{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED109", "name": "[MINED109] Mutable default argument in `ghidra_script` (list): `def ghidra_script(... = []/{}/set())` \u2014 Python's default", "shortDescription": {"text": "[MINED109] Mutable default argument in `ghidra_script` (list): `def ghidra_script(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it f"}, "fullDescription": {"text": "Use None as the default and create the collection inside the function: `def ghidra_script(x=None): x = x or []`"}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "DKR007", "name": "Docker build context has no .dockerignore", "shortDescription": {"text": "Docker build context has no .dockerignore"}, "fullDescription": {"text": "Add .dockerignore with at least .git, .env, private keys, dependency folders, build outputs, and local databases."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "DKR015", "name": "Docker build context is very large", "shortDescription": {"text": "Docker build context is very large"}, "fullDescription": {"text": "Shrink the build context with .dockerignore, move generated/runtime data outside the build context, and copy only the manifest files needed for cached dependency layers."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.84, "cwe": "", "owasp": ""}}, {"id": "AIC004", "name": "Suspicious implementation file appears unreferenced", "shortDescription": {"text": "Suspicious implementation file appears unreferenced"}, "fullDescription": {"text": "Confirm whether this file is reachable. If not, delete it; if yes, wire it through explicit imports, routes, or entry points and add a test that proves the path executes."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "AIC001", "name": "Parallel implementation file sits beside a canonical file", "shortDescription": {"text": "Parallel implementation file sits beside a canonical file"}, "fullDescription": {"text": "Merge the intended change into the canonical file, update tests/imports, and delete the parallel implementation if it is not the active entry point."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "SEC127", "name": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedEr", "shortDescription": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or "}, "fullDescription": {"text": "Either implement the body, or fail closed at module-load time so the deploy can't ship a half-built route. A CI gate that fails build on `raise NotImplementedError` in non-abstract code catches this cleanly."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC115", "name": "[SEC115] Decompression without size cap (zip/gzip bomb): Decompressing untrusted archives without a size or ratio cap \u2192 ", "shortDescription": {"text": "[SEC115] Decompression without size cap (zip/gzip bomb): Decompressing untrusted archives without a size or ratio cap \u2192 memory/disk exhaustion DoS (10kb \u2192 4GB classic 'zip bomb')."}, "fullDescription": {"text": "Wrap reader with `io.LimitReader(r, MAX_BYTES)`. In Python, iterate `ZipFile.infolist()` and check each entry's `file_size`. Cap total uncompressed bytes (e.g. 100MB)."}, "properties": {"scanner": "repobility-threat-engine", "category": "resource_exhaustion", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC136", "name": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns ", "shortDescription": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, retur"}, "fullDescription": {"text": "Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC012", "name": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the t", "shortDescription": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "fullDescription": {"text": "Validate extracted paths with os.path.realpath() and ensure they stay within the target directory."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "DKR012", "name": "Dockerfile keeps pip download cache", "shortDescription": {"text": "Dockerfile keeps pip download cache"}, "fullDescription": {"text": "Use `pip install --no-cache-dir ...` in container builds."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Rename it to the domain concept it implements or merge it into the existing module it was meant to change."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `put_regions_exdi` has cognitive complexity 10 (SonarSource scale). Cognit", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `put_regions_exdi` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recurs"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 10."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "SEC132", "name": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the la", "shortDescription": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on it"}, "fullDescription": {"text": "Python: `f\"prefix {var} suffix\"`. JS/TS: `` `prefix ${var} suffix` ``. Add a lint rule (pyupgrade UP032, eslint prefer-template) so future PRs catch this automatically."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED085", "name": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM.", "shortDescription": {"text": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1075 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED093", "name": "[MINED093] Java Sql Statement Concat: Statement.executeQuery with concat string = SQL injection.", "shortDescription": {"text": "[MINED093] Java Sql Statement Concat: Statement.executeQuery with concat string = SQL injection."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-89 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED004", "name": "[MINED004] Weak Crypto (and 17 more): Same pattern found in 17 additional files. Review if needed.", "shortDescription": {"text": "[MINED004] Weak Crypto (and 17 more): Same pattern found in 17 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED057", "name": "[MINED057] Todo Bomb: Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolve", "shortDescription": {"text": "[MINED057] Todo Bomb: Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolved."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.", "shortDescription": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 9 more): Same pattern found in 9 additi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED083", "name": "[MINED083] Java Thread Start (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED083] Java Thread Start (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-664 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 47 more): Same pattern found in 47 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 47 more): Same pattern found in 47 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 10 more): Same pattern found in 10 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception (and 8 more): Same pattern found in 8 additional files. Review if needed.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequen", "shortDescription": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED075", "name": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL.", "shortDescription": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-690 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED081", "name": "[MINED081] Java Printstacktrace (and 9 more): Same pattern found in 9 additional files. Review if needed.", "shortDescription": {"text": "[MINED081] Java Printstacktrace (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED134", "name": "[MINED134] Binary file `Ghidra/RuntimeScripts/Common/support/gradle/gradle-wrapper.jar` committed in source repo: `Ghidr", "shortDescription": {"text": "[MINED134] Binary file `Ghidra/RuntimeScripts/Common/support/gradle/gradle-wrapper.jar` committed in source repo: `Ghidra/RuntimeScripts/Common/support/gradle/gradle-wrapper.jar` is a .jar binary (43,453 bytes) committed to a repo that othe"}, "fullDescription": {"text": "Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `gradle/actions/dependency-submission` pinned to mutable ref `@v6`: `uses: gradle/actions/dependency-s", "shortDescription": {"text": "[MINED115] Action `gradle/actions/dependency-submission` pinned to mutable ref `@v6`: `uses: gradle/actions/dependency-submission@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-ac"}, "fullDescription": {"text": "Replace with: `uses: gradle/actions/dependency-submission@<40-char-sha>  # v6` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "[MINED118] Dockerfile FROM `alpine:3.20` not pinned by digest: `FROM alpine:3.20` resolves the tag at build time. The re", "shortDescription": {"text": "[MINED118] Dockerfile FROM `alpine:3.20` not pinned by digest: `FROM alpine:3.20` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should"}, "fullDescription": {"text": "Replace with: `FROM alpine:3.20@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_boilerplate: Test function `test_boilerplate` runs code but contains no assert / ", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_boilerplate: Test function `test_boilerplate` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.export_bookmarks` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads", "shortDescription": {"text": "[MINED108] `self.export_bookmarks` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_bookmarks`, but no assignment to it exists in __init__ (and no class-level fallback). This raises Attribut"}, "fullDescription": {"text": "Initialize `self.export_bookmarks = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "DKR014", "name": "Dockerfile copies the entire context without .dockerignore", "shortDescription": {"text": "Dockerfile copies the entire context without .dockerignore"}, "fullDescription": {"text": "Create .dockerignore before using broad context copies, or copy only the required files and directories."