafdac2dfd94047414d1285a0d81f477f2c51abe7d1124c3eded34b4f3", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e6507acafdac2dfd94047414d1285a0d81f477f2c51abe7d1124c3eded34b4f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/pycryptodome_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `matplotlib` has no version pin"}, "properties": {"repobilityId": 124559, "scanner": "repobility-supply-chain", "fingerprint": "d42ddacfa4b4021bf00a632485beb65b2946a9e6021e0d85bdedde7da95247a5", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d42ddacfa4b4021bf00a632485beb65b2946a9e6021e0d85bdedde7da95247a5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/matplotlib_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `wxPython` has no version pin"}, "properties": {"repobilityId": 124558, "scanner": "repobility-supply-chain", "fingerprint": "4e2875ef2ba82ce68db777b5bdeee49c348df789af7309793aaf3557eb166f7a", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4e2875ef2ba82ce68db777b5bdeee49c348df789af7309793aaf3557eb166f7a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/_wxPython_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `requests` has no version pin"}, "properties": {"repobilityId": 124557, "scanner": "repobility-supply-chain", "fingerprint": "85a6fa92fac1f6feab0b0bfe67a93e8f48e40bfa6123801768d6a3522942894f", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|85a6fa92fac1f6feab0b0bfe67a93e8f48e40bfa6123801768d6a3522942894f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/requests_bundlefiles1_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `requests` has no version pin"}, "properties": {"repobilityId": 124556, "scanner": "repobility-supply-chain", "fingerprint": "f781c091cb4f86b37d56b0f7819f248e0453140e56139bdaaad578fb28dfc6a2", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f781c091cb4f86b37d56b0f7819f248e0453140e56139bdaaad578fb28dfc6a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/requests_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "Mutable default argument in `__init__` (list)"}, "properties": {"repobilityId": 124547, "scanner": "repobility-ast-engine", "fingerprint": "7d3a8b790d264392d30010eb004fe2d06854f46d15a9530cd0430baf008afbd4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7d3a8b790d264392d30010eb004fe2d06854f46d15a9530cd0430baf008afbd4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/dllfinder.py"}, "region": {"startLine": 234}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "Mutable default argument in `freeze` (dict)"}, "properties": {"repobilityId": 124546, "scanner": "repobility-ast-engine", "fingerprint": "f1da48a6c1ed0f5964cc889fce40ae1b35b7c74be1a2871a0d13fb83de6363ca", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f1da48a6c1ed0f5964cc889fce40ae1b35b7c74be1a2871a0d13fb83de6363ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/__init__.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "Mutable default argument in `freeze` (list)"}, "properties": {"repobilityId": 124545, "scanner": "repobility-ast-engine", "fingerprint": "6a0707a26a75511999731a0390ae40a3656109d3a8af1646312e83d1eeab4727", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6a0707a26a75511999731a0390ae40a3656109d3a8af1646312e83d1eeab4727"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/__init__.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 124544, "scanner": "repobility-ast-engine", "fingerprint": "7f2fc9366d0e596c859aa46cb35af6bd64aefe4f1037ebbb6f8eb30667234089", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7f2fc9366d0e596c859aa46cb35af6bd64aefe4f1037ebbb6f8eb30667234089"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/mf310.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `__init__` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: if=10, or=1."}, "properties": {"repobilityId": 124594, "scanner": "repobility-threat-engine", "fingerprint": "785701898be2edf0952c48f6a800ded70a0d1bdf8549820d1f0838057dbe86c6", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "__init__", "breakdown": {"if": 10, "or": 1}, "complexity": 11, "correlation_key": "fp|785701898be2edf0952c48f6a800ded70a0d1bdf8549820d1f0838057dbe86c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/versioninfo.py"}, "region": {"startLine": 193}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `find_loaded_dlls` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=2, for=2, if=2, nested_bonus=3."