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "high", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "MINED036", "name": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping.", "shortDescription": {"text": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC004", "name": "[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.", "shortDescription": {"text": "[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection."}, "fullDescription": {"text": "Use parameterized queries: gdb.execute('SELECT * FROM t WHERE id = %s', [id]). For dynamic table or column names, choose identifiers from a hard-coded allowlist and keep values in parameters."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "high", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `inspect` used but not imported: The file uses `inspect.something(...)` but never imports `in", "shortDescription": {"text": "[MINED107] Missing import: `inspect` used but not imported: The file uses `inspect.something(...)` but never imports `inspect`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import inspect` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf.", "shortDescription": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/551"}, "properties": {"repository": "NationalSecurityAgency/ghidra", "repoUrl": "https://github.com/NationalSecurityAgency/ghidra.git", "branch": "master"}, "results": [{"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `ghidra_script` (list): `def ghidra_script(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 35827, "scanner": "repobility-ast-engine", "fingerprint": "1af843b9bfa3e55a624565714a1cff91b520d461c6307bc51db0831a7de4e91e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1af843b9bfa3e55a624565714a1cff91b520d461c6307bc51db0831a7de4e91e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/PyGhidra/src/main/py/src/pyghidra/api.py"}, "region": {"startLine": 198}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35817, "scanner": "repobility-ast-engine", "fingerprint": "43d9c48345fcdb3f6efc58da622f83e79c475ffe35265eb4d173f0d818156d58", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|43d9c48345fcdb3f6efc58da622f83e79c475ffe35265eb4d173f0d818156d58"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/hooks.py"}, "region": {"startLine": 329}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35816, "scanner": "repobility-ast-engine", "fingerprint": "b48a7248d32a55cfe7fa5340f5e3dba45f7efb4c02dd44e00f9db9eb117117cf", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b48a7248d32a55cfe7fa5340f5e3dba45f7efb4c02dd44e00f9db9eb117117cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/hooks.py"}, "region": {"startLine": 322}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35815, "scanner": "repobility-ast-engine", "fingerprint": "16cc64a8914069a3c65eeffde0332d848d422597bb1b003d7483c874b6ff08d1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|16cc64a8914069a3c65eeffde0332d848d422597bb1b003d7483c874b6ff08d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/hooks.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35814, "scanner": "repobility-ast-engine", "fingerprint": "6610836d0e2db313cfd140225819696e431ce6f7eed1770c97892d8b20cd6fac", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6610836d0e2db313cfd140225819696e431ce6f7eed1770c97892d8b20cd6fac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/hooks.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35813, "scanner": "repobility-ast-engine", "fingerprint": "0a6e835e1ed2eff1d47c08d0ad676f95fbd85e2b052be14533743db87d106ec6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0a6e835e1ed2eff1d47c08d0ad676f95fbd85e2b052be14533743db87d106ec6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/hooks.py"}, "region": {"startLine": 274}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35811, "scanner": "repobility-ast-engine", "fingerprint": "566e2b89dfe3c623ff5022e298fc106c2bff7d257244ad7191d3a56184d4e07b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|566e2b89dfe3c623ff5022e298fc106c2bff7d257244ad7191d3a56184d4e07b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/commands.py"}, "region": {"startLine": 259}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35810, "scanner": "repobility-ast-engine", "fingerprint": "24dac54481800cde0cf8a1247d06b79866d9da83f24000f95edaff73303ee470", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|24dac54481800cde0cf8a1247d06b79866d9da83f24000f95edaff73303ee470"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/commands.py"}, "region": {"startLine": 681}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35808, "scanner": "repobility-ast-engine", "fingerprint": "50e80730b77c0b2eb6ec233be67167f9fdbcaf859019c542c6472e355d5a22bf", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|50e80730b77c0b2eb6ec233be67167f9fdbcaf859019c542c6472e355d5a22bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/loaders/xml_loader.py"}, "region": {"startLine": 94}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35806, "scanner": "repobility-ast-engine", "fingerprint": "8af7fa87693b42e724ab351b86b48c83e905ceb60186e9b3b32211fb33f410fc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8af7fa87693b42e724ab351b86b48c83e905ceb60186e9b3b32211fb33f410fc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/python/idaxml.py"}, "region": {"startLine": 673}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35805, "scanner": "repobility-ast-engine", "fingerprint": "673b4ffc3f50e885dbc028c0ae8cdf2274d4963bb71028cca608408d54808735", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|673b4ffc3f50e885dbc028c0ae8cdf2274d4963bb71028cca608408d54808735"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/python/idaxml.py"}, "region": {"startLine": 458}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35804, "scanner": "repobility-ast-engine", "fingerprint": "678fac9c4ec9c4693fc8c8d46531d4def9715b0c0f7e4ee271bc78c597e2416d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|678fac9c4ec9c4693fc8c8d46531d4def9715b0c0f7e4ee271bc78c597e2416d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/python/idaxml.py"}, "region": {"startLine": 3066}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35803, "scanner": "repobility-ast-engine", "fingerprint": "0a7b4b82f3e231286ffb6eee7de72a54b80ab9ce155cddc495a4427bb42e57cd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0a7b4b82f3e231286ffb6eee7de72a54b80ab9ce155cddc495a4427bb42e57cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/python/idaxml.py"}, "region": {"startLine": 2732}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35802, "scanner": "repobility-ast-engine", "fingerprint": "7d9bd53e8687e533c390013311b4ce31f4662e1b8fd36fb645759ef66d23e3bd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7d9bd53e8687e533c390013311b4ce31f4662e1b8fd36fb645759ef66d23e3bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/python/idaxml.py"}, "region": {"startLine": 2618}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35801, "scanner": "repobility-ast-engine", "fingerprint": "9f10339423548b601a92d4c6e0213568328be58566d52e6206ba8a9f318518c7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9f10339423548b601a92d4c6e0213568328be58566d52e6206ba8a9f318518c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/python/idaxml.py"}, "region": {"startLine": 2531}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35799, "scanner": "repobility-ast-engine", "fingerprint": "5221ac07276c6ea6acaf2274c2c29cd4c00ebced74a50df0cefccc3a11172f20", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5221ac07276c6ea6acaf2274c2c29cd4c00ebced74a50df0cefccc3a11172f20"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/plugins/xml_importer.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35797, "scanner": "repobility-ast-engine", "fingerprint": "b81f525336b9c86b79ca58466d1e5c058284dc756f82a4b61752d565dfc36418", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b81f525336b9c86b79ca58466d1e5c058284dc756f82a4b61752d565dfc36418"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/plugins/xml_exporter.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35795, "scanner": "repobility-ast-engine", "fingerprint": "7fbab79c6b5e67361abaa36dbe26bfe38d31c51ff4db61e667292516a68ca818", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7fbab79c6b5e67361abaa36dbe26bfe38d31c51ff4db61e667292516a68ca818"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/loaders/xml_loader.