}, "properties": {"repobilityId": 124593, "scanner": "repobility-threat-engine", "fingerprint": "e0b9082ba1c2e837dabfa509862bf74c9fba774600633da5e20e9a2f683fa41c", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "find_loaded_dlls", "breakdown": {"if": 2, "for": 2, "except": 2, "nested_bonus": 3}, "complexity": 9, "correlation_key": "fp|e0b9082ba1c2e837dabfa509862bf74c9fba774600633da5e20e9a2f683fa41c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/pescan.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 124518, "scanner": "repobility-ai-code-hygiene", "fingerprint": "42eabf28cb455c81e06efa59e7839674cd150cf57af83d9f9a9e0596df6f8910", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "source/run.c", "duplicate_line": 6, "correlation_key": "fp|42eabf28cb455c81e06efa59e7839674cd150cf57af83d9f9a9e0596df6f8910"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "source/run_w.c"}, "region": {"startLine": 5}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 124517, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fb4404a67ab7ccb7ebfa38d91caddc4ecd9f1c5d1ac3c44c78286fc964766b68", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "source/run_ctypes_dll.c", "duplicate_line": 9, "correlation_key": "fp|fb4404a67ab7ccb7ebfa38d91caddc4ecd9f1c5d1ac3c44c78286fc964766b68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "source/run_w.c"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 124516, "scanner": "repobility-ai-code-hygiene", "fingerprint": "16e089021b1dbd5edade0db77695a4524afd124c7e473d7a592a6adf716ce0d4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "source/run.c", "duplicate_line": 6, "correlation_key": "fp|16e089021b1dbd5edade0db77695a4524afd124c7e473d7a592a6adf716ce0d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "source/run_ctypes_dll.c"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 124515, "scanner": "repobility-ai-code-hygiene", "fingerprint": "554d2ca66b4554ad96a70bec9993280172952a267c8e61436915f71f586cae1a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "setup.py", "duplicate_line": 13, "correlation_key": "fp|554d2ca66b4554ad96a70bec9993280172952a267c8e61436915f71f586cae1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup_zipextimporter.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 124599, "scanner": "repobility-threat-engine", "fingerprint": "7ee4cdd4315400673d77c135646b6fadfb5ed716b202b10627edb5f1a7d62c78", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7ee4cdd4315400673d77c135646b6fadfb5ed716b202b10627edb5f1a7d62c78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup_zipextimporter.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 124598, "scanner": "repobility-threat-engine", "fingerprint": "7448ceb0f18b71092d5beb05a3871514bf3c7a4c8679e300207f75c555802fc8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7448ceb0f18b71092d5beb05a3871514bf3c7a4c8679e300207f75c555802fc8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 164}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 124597, "scanner": "repobility-threat-engine", "fingerprint": "181244b9d33d3a58074349281953a08227f9aaee0679509ddede2b2d7a98b6c9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|181244b9d33d3a58074349281953a08227f9aaee0679509ddede2b2d7a98b6c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup_zipextimporter.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 124596, "scanner": "repobility-threat-engine", "fingerprint": "c566b3b463d2ce6e33457fe7230fb583c29d335ddc70dbb3bf3e7cb11d267da4", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c566b3b463d2ce6e33457fe7230fb583c29d335ddc70dbb3bf3e7cb11d267da4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 172}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "properties": {"repobilityId": 124595, "scanner": "repobility-threat-engine", "fingerprint": "1546edbd1ec206d3e853833bc9ae84deffffaaaf9c166b9e72e02b6701c5c4de", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 4 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "w_getopt", "breakdown": {"if": 2, "elif": 1, "else": 2, "while": 1, "except": 1, "nested_bonus": 8}, "aggregated": true, "complexity": 15, "correlation_key": "fp|1546edbd1ec206d3e853833bc9ae84deffffaaaf9c166b9e72e02b6701c5c4de", "aggregated_count": 4}}}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 124587, "scanner": "repobility-threat-engine", "fingerprint": "3a4a55e812dd07f02e37db242eca9924a3c27d90d2d166802b527d2d46e877a6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3a4a55e812dd07f02e37db242eca9924a3c27d90d2d166802b527d2d46e877a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/versioninfo.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 124586, "scanner": "repobility-threat-engine", "fingerprint": "692423c8f55a28a7bc21ff337e319f1909c735954cd0c4980a44e2e1123ae47f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|692423c8f55a28a7bc21ff337e319f1909c735954cd0c4980a44e2e1123ae47f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/boot_service.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 124585, "scanner": "repobility-threat-engine", "fingerprint": "2f138ff576d867b2e945c3e8c709979ad66e4fc632ecd04db32d66ca7e11b457", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2f138ff576d867b2e945c3e8c709979ad66e4fc632ecd04db32d66ca7e11b457"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/_wapi.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 124584, "scanner": "repobility-threat-engine", "fingerprint": "97e83b35d6d87ad95e23d12f8a95338efdb63b7f12c389b8e08fe5a80cf94e6e", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|97e83b35d6d87ad95e23d12f8a95338efdb63b7f12c389b8e08fe5a80cf94e6e", "aggregated_count": 3}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 124583, "scanner": "repobility-threat-engine", "fingerprint": "04b82b5925c8e44110587271619dfa14cb94ddfdf58a51fbd84628a2aeca8e2e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|04b82b5925c8e44110587271619dfa14cb94ddfdf58a51fbd84628a2aeca8e2e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/boot_service.py"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 124582, "scanner": "repobility-threat-engine", "fingerprint": "211a4d46182a7fbe12f5a60fba80f4c13a2d9f64e9ac75de431d8853bded7579", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|211a4d46182a7fbe12f5a60fba80f4c13a2d9f64e9ac75de431d8853bded7579"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/boot_common.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 124581, "scanner": "repobility-threat-engine", "fingerprint": "5df92b80a05c2aea488208c7bd442b982e0ef1afd79fc2fd14fb45b2917af34e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5df92b80a05c2aea488208c7bd442b982e0ef1afd79fc2fd14fb45b2917af34e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/_wapi.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "PYSEC-2023-74", "level": "error", "message": {"text": "requests: PYSEC-2023-74"}, "properties": {"repobilityId": 124602, "scanner": "osv-scanner", "fingerprint": "8a6c668d9d774f1129c6084a4b447b61572a53f6521f91ddef7b6957cd3e974d", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2023-32681", "GHSA-j8r2-6x86-q33q"], "package": "requests", "rule_id": "PYSEC-2023-74", "scanner": "osv-scanner", "correlation_key": "vuln|requests|CVE-2023-32681|token", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-j8r2-6x86-q33q", "PYSEC-2023-74"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["8a6c668d9d774f1129c6084a4b447b61572a53f6521f91ddef7b6957cd3e974d", "c5f97fac09bb336ac1a0f2f27f679e85544fdb5fb90dec35f1112ca278b4d501"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/requests_bundlefiles1_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2018-28", "level": "error", "message": {"text": "requests: PYSEC-2018-28"}, "properties": {"repobilityId": 124601, "scanner": "osv-scanner", "fingerprint": "41c7329de7627b9860b4fe0f5a4f6f490ba1c58ebef4130a1880f6d1b886247c", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2018-18074", "GHSA-x84v-xcm2-53pg"], "package": "requests", "rule_id": "PYSEC-2018-28", "scanner": "osv-scanner", "correlation_key": "vuln|requests|CVE-2018-18074|token", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-x84v-xcm2-53pg", "PYSEC-2018-28"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["41c7329de7627b9860b4fe0f5a4f6f490ba1c58ebef4130a1880f6d1b886247c", "fce5b29f6d8a27afa65056c2fbd85b310c1f39c13cce9e330fba499149d30fc2"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/functional/requests_bundlefiles1_test/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 124591, "scanner": "repobility-threat-engine", "fingerprint": "91bdf006d0137eb2552087ea83dd674409b9a13c9807331aa60cc03f5b84a516", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|91bdf006d0137eb2552087ea83dd674409b9a13c9807331aa60cc03f5b84a516"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/versioninfo.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 124590, "scanner": "repobility-threat-engine", "fingerprint": "31f23c80b2e802fd89642ea444aa1d672edd216294c2333d91b0c873ff8a05a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|31f23c80b2e802fd89642ea444aa1d672edd216294c2333d91b0c873ff8a05a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/mf310.