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35793, "scanner": "repobility-ast-engine", "fingerprint": "b7ca7b8995a620df36e3ff33c3b7260dff45bb1e5486e2f02bbf4f4a12f21ca1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b7ca7b8995a620df36e3ff33c3b7260dff45bb1e5486e2f02bbf4f4a12f21ca1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 598}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35792, "scanner": "repobility-ast-engine", "fingerprint": "ec35ecef45150a02adfe48edd3d0cef99fe5ced8b25234f2bb0f15e9e0a12d0c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ec35ecef45150a02adfe48edd3d0cef99fe5ced8b25234f2bb0f15e9e0a12d0c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 380}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35791, "scanner": "repobility-ast-engine", "fingerprint": "3a76a210d140203faf2bb3d123475065996643e31e6db220f1698c39a9bd5e70", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3a76a210d140203faf2bb3d123475065996643e31e6db220f1698c39a9bd5e70"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 3010}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35790, "scanner": "repobility-ast-engine", "fingerprint": "db574cb717e0cfb2292acc1d42d2af48d52fc1baa6edf70b0b34b5da0e8e87d0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|db574cb717e0cfb2292acc1d42d2af48d52fc1baa6edf70b0b34b5da0e8e87d0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 2676}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35789, "scanner": "repobility-ast-engine", "fingerprint": "0554e677bcd24bfba5cad0772b63df0d9484b21fdce77c41a22c1b9c75ee66d5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0554e677bcd24bfba5cad0772b63df0d9484b21fdce77c41a22c1b9c75ee66d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 2557}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35788, "scanner": "repobility-ast-engine", "fingerprint": "df2ff9323b18cdec536fc20aba1d7af5bc97f812fccf79a62a29d2ccda84e2f3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|df2ff9323b18cdec536fc20aba1d7af5bc97f812fccf79a62a29d2ccda84e2f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 2469}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35761, "scanner": "repobility-ast-engine", "fingerprint": "1982c26e0faf87001a3f46d4fff81a65afb5483f37fbfd3522f36c424ca79f78", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1982c26e0faf87001a3f46d4fff81a65afb5483f37fbfd3522f36c424ca79f78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/plugins/xml_importer.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 35759, "scanner": "repobility-ast-engine", "fingerprint": "09ec20e9d6f9f37f04ceaffed0528ca1cde7b5605b9f440b586b75130c2110f8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09ec20e9d6f9f37f04ceaffed0528ca1cde7b5605b9f440b586b75130c2110f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/plugins/xml_exporter.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 35757, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "DKR007", "level": "warning", "message": {"text": "Docker build context has no .dockerignore"}, "properties": {"repobilityId": 35756, "scanner": "repobility-docker", "fingerprint": "c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Dockerfile exists but repository root has no .dockerignore.", "evidence": {"rule_id": "DKR007", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR015", "level": "warning", "message": {"text": "Docker build context is very large"}, "properties": {"repobilityId": 35752, "scanner": "repobility-docker", "fingerprint": "b15d4f710afeff2af4cd4ab204332853f9025b78869a0e87bb466a798bb1a15b", "category": "docker", "severity": "medium", "confidence": 0.84, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Estimated Docker build context exceeds Repobility's size or file-count threshold.", "evidence": {"capped": false, "rule_id": "DKR015", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "largest_paths": [{"path": ".git/objects/pack/pack-e1acfcb383d33480a33b7677189bfb9f5143e4ed.pack", "size_mb": 48.9}, {"path": ".git/objects/pack/pack-2d8ed9387ac205ba9d3c9cc491b2d93d565fbf5e.pack", "size_mb": 28.0}, {"path": "Ghidra/Features/Base/data/typeinfo/golang/go1.26.0.json", "size_mb": 10.1}, {"path": "Ghidra/Features/Base/data/typeinfo/golang/go1.25.0.json", "size_mb": 9.6}, {"path": "Ghidra/Features/Base/data/typeinfo/golang/go1.24.0.json", "size_mb": 9.6}], "included_files": 20327, "context_size_mb": 388.0, "correlation_key": "fp|b15d4f710afeff2af4cd4ab204332853f9025b78869a0e87bb466a798bb1a15b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC004", "level": "warning", "message": {"text": "Suspicious implementation file appears unreferenced"}, "properties": {"repobilityId": 35721, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2288c41f36f7b810aa60e5405be01cd7b503743c41f7ecbd5e8fc4598e158a38", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Patch-style source file has no detected inbound reference from other repository files.", "evidence": {"suffix": "old", "rule_id": "AIC004", "scanner": "repobility-ai-code-hygiene", "references": ["https://knip.dev/", "https://github.com/jendrikseipp/vulture"], "correlation_key": "fp|2288c41f36f7b810aa60e5405be01cd7b503743c41f7ecbd5e8fc4598e158a38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/FileFormats/src/main/java/ghidra/file/formats/ios/dmg/DmgHeaderV2_old.java"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC004", "level": "warning", "message": {"text": "Suspicious implementation file appears unreferenced"}, "properties": {"repobilityId": 35720, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0595b154f273d7197c37714864f2c35269ef28e6f53cad9bdd7842c68137d485", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Patch-style source file has no detected inbound reference from other repository files.", "evidence": {"suffix": "old", "rule_id": "AIC004", "scanner": "repobility-ai-code-hygiene", "references": ["https://knip.dev/", "https://github.com/jendrikseipp/vulture"], "correlation_key": "fp|0595b154f273d7197c37714864f2c35269ef28e6f53cad9bdd7842c68137d485"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/FileFormats/src/main/java/ghidra/file/formats/ios/dmg/DmgHeaderV1_old.java"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC001", "level": "warning", "message": {"text": "Parallel implementation file sits beside a canonical file"}, "properties": {"repobilityId": 35719, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a8e18dd803723b311e016656bd8a409afb646f08d1af004bf40abcf048cd269a", "category": "quality", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Source filename has a patch-style suffix and a same-directory canonical sibling exists.", "evidence": {"suffix": "old", "rule_id": "AIC001", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195", "https://knip.dev/"], "canonical_file": "Ghidra/Features/FileFormats/src/main/java/ghidra/file/formats/ios/dmg/DmgHeaderV2.java", "correlation_key": "fp|a8e18dd803723b311e016656bd8a409afb646f08d1af004bf40abcf048cd269a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/FileFormats/src/main/java/ghidra/file/formats/ios/dmg/DmgHeaderV2_old.java"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC127", "level": "warning", "message": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident."}, "properties": {"repobilityId": 35717, "scanner": "repobility-threat-engine", "fingerprint": "5fea61e89aa3d0a2935e971ace97f0e107ee762211c722ba730730de573ba259", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "def __str__(self):\n        raise NotImplementedError", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC127", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5fea61e89aa3d0a2935e971ace97f0e107ee762211c722ba730730de573ba259"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/Base/ghidra_scripts/RecursiveStringFinder.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "SEC115", "level": "warning", "message": {"text": "[SEC115] Decompression without size cap (zip/gzip bomb): Decompressing untrusted archives without a size or ratio cap \u2192 memory/disk exhaustion DoS (10kb \u2192 4GB classic 'zip bomb')."}, "properties": {"repobilityId": 35704, "scanner": "repobility-threat-engine", "fingerprint": "e1d459e33265e3436ff3e5d4f057e61ffb34a4775f90f3708494dfaeb78f75d4", "category": "resource_exhaustion", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "ZIPInputStream(new DBBufferInputStream(buffer))) {\n\t\t\tis.skip((blockNum << DBTraceMemorySpace.BLOCK_", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC115", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e1d459e33265e3436ff3e5d4f057e61ffb34a4775f90f3708494dfaeb78f75d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Framework-TraceModeling/src/main/java/ghidra/trace/database/memory/DBTraceMemoryBufferEntry.java"}, "region": {"startLine": 161}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 35694, "scanner": "repobility-threat-engine", "fingerprint": "e6d0df03e406be48a082f4e8f8e8b6347b5b24fa5a1e6f43beab96091be7826c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except:\n            return None", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e6d0df03e406be48a082f4e8f8e8b6347b5b24fa5a1e6f43beab96091be7826c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-x64dbg/src/main/py/src/ghidraxdbg/util.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 35692, "scanner": "repobility-threat-engine", "fingerprint": "57c40ebfaffcaf485bbc1de5c8be901b81939dcafafaa7b6becea97da2f32cf1", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|268|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/Lisa/src/main/java/ghidra/lisa/pcode/analyses/PcodeByteBasedConstantPropagation.java"}, "region": {"startLine": 268}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 35691, "scanner": "repobility-threat-engine", "fingerprint": "8f447d3dade8c79eacb6677612acb331bfb3002045ae11db5eac59208b22745d", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|64|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/Jython/jython-src/jintrospect.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 35690, "scanner": "repobility-threat-engine", "fingerprint": "121bcf37db6c1633c8358bf5744874536e69bf56dc3d9f377f5274e838cf7933", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|76|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-x64dbg/src/main/py/src/ghidraxdbg/util.py"}, "region": {"startLine": 76}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 35676, "scanner": "repobility-threat-engine", "fingerprint": "6742e182fda4df328a61b8e2779daac66a1664f44d81eeb41e8aac01353608cd", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception as e:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|6742e182fda4df328a61b8e2779daac66a1664f44d81eeb41e8aac01353608cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-x64dbg/data/support/local-x64dbg-attach.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 35675, "scanner": "repobility-threat-engine", "fingerprint": "5ab199e8ffff5146bec40596b83cdc46ffcdab4993d25c694861cba2077eeb3f", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception as e:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5ab199e8ffff5146bec40596b83cdc46ffcdab4993d25c694861cba2077eeb3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 35674, "scanner": "repobility-threat-engine", "fingerprint": "0f02d04b2098db5ba73fcc38651e5437331ad8ba3e5957aa216c1909b8306a05", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception as e:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|0f02d04b2098db5ba73fcc38651e5437331ad8ba3e5957aa216c1909b8306a05"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-attach.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "SEC012", "level": "warning", "message": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "properties": {"repobilityId": 35652, "scanner": "repobility-threat-engine", "fingerprint": "560e9508ddd568c4007460ce67c19fde71033f82bbb5dd6050752c07c20c1ada", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Entry.getName()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC012", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|path_traversal|token|98|sec012"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/src/dmg/java/mobiledevices/dmg/server/DmgServer.java"}, "region": {"startLine": 98}}}]}, {"ruleId": "SEC012", "level": "warning", "message": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "properties": {"repobilityId": 35651, "scanner": "repobility-threat-engine", "fingerprint": "575dc146cfb1399b6332a970867dc50c323c2c65d1fc4f8e1f1b53c8338aba9a", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "entry.getName()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC012", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|path_traversal|token|49|sec012"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/src/dmg/java/mobiledevices/dmg/reader/DmgInfoGenerator.java"}, "region": {"startLine": 49}}}]}, {"ruleId": "SEC012", "level": "warning", "message": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "properties": {"repobilityId": 35650, "scanner": "repobility-threat-engine", "fingerprint": "fb0f2f922f55139828434486f529925baf835793a0f608fbaee9643b55c97a53", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "entry.getName()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC012", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|path_traversal|token|206|sec012"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/src/dmg/java/mobiledevices/dmg/reader/DmgFileReader.java"}, "region": {"startLine": 206}}}]}, {"ruleId": "DKR012", "level": "note", "message": {"text": "Dockerfile keeps pip download cache"}, "properties": {"repobilityId": 35755, "scanner": "repobility-docker", "fingerprint": "5586d7afdcc198eb086ef8fa332675b2d5dee0c61d73670f4b0b6d0fcfc7a17b", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "pip install appears without --no-cache-dir.", "evidence": {"rule_id": "DKR012", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|5586d7afdcc198eb086ef8fa332675b2d5dee0c61d73670f4b0b6d0fcfc7a17b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile"}, "region": {"startLine": 47}}}]}, {"ruleId": "DKR012", "level": "note", "message": {"text": "Dockerfile keeps pip download cache"}, "properties": {"repobilityId": 35753, "scanner": "repobility-docker", "fingerprint": "16df62dfb2ab67a716a834aed75dbcf22ed711d0ac15a1765c960304b6948b8b", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "pip install appears without --no-cache-dir.", "evidence": {"rule_id": "DKR012", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|16df62dfb2ab67a716a834aed75dbcf22ed711d0ac15a1765c960304b6948b8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile"}, "region": {"startLine": 25}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35751, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8642eaadb649286f33707d6da067feebe3506886e5eceb49487c01d450b1c32a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-attach.py", "duplicate_line": 44, "correlation_key": "fp|8642eaadb649286f33707d6da067feebe3506886e5eceb49487c01d450b1c32a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-ext.py"}, "region": {"startLine": 35}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35750, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6ece6f59228ff41c30f0b1fd1410edb5878d7484acf2ebc8cfeb72bb27da0058", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/safe-ctype.h", "duplicate_line": 5, "correlation_key": "fp|6ece6f59228ff41c30f0b1fd1410edb5878d7484acf2ebc8cfeb72bb27da0058"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/safe-ctype.h"}, "region": {"startLine": 5}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35749, "scanner": "repobility-ai-code-hygiene", "fingerprint": "10f5bd026a4ec8f0e6727199ec8330ff6e65750ae508d1a6608fb4829555230b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/argv.c", "duplicate_line": 3, "correlation_key": "fp|10f5bd026a4ec8f0e6727199ec8330ff6e65750ae508d1a6608fb4829555230b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/safe-ctype.h"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35748, "scanner": "repobility-ai-code-hygiene", "fingerprint": "94a88872a79128d10afcf4c7c7fe86dbe0b9339dd59fff51eb75dc5981a6d570", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/safe-ctype.c", "duplicate_line": 3, "correlation_key": "fp|94a88872a79128d10afcf4c7c7fe86dbe0b9339dd59fff51eb75dc5981a6d570"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/safe-ctype.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35747, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9a31a8332f2f144fd8c95d97778a8f74f4cce7f3e41ea0be9460c9b2ba569db3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/safe-ctype.c", "duplicate_line": 1, "correlation_key": "fp|9a31a8332f2f144fd8c95d97778a8f74f4cce7f3e41ea0be9460c9b2ba569db3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/safe-ctype.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35746, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3a2264d37603753f7c3ff4fcd34ffb63ee7ec88f740aa0b51d0a4416cc52ea9b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/libiberty.h", "duplicate_line": 3, "correlation_key": "fp|3a2264d37603753f7c3ff4fcd34ffb63ee7ec88f740aa0b51d0a4416cc52ea9b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/libiberty.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35745, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a123313c1483ab294037b67bab576d1bcc7168206b6bc72f66bf93d425cbed77", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/getopt.c", "duplicate_line": 8, "correlation_key": "fp|a123313c1483ab294037b67bab576d1bcc7168206b6bc72f66bf93d425cbed77"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/getopt.h"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35744, "scanner": "repobility-ai-code-hygiene", "fingerprint": "843846ed08eac3b2aa3495dc28c63c7fb56b190ae8b5aa082c4dc0555d58ce49", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/getopt.h", "duplicate_line": 3, "correlation_key": "fp|843846ed08eac3b2aa3495dc28c63c7fb56b190ae8b5aa082c4dc0555d58ce49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/getopt.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35743, "scanner": "repobility-ai-code-hygiene", "fingerprint": "df5b83eface20ec35568f96b564fef4d53e8b2fda95bf6b02e2c8f5ad569f9d4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/dyn-string.h", "duplicate_line": 3, "correlation_key": "fp|df5b83eface20ec35568f96b564fef4d53e8b2fda95bf6b02e2c8f5ad569f9d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/dyn-string.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35742, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9df7343104f556e95947d0266fde800e5f6e85a7ab33e02ec831c0b125df2588", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/demangle.h", "duplicate_line": 3, "correlation_key": "fp|9df7343104f556e95947d0266fde800e5f6e85a7ab33e02ec831c0b125df2588"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/demangle.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35741, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7c84bb0d69b76473aad0ea51ff82149fb4ae39fe37ae9a2ce1a3c91cab8d69e6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/cp-demangle.h", "duplicate_line": 3, "correlation_key": "fp|7c84bb0d69b76473aad0ea51ff82149fb4ae39fe37ae9a2ce1a3c91cab8d69e6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/cp-demangle.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35740, "scanner": "repobility-ai-code-hygiene", "fingerprint": "16aa638ae466ddc14292eb2e47699fb968a49deb7e2e0fffd3677b7bf27d918d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/ansidecl.h", "duplicate_line": 4, "correlation_key": "fp|16aa638ae466ddc14292eb2e47699fb968a49deb7e2e0fffd3677b7bf27d918d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/headers/ansidecl.