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 124589, "scanner": "repobility-threat-engine", "fingerprint": "99c62c3babdacaf7b7d090c5388cc202a96712d11ae38ebbf792977f6e513f57", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|99c62c3babdacaf7b7d090c5388cc202a96712d11ae38ebbf792977f6e513f57"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/boot_service.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED021", "level": "error", "message": {"text": "[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain \"../\" \u2014 directory escape."}, "properties": {"repobilityId": 124588, "scanner": "repobility-threat-engine", "fingerprint": "2f24e79d837fac8daac525694fa33e2f8eb641f741cd3c801f41a2f20efc3178", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "path-traversal-os-join", "owasp": "A01:2021", "cwe_ids": ["CWE-22"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347947+00:00", "triaged_in_corpus": 15, "observations_count": 45678, "ai_coder_pattern_id": 31}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2f24e79d837fac8daac525694fa33e2f8eb641f741cd3c801f41a2f20efc3178"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe/boot_common.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/download-artifact` pinned to mutable ref `@v8`"}, "properties": {"repobilityId": 124580, "scanner": "repobility-supply-chain", "fingerprint": "e5ee230545ecb0625715ad4c45776d20f4a931ca0a252a003e68d2eac33ce245", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e5ee230545ecb0625715ad4c45776d20f4a931ca0a252a003e68d2eac33ce245"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 148}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 124579, "scanner": "repobility-supply-chain", "fingerprint": "8a66e26aa2a0a129ab6452c995ebe9fdcbc216ad2a13e868854a69ef5ec555ff", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8a66e26aa2a0a129ab6452c995ebe9fdcbc216ad2a13e868854a69ef5ec555ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 120}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 124578, "scanner": "repobility-supply-chain", "fingerprint": "8f6468a9f957793f7e77eb0707a89e5ae0acec3363652a2519e29ae20c03b8fd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8f6468a9f957793f7e77eb0707a89e5ae0acec3363652a2519e29ae20c03b8fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 124577, "scanner": "repobility-supply-chain", "fingerprint": "f9639124a505a46aa34753af66e39f1c1fcae19b5a17d738c9f3c988a993a538", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f9639124a505a46aa34753af66e39f1c1fcae19b5a17d738c9f3c988a993a538"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 124576, "scanner": "repobility-supply-chain", "fingerprint": "a7f02b22dc70f8197631e8d346b2fc457a3dd0a241019527b45d9d06b6764b03", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a7f02b22dc70f8197631e8d346b2fc457a3dd0a241019527b45d9d06b6764b03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 124575, "scanner": "repobility-supply-chain", "fingerprint": "74ca7593f259e88ff7ad33edecd079632d0e3be637a8d5c7d2594ef50f39ebbe", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|74ca7593f259e88ff7ad33edecd079632d0e3be637a8d5c7d2594ef50f39ebbe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 124574, "scanner": "repobility-supply-chain", "fingerprint": "28ba4609f96e83a72a5925bb155b2c8d30c39d7cf2562aa2a66f4b8be33fc11d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|28ba4609f96e83a72a5925bb155b2c8d30c39d7cf2562aa2a66f4b8be33fc11d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 124573, "scanner": "repobility-supply-chain", "fingerprint": "1e08f3066b29795d27c2a092a9b69a8b57f6087251c3ea7ed7686cd4af0ca7e5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1e08f3066b29795d27c2a092a9b69a8b57f6087251c3ea7ed7686cd4af0ca7e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 124572, "scanner": "repobility-supply-chain", "fingerprint": "665587d048efb2b474c5740b622d202349aa821e08cae2407db1f7bbbcddb1af", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|665587d048efb2b474c5740b622d202349aa821e08cae2407db1f7bbbcddb1af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 124571, "scanner": "repobility-supply-chain", "fingerprint": "173d05943eb6b1e789704cf258766b0ea5186ebbc5aafd65ae35e06b8d318889", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|173d05943eb6b1e789704cf258766b0ea5186ebbc5aafd65ae35e06b8d318889"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/CI.yml"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_relative_imports_3"}, "properties": {"repobilityId": 