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35739, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ce3cf719457d1555147a7d8ec2550ad3333acdb1d7c20a9eb94805956a5803fd", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/xstrdup.c", "duplicate_line": 1, "correlation_key": "fp|ce3cf719457d1555147a7d8ec2550ad3333acdb1d7c20a9eb94805956a5803fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/xstrdup.c"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35738, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1368e35909fb03cbbc56011bdfd1643405c1a7814776060c29857b1f81271eb7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/xexit.c", "duplicate_line": 2, "correlation_key": "fp|1368e35909fb03cbbc56011bdfd1643405c1a7814776060c29857b1f81271eb7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/xexit.c"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35737, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bdd387ccbe96dc2b6ae1f941457cdc192fe79d4cc8d5c355169ea59977fe4b43", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/argv.c", "duplicate_line": 3, "correlation_key": "fp|bdd387ccbe96dc2b6ae1f941457cdc192fe79d4cc8d5c355169ea59977fe4b43"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/safe-ctype.c"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35736, "scanner": "repobility-ai-code-hygiene", "fingerprint": "389b1715f44e5477a6647ca6dfb4fa9ccf5411244f931691147d616ca49f2cf9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/safe-ctype.c", "duplicate_line": 3, "correlation_key": "fp|389b1715f44e5477a6647ca6dfb4fa9ccf5411244f931691147d616ca49f2cf9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/safe-ctype.c"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35735, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5f89f8e621ea12e02cf5bacf2dcc7a30d6ecfaa6a33c086ceaf9b4bd515c1f36", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/cplus-dem.c", "duplicate_line": 10, "correlation_key": "fp|5f89f8e621ea12e02cf5bacf2dcc7a30d6ecfaa6a33c086ceaf9b4bd515c1f36"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/missing.c"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35734, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c57e65094dd2a37de8ea22bd7c72c190e9d33d2421fcd895891edd7a66aa2542", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/getopt1.c", "duplicate_line": 6, "correlation_key": "fp|c57e65094dd2a37de8ea22bd7c72c190e9d33d2421fcd895891edd7a66aa2542"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/getopt1.c"}, "region": {"startLine": 5}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35733, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fcb03b6bc531266d2dd8d9fa985db677737b34bbc0cb6158dc4f682efce88548", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/getopt.c", "duplicate_line": 6, "correlation_key": "fp|fcb03b6bc531266d2dd8d9fa985db677737b34bbc0cb6158dc4f682efce88548"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/getopt1.c"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35732, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a85fba4d7086411a5847d66225c1d6c9acb4529a30bf3d54be2511470c400732", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/getopt.c", "duplicate_line": 4, "correlation_key": "fp|a85fba4d7086411a5847d66225c1d6c9acb4529a30bf3d54be2511470c400732"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/getopt1.c"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35731, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e6e59565a365684bee67bd3ca56a8f42ed74467ec1f2f1ffc723649764048e50", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/getopt.c", "duplicate_line": 6, "correlation_key": "fp|e6e59565a365684bee67bd3ca56a8f42ed74467ec1f2f1ffc723649764048e50"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/getopt.c"}, "region": {"startLine": 5}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35730, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8c0c5b805fbbb436cc20257276f9b7469dba7fa8ac23daa775925c838a176505", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/dyn-string.c", "duplicate_line": 2, "correlation_key": "fp|8c0c5b805fbbb436cc20257276f9b7469dba7fa8ac23daa775925c838a176505"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/dyn-string.c"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35729, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a04aed1015c934595f4858c4feed7cf934448521039b83abb219a2c60f1f418d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/argv.c", "duplicate_line": 2, "correlation_key": "fp|a04aed1015c934595f4858c4feed7cf934448521039b83abb219a2c60f1f418d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/argv.c"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35728, "scanner": "repobility-ai-code-hygiene", "fingerprint": "496418c70e516509a4be336e92402acafc6f0c65f0c44275420e02fa31dfe7b2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/alloca.c", "duplicate_line": 1, "correlation_key": "fp|496418c70e516509a4be336e92402acafc6f0c65f0c44275420e02fa31dfe7b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/alloca.c"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35727, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b53b1d993fc7896a7b40f4b7bcf303c3307e89d8eb454c100d8792c7adebfaf9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/argv.c", "duplicate_line": 3, "correlation_key": "fp|b53b1d993fc7896a7b40f4b7bcf303c3307e89d8eb454c100d8792c7adebfaf9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/safe-ctype.h"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35726, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1f3b236d40294e57e4e84289fac0385769cf97c05138c99f410ff8b67773f5b7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/safe-ctype.c", "duplicate_line": 3, "correlation_key": "fp|1f3b236d40294e57e4e84289fac0385769cf97c05138c99f410ff8b67773f5b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/safe-ctype.h"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35725, "scanner": "repobility-ai-code-hygiene", "fingerprint": "db78b590d40b00fbc8ea40e44741e472437e0428e45f1ecf4d19e92529782732", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/getopt.c", "duplicate_line": 8, "correlation_key": "fp|db78b590d40b00fbc8ea40e44741e472437e0428e45f1ecf4d19e92529782732"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/headers/getopt.h"}, "region": {"startLine": 5}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35724, "scanner": "repobility-ai-code-hygiene", "fingerprint": "cbd00f3dd8222a95bec8e1dbfd75f4e02fa2087e6d18b57165066d86234d120a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/argv.c", "duplicate_line": 3, "correlation_key": "fp|cbd00f3dd8222a95bec8e1dbfd75f4e02fa2087e6d18b57165066d86234d120a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/safe-ctype.c"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35723, "scanner": "repobility-ai-code-hygiene", "fingerprint": "812d3dd3842935b24427fbe0f9b314ce5aa8c55989b84ff5e4d3883d6441a3ae", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/getopt.c", "duplicate_line": 6, "correlation_key": "fp|812d3dd3842935b24427fbe0f9b314ce5aa8c55989b84ff5e4d3883d6441a3ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/getopt1.c"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 35722, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7b9e55f681a275c1591d5b0e25f281b8adc1a28aaddf4099bc1de654227ea5f5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "GPL/DMG/src/dmg/java/mobiledevices/dmg/ghidra/GDataConverterBE.java", "duplicate_line": 35, "correlation_key": "fp|7b9e55f681a275c1591d5b0e25f281b8adc1a28aaddf4099bc1de654227ea5f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/src/dmg/java/mobiledevices/dmg/ghidra/GDataConverterLE.java"}, "region": {"startLine": 35}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 35718, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a951138fd644f512fbc54c1145415f778edecd6359091e83a2da64c343092bab", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "old", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|a951138fd644f512fbc54c1145415f778edecd6359091e83a2da64c343092bab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/FileFormats/src/main/java/ghidra/file/formats/ios/dmg/DmgHeaderV1_old.java"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `put_regions_exdi` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=3, for=1, if=3, nested_bonus=3."}, "properties": {"repobilityId": 35680, "scanner": "repobility-threat-engine", "fingerprint": "8667ff55a2dd5c28f085ba9fe53f3b4ee8474d44386cd260a8be7409ca3b4d0d", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "put_regions_exdi", "breakdown": {"if": 3, "for": 1, "continue": 3, "nested_bonus": 3}, "complexity": 10, "correlation_key": "fp|8667ff55a2dd5c28f085ba9fe53f3b4ee8474d44386cd260a8be7409ca3b4d0d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/exdi/exdi_commands.py"}, "region": {"startLine": 135}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `GetOffspring` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, else=2, for=1, if=3, nested_bonus=5."}, "properties": {"repobilityId": 35679, "scanner": "repobility-threat-engine", "fingerprint": "e15a7b23a27d728048c08b9ba90364406361492000f3af32c494c1faf20182f3", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 12 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "GetOffspring", "breakdown": {"if": 3, "for": 1, "elif": 1, "else": 2, "nested_bonus": 5}, "complexity": 12, "correlation_key": "fp|e15a7b23a27d728048c08b9ba90364406361492000f3af32c494c1faf20182f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/dbgmodel/imodelobject.py"}, "region": {"startLine": 322}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 35648, "scanner": "repobility-threat-engine", "fingerprint": "d178b2db9350960188d48f2a1bcf4ee3519f6472a0a3d23d781ab094bed90b7d", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"Problem querying opinion \" + opinion + \" for platform offers: \"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d178b2db9350960188d48f2a1bcf4ee3519f6472a0a3d23d781ab094bed90b7d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger/src/main/java/ghidra/app/plugin/core/debug/mapping/DebuggerPlatformOpinion.java"}, "region": {"startLine": 142}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 35647, "scanner": "repobility-threat-engine", "fingerprint": "cdf571fffe3123785856f81b8105bb569619ad7b8ecf73e9f4664272573af02e", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"Register \" + reg + \" is not in current language\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|cdf571fffe3123785856f81b8105bb569619ad7b8ecf73e9f4664272573af02e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger/src/main/java/ghidra/app/plugin/core/debug/gui/register/DebuggerAvailableRegistersDialog.java"}, "region": {"startLine": 281}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 35646, "scanner": "repobility-threat-engine", "fingerprint": "85fdc160d4c4a25b18fa218b4f41fbc8bf2342b0ba7d9bf5d10cdbc4ddbf5973", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"Unable to read \"+length+\" bytes\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|85fdc160d4c4a25b18fa218b4f41fbc8bf2342b0ba7d9bf5d10cdbc4ddbf5973"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/src/dmg/java/mobiledevices/dmg/ghidra/GByteProvider.java"}, "region": {"startLine": 106}}}]}, {"ruleId": "MINED085", "level": "none", "message": {"text": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM."}, "properties": {"repobilityId": 35716, "scanner": "repobility-threat-engine", "fingerprint": "f1d69f482b188a2613a1acca985469638cb4c108cf5f5e24bf5507818d11009b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-systemexit", "owasp": null, "cwe_ids": ["CWE-1075"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348136+00:00", "triaged_in_corpus": 15, "observations_count": 970, "ai_coder_pattern_id": 127}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f1d69f482b188a2613a1acca985469638cb4c108cf5f5e24bf5507818d11009b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/Base/src/main/java/ghidra/app/merge/MergeProgressPanel.java"}, "region": {"startLine": 227}}}]}, {"ruleId": "MINED085", "level": "none", "message": {"text": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM."}, "properties": {"repobilityId": 35715, "scanner": "repobility-threat-engine", "fingerprint": "4407963ae1725c69c832b7c4f384854b9bc08b24dadfabf321903bf81b48eb37", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-systemexit", "owasp": null, "cwe_ids": ["CWE-1075"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348136+00:00", "triaged_in_corpus": 15, "observations_count": 970, "ai_coder_pattern_id": 127}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4407963ae1725c69c832b7c4f384854b9bc08b24dadfabf321903bf81b48eb37"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/Base/src/main/java/ghidra/JarRun.java"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED085", "level": "none", "message": {"text": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM."}, "properties": {"repobilityId": 35714, "scanner": "repobility-threat-engine", "fingerprint": "2be8dac39a6728d15c087c647548a48f9abfce2b5e85298455f90173576d4a4c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-systemexit", "owasp": null, "cwe_ids": ["CWE-1075"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348136+00:00", "triaged_in_corpus": 15, "observations_count": 970, "ai_coder_pattern_id": 127}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2be8dac39a6728d15c087c647548a48f9abfce2b5e85298455f90173576d4a4c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/src/main/java/ghidra/features/bsim/query/ingest/HeadlessBSimApplicationConfiguration.java"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED093", "level": "none", "message": {"text": "[MINED093] Java Sql Statement Concat: Statement.executeQuery with concat string = SQL injection."}, "properties": {"repobilityId": 35713, "scanner": "repobility-threat-engine", "fingerprint": "dba7569ae43e2789464be7193117be80bee3026813f2d5963ca6df9ba999245a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-sql-statement-concat", "owasp": null, "cwe_ids": ["CWE-89"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348155+00:00", "triaged_in_corpus": 20, "observations_count": 136, "ai_coder_pattern_id": 129}, "scanner": "repobility-threat-engine", "correlation_key": "fp|dba7569ae43e2789464be7193117be80bee3026813f2d5963ca6df9ba999245a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/src/main/java/ghidra/features/bsim/query/file/H2VectorTable.java"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED004", "level": "none", "message": {"text": "[MINED004] Weak Crypto (and 17 more): Same pattern found in 17 additional files. Review if needed."}, "properties": {"repobilityId": 35712, "scanner": "repobility-threat-engine", "fingerprint": "a12282ad0963c4794d8c2106d5627096f460b0d08e54753ac0b0346ac0acd4cd", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 17 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|a12282ad0963c4794d8c2106d5627096f460b0d08e54753ac0b0346ac0acd4cd", "aggregated_count": 17}}}, {"ruleId": "MINED057", "level": "none", "message": {"text": "[MINED057] Todo Bomb: Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolved."}, "properties": {"repobilityId": 35708, "scanner": "repobility-threat-engine", "fingerprint": "11632dcbccdc8da024a8072633c5b267e57c4cec8b4f11a325d4dba2950dc2ae", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "todo-bomb", "owasp": null, "cwe_ids": [], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348035+00:00", "triaged_in_corpus": 10, "observations_count": 255662, "ai_coder_pattern_id": 4}, "scanner": "repobility-threat-engine", "correlation_key": "fp|11632dcbccdc8da024a8072633c5b267e57c4cec8b4f11a325d4dba2950dc2ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/Base/ghidra_scripts/GetAndSetAnalysisOptionsScript.java"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED057", "level": "none", "message": {"text": "[MINED057] Todo Bomb: Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolved."}, "properties": {"repobilityId": 35707, "scanner": "repobility-threat-engine", "fingerprint": "3d22bbd36b4c5bde407bce9128c446549c88b391d8451e05f40fe9c3057ce84b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "todo-bomb", "owasp": null, "cwe_ids": [], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348035+00:00", "triaged_in_corpus": 10, "observations_count": 255662, "ai_coder_pattern_id": 4}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3d22bbd36b4c5bde407bce9128c446549c88b391d8451e05f40fe9c3057ce84b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SymbolicSummaryZ3/src/main/java/ghidra/pcode/emu/symz3/state/SymZ3PieceHandler.java"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 35706, "scanner": "repobility-threat-engine", "fingerprint": "9b892c5bc333543dfe0b407f7d99d150e1d58f397f33e3e94e2ad6b2700b3449", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9b892c5bc333543dfe0b407f7d99d150e1d58f397f33e3e94e2ad6b2700b3449"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/build.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "properties": {"repobilityId": 35703, "scanner": "repobility-threat-engine", "fingerprint": "a0769f34321ccb4a2408866410ff258332c2e3d0c176eda236c0efe5490d0026", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|a0769f34321ccb4a2408866410ff258332c2e3d0c176eda236c0efe5490d0026"}}}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 35699, "scanner": "repobility-threat-engine", "fingerprint": "ea4781756429ad8735960aee2ce89cd98b5f76d2dec276f14e6c9c5e3fb0a826", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ea4781756429ad8735960aee2ce89cd98b5f76d2dec276f14e6c9c5e3fb0a826"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-rmi-trace/src/main/py/src/ghidratrace/setuputils.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED083", "level": "none", "message": {"text": "[MINED083] Java Thread Start (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 35698, "scanner": "repobility-threat-engine", "fingerprint": "a94b57aa8b6448bde8f185a7ff12e74f49478deea3b108b641b1741028712bab", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "java-thread-start", "owasp": null, "cwe_ids": ["CWE-664"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348131+00:00", "triaged_in_corpus": 12, "observations_count": 1591, "ai_coder_pattern_id": 128}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|a94b57aa8b6448bde8f185a7ff12e74f49478deea3b108b641b1741028712bab", "aggregated_count": 2}}}, {"ruleId": "MINED083", "level": "none", "message": {"text": "[MINED083] Java Thread Start: Raw thread creation. Should use ExecutorService for managed pool."}, "properties": {"repobilityId": 35697, "scanner": "repobility-threat-engine", "fingerprint": "43dd9197878dc8853611085a79136e09d677cc0b7971cfa951a4619bd1a5d780", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-thread-start", "owasp": null, "cwe_ids": ["CWE-664"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348131+00:00", "triaged_in_corpus": 12, "observations_count": 1591, "ai_coder_pattern_id": 128}, "scanner": "repobility-threat-engine", "correlation_key": "fp|43dd9197878dc8853611085a79136e09d677cc0b7971cfa951a4619bd1a5d780"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/src/main/java/ghidra/features/bsim/query/BSimPostgresDBConnectionManager.java"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED083", "level": "none", "message": {"text": "[MINED083] Java Thread Start: Raw thread creation. Should use ExecutorService for managed pool."}, "properties": {"repobilityId": 35696, "scanner": "repobility-threat-engine", "fingerprint": "86a51194d0c5cda8993109844a98629859a32432a18213ffeb440398fe7117ff", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-thread-start", "owasp": null, "cwe_ids": ["CWE-664"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348131+00:00", "triaged_in_corpus": 12, "observations_count": 1591, "ai_coder_pattern_id": 128}, "scanner": "repobility-threat-engine", "correlation_key": "fp|86a51194d0c5cda8993109844a98629859a32432a18213ffeb440398fe7117ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-rmi-trace/src/main/java/ghidra/app/plugin/core/debug/service/tracermi/TraceRmiServer.java"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED083", "level": "none", "message": {"text": "[MINED083] Java Thread Start: Raw thread creation. Should use ExecutorService for managed pool."