124555, "scanner": "repobility-ast-engine", "fingerprint": "c719b581f2ed3f807fc0b397e7d5a4340b366edc21191d7fb59b99e78e1d9cf6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c719b581f2ed3f807fc0b397e7d5a4340b366edc21191d7fb59b99e78e1d9cf6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 310}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_relative_imports_2"}, "properties": {"repobilityId": 124554, "scanner": "repobility-ast-engine", "fingerprint": "2a6abe5942890eb9fc442ea407d01810620e6d5f0dce95e5bcae6adde32842b7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a6abe5942890eb9fc442ea407d01810620e6d5f0dce95e5bcae6adde32842b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 306}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_relative_imports"}, "properties": {"repobilityId": 124553, "scanner": "repobility-ast-engine", "fingerprint": "c77a927b28a09858c33c6f52cd3b5334b76293b04645f48d11d885b4d7b0ac79", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c77a927b28a09858c33c6f52cd3b5334b76293b04645f48d11d885b4d7b0ac79"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 302}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_absolute_imports"}, "properties": {"repobilityId": 124552, "scanner": "repobility-ast-engine", "fingerprint": "7cd736c2491a160c9f1e6fce5c63f37a300a7a0ddfb432d84f0ff103cbf733c9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7cd736c2491a160c9f1e6fce5c63f37a300a7a0ddfb432d84f0ff103cbf733c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 298}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_maybe_new"}, "properties": {"repobilityId": 124551, "scanner": "repobility-ast-engine", "fingerprint": "4ff9719ac73077d27f1fb920b643f15c2611eddc6919bd34571aa1123e720816", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4ff9719ac73077d27f1fb920b643f15c2611eddc6919bd34571aa1123e720816"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 294}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_maybe"}, "properties": {"repobilityId": 124550, "scanner": "repobility-ast-engine", "fingerprint": "8ada449ba275c7ec003bf89974a5b729d109d26d02222298a7e9fb4029014db4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8ada449ba275c7ec003bf89974a5b729d109d26d02222298a7e9fb4029014db4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 290}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_namespace_package"}, "properties": {"repobilityId": 124549, "scanner": "repobility-ast-engine", "fingerprint": "d61564bc6402d9a45e9ccca6cb476ef518640a6ee04841c2d5b33e144b812bcd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d61564bc6402d9a45e9ccca6cb476ef518640a6ee04841c2d5b33e144b812bcd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 286}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_package"}, "properties": {"repobilityId": 124548, "scanner": "repobility-ast-engine", "fingerprint": "3fd8a6d4aa929fe28dd3c4df3a7467691fb68f9e86b2b831100919a6603e4bf5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3fd8a6d4aa929fe28dd3c4df3a7467691fb68f9e86b2b831100919a6603e4bf5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/test_modulefinder.py"}, "region": {"startLine": 282}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.build_interpreters` used but never assigned in __init__"}, "properties": {"repobilityId": 124543, "scanner": "repobility-ast-engine", "fingerprint": "0c19ca46501c9747f6f2b70b9d33b8f0e483a58a12b0d0ec4c567f1ba044f7a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0c19ca46501c9747f6f2b70b9d33b8f0e483a58a12b0d0ec4c567f1ba044f7a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.link_objects` used but never assigned in __init__"}, "properties": {"repobilityId": 124542, "scanner": "repobility-ast-engine", "fingerprint": "a18bd935c91c0e3546bf8de7dc726c6ab85c63b160c490d91854fe0be09e5ac5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a18bd935c91c0e3546bf8de7dc726c6ab85c63b160c490d91854fe0be09e5ac5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.rpath` used but never assigned in __init__"}, "properties": {"repobilityId": 124541, "scanner": "repobility-ast-engine", "fingerprint": "571ffd9009ac84bc4e71db00552f5e27e7fce2fd9de2214793d729645077b375", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|571ffd9009ac84bc4e71db00552f5e27e7fce2fd9de2214793d729645077b375"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.library_dirs` used but never assigned in __init__"}, "properties": {"repobilityId": 124540, "scanner": "repobility-ast-engine", "fingerprint": "3928594c610eda77cf496da77ec438b818322841745aae85d0033a89c6976060", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3928594c610eda77cf496da77ec438b818322841745aae85d0033a89c6976060"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.libraries` used but never assigned in __init__"}, "properties": {"repobilityId": 124539, "scanner": "repobility-ast-engine", "fingerprint": "007ae39deda9f216f88fe8793dd5c4468a03f7616154f2a756a6665201f55c2f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|007ae39deda9f216f88fe8793dd5c4468a03f7616154f2a756a6665201f55c2f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.undef` used but never assigned in __init__"}, "properties": {"repobilityId": 124538, "scanner": "repobility-ast-engine", "fingerprint": "586907e73c093ace8cc8d0cabebd307b60ff1b8dc5633437d9b464b1a47bd284", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|586907e73c093ace8cc8d0cabebd307b60ff1b8dc5633437d9b464b1a47bd284"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.undef` used but never assigned in __init__"}, "properties": {"repobilityId": 124537, "scanner": "repobility-ast-engine", "fingerprint": "497e75caba8ed12c8b182b33c0e19432ce10c5c608026e74636dc7f05f249d26", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|497e75caba8ed12c8b182b33c0e19432ce10c5c608026e74636dc7f05f249d26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.define` used but never assigned in __init__"}, "properties": {"repobilityId": 124536, "scanner": "repobility-ast-engine", "fingerprint": "0ca961d32c1115838660c37def461458d63cd6996637c572c43a1167bd5b28ed", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0ca961d32c1115838660c37def461458d63cd6996637c572c43a1167bd5b28ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.define` used but never assigned in __init__"}, "properties": {"repobilityId": 124535, "scanner": "repobility-ast-engine", "fingerprint": "36278ca93c0c50968abf12827840003240d382f16c5a7d4fc7da221f2348ee0e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|36278ca93c0c50968abf12827840003240d382f16c5a7d4fc7da221f2348ee0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 76}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.include_dirs` used but never assigned in __init__"}, "properties": {"repobilityId": 124534, "scanner": "repobility-ast-engine", "fingerprint": "56aa6666fd4d4043940391d9bfb62cddb8ea3c54adcf119e649eaca8681c1cf7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|56aa6666fd4d4043940391d9bfb62cddb8ea3c54adcf119e649eaca8681c1cf7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.interpreters` used but never assigned in __init__"}, "properties": {"repobilityId": 124533, "scanner": "repobility-ast-engine", "fingerprint": "7e9d25065c153575aeb2ff770a2b3585cacf5ec6146ebabb992067eb3262a562", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7e9d25065c153575aeb2ff770a2b3585cacf5ec6146ebabb992067eb3262a562"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.distribution` used but never assigned in __init__"}, "properties": {"repobilityId": 124532, "scanner": "repobility-ast-engine", "fingerprint": "01385468331508686cbab1c68d2359b676b70d707f805987296d86120ef0b530", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|01385468331508686cbab1c68d2359b676b70d707f805987296d86120ef0b530"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.extensions` used but never assigned in __init__"}, "properties": {"repobilityId": 124531, "scanner": "repobility-ast-engine", "fingerprint": "b9b0fdf0600b634ed8119c71fe3d789560d491fc798db52bc0e1d435ad6146d0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b9b0fdf0600b634ed8119c71fe3d789560d491fc798db52bc0e1d435ad6146d0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.interpreters` used but never assigned in __init__"}, "properties": {"repobilityId": 124530, "scanner": "repobility-ast-engine", "fingerprint": "cedd6a7b9d2f94ee3334a515afbe823be5222bfc297217adbd95fa42d1d038db", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cedd6a7b9d2f94ee3334a515afbe823be5222bfc297217adbd95fa42d1d038db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.has_interpreters` used but never assigned in __init__"}, "properties": {"repobilityId": 124529, "scanner": "repobility-ast-engine", "fingerprint": "18018e9ea23885711d219a16284cffb492407cac291afe21794567a80800820e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|18018e9ea23885711d219a16284cffb492407cac291afe21794567a80800820e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.has_interpreters` used but never assigned in __init__"}, "properties": {"repobilityId": 124528, "scanner": "repobility-ast-engine", "fingerprint": "15cdb2fa738e67c931408329ccd74fd4604ae8885acc78d8239fe20838823b38", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|15cdb2fa738e67c931408329ccd74fd4604ae8885acc78d8239fe20838823b38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "py2exe_setuptools.