}, "properties": {"repobilityId": 35695, "scanner": "repobility-threat-engine", "fingerprint": "efc66f3cf1416f1a0dc9efbf9e730b4273f699797f3fd2fa74eaf655337014ed", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-thread-start", "owasp": null, "cwe_ids": ["CWE-664"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348131+00:00", "triaged_in_corpus": 12, "observations_count": 1591, "ai_coder_pattern_id": 128}, "scanner": "repobility-threat-engine", "correlation_key": "fp|efc66f3cf1416f1a0dc9efbf9e730b4273f699797f3fd2fa74eaf655337014ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-jpda/src/main/java/ghidra/dbg/jdi/manager/impl/JdiManagerImpl.java"}, "region": {"startLine": 78}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 35693, "scanner": "repobility-threat-engine", "fingerprint": "7ad821c68fd7d69c56ceaf843dc975879999279796dea3d5e69af832688addea", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|7ad821c68fd7d69c56ceaf843dc975879999279796dea3d5e69af832688addea"}}}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 47 more): Same pattern found in 47 additional files. Review if needed."}, "properties": {"repobilityId": 35689, "scanner": "repobility-threat-engine", "fingerprint": "b8fb764367e98024eaf1ef8c9853768eb4cce10cee410539332cb4f56acf01ef", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 47 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 47 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|b8fb764367e98024eaf1ef8c9853768eb4cce10cee410539332cb4f56acf01ef"}}}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 35684, "scanner": "repobility-threat-engine", "fingerprint": "10ba9233505dad6e843d633e5ab7cd38d549c5b32517397a0cb18b62c666d759", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|10ba9233505dad6e843d633e5ab7cd38d549c5b32517397a0cb18b62c666d759"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/Base/ghidra_scripts/RecursiveStringFinder.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 35683, "scanner": "repobility-threat-engine", "fingerprint": "d31fb61d65d468264937b4f0865935968b127b7eab007624dfb0d591af277845", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d31fb61d65d468264937b4f0865935968b127b7eab007624dfb0d591af277845"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-x64dbg/src/main/py/src/ghidraxdbg/util.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 35682, "scanner": "repobility-threat-engine", "fingerprint": "f5c6c6de54349509c08b18c4504c1789b34ea0dbee45cdae989da66cff2ea02d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f5c6c6de54349509c08b18c4504c1789b34ea0dbee45cdae989da66cff2ea02d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/exdi/exdi_methods.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 15 more): Same pattern found in 15 additional files. Review if needed."}, "properties": {"repobilityId": 35681, "scanner": "repobility-threat-engine", "fingerprint": "49c7adc690aaef0cba0539e188460f8671984ef7c4ebdb1c821d1535a2aa7f56", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 15 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "get_arch", "breakdown": {"if": 29, "except": 1}, "aggregated": true, "complexity": 30, "correlation_key": "fp|49c7adc690aaef0cba0539e188460f8671984ef7c4ebdb1c821d1535a2aa7f56", "aggregated_count": 15}}}, {"ruleId": "ERR001", "level": "none", "message": {"text": "[ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 35677, "scanner": "repobility-threat-engine", "fingerprint": "4ffea2800599adb663df46ab31003467b0a25ff84f83dd40a996e94f4d40f164", "category": "error_handling", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|4ffea2800599adb663df46ab31003467b0a25ff84f83dd40a996e94f4d40f164"}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "properties": {"repobilityId": 35673, "scanner": "repobility-threat-engine", "fingerprint": "091a09b8c764f855918622fcf41c76ebcaf1ff1f761099248b190e861f32eaba", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 10 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|091a09b8c764f855918622fcf41c76ebcaf1ff1f761099248b190e861f32eaba", "aggregated_count": 10}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 35672, "scanner": "repobility-threat-engine", "fingerprint": "bec241b7449920c1baee1cb1b6f68632522c12f30d1d744ed5c3ecc6b5dc4b5d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bec241b7449920c1baee1cb1b6f68632522c12f30d1d744ed5c3ecc6b5dc4b5d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/arch.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 35671, "scanner": "repobility-threat-engine", "fingerprint": "c25d116afdc4188cb81e40a79d6f230928df9f30163ade44648e6aedb28cb628", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c25d116afdc4188cb81e40a79d6f230928df9f30163ade44648e6aedb28cb628"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 35670, "scanner": "repobility-threat-engine", "fingerprint": "011a3b2ad29a5bb5e17cad792727716c26177ce1e20534c3736864810d2953eb", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|011a3b2ad29a5bb5e17cad792727716c26177ce1e20534c3736864810d2953eb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-attach.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 35669, "scanner": "repobility-threat-engine", "fingerprint": "7fa035b085c0bd9a31a5276c49da091420eed1825fee6f01486426827fccfced", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|7fa035b085c0bd9a31a5276c49da091420eed1825fee6f01486426827fccfced", "aggregated_count": 5}}}, {"ruleId": "MINED006", "level": "none", "message": {"text": "[MINED006] Overcatch Baseexception (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 35665, "scanner": "repobility-threat-engine", "fingerprint": "187df7a8468ce7af39689c6684407e0bf514988124c7b6b5a8485861f3f5d787", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|187df7a8468ce7af39689c6684407e0bf514988124c7b6b5a8485861f3f5d787", "aggregated_count": 8}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 35661, "scanner": "repobility-threat-engine", "fingerprint": "981aa2b834dd378eb807f47ae4a885ecbe18f36656cd1bc0d743e5fd05b319e3", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Environment variable or config lookup (credentials loaded safely)", "evidence": {"match": "print(f\"ConfigFile: {os.getenv('EXDI_GDBSRV_XML_CONFIG_FILE')", "reason": "Environment variable or config lookup (credentials loaded safely)", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "secret|token|4|print f configfile: os.getenv exdi_gdbsrv_xml_config_file"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/kernel-dbgeng.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 35660, "scanner": "repobility-threat-engine", "fingerprint": "3c06cb17fdedaafe1128802ba01376e4ddcb49a3bd3ca7a4fc5b0a908948b9d1", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3c06cb17fdedaafe1128802ba01376e4ddcb49a3bd3ca7a4fc5b0a908948b9d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/missing.c"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED081", "level": "none", "message": {"text": "[MINED081] Java Printstacktrace (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "properties": {"repobilityId": 35657, "scanner": "repobility-threat-engine", "fingerprint": "c48dd9724b0e7b09101b63cd28a96835edab663d1e7839f2bf030f902bbf5bf3", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "java-printstacktrace", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348125+00:00", "triaged_in_corpus": 12, "observations_count": 2934, "ai_coder_pattern_id": 126}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|c48dd9724b0e7b09101b63cd28a96835edab663d1e7839f2bf030f902bbf5bf3", "aggregated_count": 9}}}, {"ruleId": "MINED081", "level": "none", "message": {"text": "[MINED081] Java Printstacktrace: Should use logger, not stack trace to stderr."}, "properties": {"repobilityId": 35656, "scanner": "repobility-threat-engine", "fingerprint": "c2850f77abc2d092a560e61f90bd61c2e39d6d2305bacea2dc006f85f58d02d9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-printstacktrace", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348125+00:00", "triaged_in_corpus": 12, "observations_count": 2934, "ai_coder_pattern_id": 126}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c2850f77abc2d092a560e61f90bd61c2e39d6d2305bacea2dc006f85f58d02d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Framework-TraceModeling/src/main/java/ghidra/trace/database/DBTraceContentHandler.java"}, "region": {"startLine": 132}}}]}, {"ruleId": "MINED081", "level": "none", "message": {"text": "[MINED081] Java Printstacktrace: Should use logger, not stack trace to stderr."}, "properties": {"repobilityId": 35655, "scanner": "repobility-threat-engine", "fingerprint": "99fe9d35717a6800a9821b7541415dfd408fb09287b0c5bf5c3c56a9350d9849", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-printstacktrace", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348125+00:00", "triaged_in_corpus": 12, "observations_count": 2934, "ai_coder_pattern_id": 126}, "scanner": "repobility-threat-engine", "correlation_key": "fp|99fe9d35717a6800a9821b7541415dfd408fb09287b0c5bf5c3c56a9350d9849"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger/src/main/java/ghidra/app/plugin/core/debug/taint/SarifLogicalLocationWriter.java"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED081", "level": "none", "message": {"text": "[MINED081] Java Printstacktrace: Should use logger, not stack trace to stderr."