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.archive` used but never assigned in __init__"}, "properties": {"repobilityId": 124527, "scanner": "repobility-ast-engine", "fingerprint": "3c35573e4d5d9ab1f811390e6ecb0ab91deb7e14f778331d08b4bb4f54e249cc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3c35573e4d5d9ab1f811390e6ecb0ab91deb7e14f778331d08b4bb4f54e249cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 170}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.archive` used but never assigned in __init__"}, "properties": {"repobilityId": 124526, "scanner": "repobility-ast-engine", "fingerprint": "1b6a4441718a790ca641c1ab579a5fa4cb2e91443afa510f6ab40335f8654560", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1b6a4441718a790ca641c1ab579a5fa4cb2e91443afa510f6ab40335f8654560"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 118}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.archive` used but never assigned in __init__"}, "properties": {"repobilityId": 124525, "scanner": "repobility-ast-engine", "fingerprint": "a25a718bd7983ad55ff7c9abc8e7bad7b46f741b1538dcb77f974db453b7b19a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a25a718bd7983ad55ff7c9abc8e7bad7b46f741b1538dcb77f974db453b7b19a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_data` used but never assigned in __init__"}, "properties": {"repobilityId": 124524, "scanner": "repobility-ast-engine", "fingerprint": "7116c413a8d78f232ff61fc39900c8888f2c99ddf865467a7257d113aad3984c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7116c413a8d78f232ff61fc39900c8888f2c99ddf865467a7257d113aad3984c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.archive` used but never assigned in __init__"}, "properties": {"repobilityId": 124523, "scanner": "repobility-ast-engine", "fingerprint": "25448b2488c338abf3921df4616b9b33e31ff5ba16276afda76a752f4bf32541", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|25448b2488c338abf3921df4616b9b33e31ff5ba16276afda76a752f4bf32541"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._files` used but never assigned in __init__"}, "properties": {"repobilityId": 124522, "scanner": "repobility-ast-engine", "fingerprint": "b6d52a3dd459feba4337271610e67a7c30bfe55c50a326c66d0e89aa77ae2202", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b6d52a3dd459feba4337271610e67a7c30bfe55c50a326c66d0e89aa77ae2202"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 115}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.find_module` used but never assigned in __init__"}, "properties": {"repobilityId": 124521, "scanner": "repobility-ast-engine", "fingerprint": "d3e8e1e8488dc905c834325e2fcdace099109d103fc4fa7b25456b05dce33c43", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d3e8e1e8488dc905c834325e2fcdace099109d103fc4fa7b25456b05dce33c43"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._files` used but never assigned in __init__"}, "properties": {"repobilityId": 124520, "scanner": "repobility-ast-engine", "fingerprint": "ac5f69a074673866727e3c8437751df1f03cf7b06de9648385bf0d26c63421f4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac5f69a074673866727e3c8437751df1f03cf7b06de9648385bf0d26c63421f4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._files` used but never assigned in __init__"}, "properties": {"repobilityId": 124519, "scanner": "repobility-ast-engine", "fingerprint": "0c69688c3776e3b5dd2da115a16c8e3724cb30b282f67ba8d18ec88e8dbc8d6f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0c69688c3776e3b5dd2da115a16c8e3724cb30b282f67ba8d18ec88e8dbc8d6f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zipextimporter.py"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 124600, "scanner": "repobility-threat-engine", "fingerprint": "fa0a566399c021458baf659eb6b61d368cbc204add57fd9a62c9ea55263bcbe6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fa0a566399c021458baf659eb6b61d368cbc204add57fd9a62c9ea55263bcbe6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "source/run_ctypes_dll.c"}, "region": {"startLine": 101}}}]}]}]}