}, "properties": {"repobilityId": 35654, "scanner": "repobility-threat-engine", "fingerprint": "5917400980d4329944c2ac62950c719cb4b665724c35920d869758b0b904cd2e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-printstacktrace", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348125+00:00", "triaged_in_corpus": 12, "observations_count": 2934, "ai_coder_pattern_id": 126}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5917400980d4329944c2ac62950c719cb4b665724c35920d869758b0b904cd2e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/src/dmg/java/mobiledevices/dmg/reader/DmgInfoGenerator.java"}, "region": {"startLine": 197}}}]}, {"ruleId": "SEC012", "level": "none", "message": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 35653, "scanner": "repobility-threat-engine", "fingerprint": "f21d8f84b5b8fd967ff0c5e2e1c3fb58bbdee23dfc12821fdafc6666b2cd3f87", "category": "path_traversal", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC012", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|f21d8f84b5b8fd967ff0c5e2e1c3fb58bbdee23dfc12821fdafc6666b2cd3f87"}}}, {"ruleId": "SEC132", "level": "none", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift) (and 85 more): Same pattern found in 85 additional files. Review if needed."}, "properties": {"repobilityId": 35649, "scanner": "repobility-threat-engine", "fingerprint": "afdb9e0a98c9da833e8eb932b56d6f2a648c4c6970c0930638b81b1d1a513646", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 85 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 85 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|afdb9e0a98c9da833e8eb932b56d6f2a648c4c6970c0930638b81b1d1a513646"}}}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Ghidra/RuntimeScripts/Common/support/gradle/gradle-wrapper.jar` committed in source repo: `Ghidra/RuntimeScripts/Common/support/gradle/gradle-wrapper.jar` is a .jar binary (43,453 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35856, "scanner": "repobility-supply-chain", "fingerprint": "54ca1226fe57096d69aaec334fc0410a95c1d8b3495c3ac9ce38d4fb0a735726", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|54ca1226fe57096d69aaec334fc0410a95c1d8b3495c3ac9ce38d4fb0a735726"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/RuntimeScripts/Common/support/gradle/gradle-wrapper.jar"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GPL/DMG/data/os/win_x86_64/llio_i386.dll` committed in source repo: `GPL/DMG/data/os/win_x86_64/llio_i386.dll` is a .dll binary (61,952 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35855, "scanner": "repobility-supply-chain", "fingerprint": "b98be7ddf504ac2ff1dca91efd39059a47971ec7e6854fbf449a7c32577cf38b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b98be7ddf504ac2ff1dca91efd39059a47971ec7e6854fbf449a7c32577cf38b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/data/os/win_x86_64/llio_i386.dll"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GPL/DMG/data/os/win_x86_64/llio_ia64.dll` committed in source repo: `GPL/DMG/data/os/win_x86_64/llio_ia64.dll` is a .dll binary (151,552 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35854, "scanner": "repobility-supply-chain", "fingerprint": "69aa08764a2ee3ddef1e5182595dc5b47f92fc785cc53088c5a5d649e99be2bd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|69aa08764a2ee3ddef1e5182595dc5b47f92fc785cc53088c5a5d649e99be2bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/data/os/win_x86_64/llio_ia64.dll"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GPL/DMG/data/os/win_x86_64/llio_amd64.dll` committed in source repo: `GPL/DMG/data/os/win_x86_64/llio_amd64.dll` is a .dll binary (64,000 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35853, "scanner": "repobility-supply-chain", "fingerprint": "a0fea06f1b17a89471f97302619e78c1888e6eec053bab8f7cf2d6863e0ef49c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a0fea06f1b17a89471f97302619e78c1888e6eec053bab8f7cf2d6863e0ef49c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/data/os/win_x86_64/llio_amd64.dll"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GPL/DMG/data/os/win_x86_32/llio_i386.dll` committed in source repo: `GPL/DMG/data/os/win_x86_32/llio_i386.dll` is a .dll binary (61,952 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35852, "scanner": "repobility-supply-chain", "fingerprint": "60b78b461b497d3d6998a32b902aad99db878148358f52171e87a40f19494a4f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|60b78b461b497d3d6998a32b902aad99db878148358f52171e87a40f19494a4f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/data/os/win_x86_32/llio_i386.dll"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GPL/DMG/data/os/win_x86_32/llio_ia64.dll` committed in source repo: `GPL/DMG/data/os/win_x86_32/llio_ia64.dll` is a .dll binary (151,552 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35851, "scanner": "repobility-supply-chain", "fingerprint": "d03b5b0b1b58d619833ddd00121c40cbf8858409a28778111cf8a9cb43c4fcde", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d03b5b0b1b58d619833ddd00121c40cbf8858409a28778111cf8a9cb43c4fcde"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/data/os/win_x86_32/llio_ia64.dll"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GPL/DMG/data/os/win_x86_32/llio_amd64.dll` committed in source repo: `GPL/DMG/data/os/win_x86_32/llio_amd64.dll` is a .dll binary (64,000 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35850, "scanner": "repobility-supply-chain", "fingerprint": "a427d322a27c47376c5bdf081b01707cae6f0a4e55a6e69a6016648661c3be2d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a427d322a27c47376c5bdf081b01707cae6f0a4e55a6e69a6016648661c3be2d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DMG/data/os/win_x86_32/llio_amd64.dll"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GhidraDocs/GhidraClass/ExerciseFiles/WinhelloCPP/WinHelloCPP.exe` committed in source repo: `GhidraDocs/GhidraClass/ExerciseFiles/WinhelloCPP/WinHelloCPP.exe` is a .exe binary (110,592 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35849, "scanner": "repobility-supply-chain", "fingerprint": "15a0e607532910de5b5bc6260ed9e309aa31b77e4ae72829db715945b6082231", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|15a0e607532910de5b5bc6260ed9e309aa31b77e4ae72829db715945b6082231"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraDocs/GhidraClass/ExerciseFiles/WinhelloCPP/WinHelloCPP.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GhidraDocs/GhidraClass/ExerciseFiles/VersionTracking/WallaceSrc.exe` committed in source repo: `GhidraDocs/GhidraClass/ExerciseFiles/VersionTracking/WallaceSrc.exe` is a .exe binary (33,792 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35848, "scanner": "repobility-supply-chain", "fingerprint": "724e85d666a755116c4e2f525dae602f05e0dd2ea7cf8bb44b00aa3d56856876", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|724e85d666a755116c4e2f525dae602f05e0dd2ea7cf8bb44b00aa3d56856876"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraDocs/GhidraClass/ExerciseFiles/VersionTracking/WallaceSrc.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GhidraDocs/GhidraClass/ExerciseFiles/VersionTracking/WallaceVersion2.exe` committed in source repo: `GhidraDocs/GhidraClass/ExerciseFiles/VersionTracking/WallaceVersion2.exe` is a .exe binary (33,792 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35847, "scanner": "repobility-supply-chain", "fingerprint": "e0d147dcce702a1040d72444dabf11b8c9c7e1c26e39d6bef39a5c3fa560846b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e0d147dcce702a1040d72444dabf11b8c9c7e1c26e39d6bef39a5c3fa560846b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraDocs/GhidraClass/ExerciseFiles/VersionTracking/WallaceVersion2.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GhidraDocs/GhidraClass/ExerciseFiles/Advanced/globalRegVars.so` committed in source repo: `GhidraDocs/GhidraClass/ExerciseFiles/Advanced/globalRegVars.so` is a .so binary (8,008 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35846, "scanner": "repobility-supply-chain", "fingerprint": "39ecbe5517a434c3014a66fdf7090f9b2cf20df714c2d138896c17c261f15b97", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|39ecbe5517a434c3014a66fdf7090f9b2cf20df714c2d138896c17c261f15b97"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraDocs/GhidraClass/ExerciseFiles/Advanced/globalRegVars.so"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `GhidraDocs/GhidraClass/ExerciseFiles/Advanced/override.so` committed in source repo: `GhidraDocs/GhidraClass/ExerciseFiles/Advanced/override.so` is a .so binary (8,352 bytes) committed to a repo that otherwise has 15845 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 35845, "scanner": "repobility-supply-chain", "fingerprint": "ba4e7bc4fbbd021f74a1b5e8403fad82503828bdbb3d27cc2aa18288da2b9a5f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ba4e7bc4fbbd021f74a1b5e8403fad82503828bdbb3d27cc2aa18288da2b9a5f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraDocs/GhidraClass/ExerciseFiles/Advanced/override.so"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `gradle/actions/dependency-submission` pinned to mutable ref `@v6`: `uses: gradle/actions/dependency-submission@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 35844, "scanner": "repobility-supply-chain", "fingerprint": "c7067102d959089d4aa71037d53c5008eaa592a20af758557abac4ac1ecf4f8b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c7067102d959089d4aa71037d53c5008eaa592a20af758557abac4ac1ecf4f8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dependency-submission.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-java` pinned to mutable ref `@v5`: `uses: actions/setup-java@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 35843, "scanner": "repobility-supply-chain", "fingerprint": "5f47e5cdce56cd187b562707b2862215aa275a4ef9f265543c69020d3fea37cd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5f47e5cdce56cd187b562707b2862215aa275a4ef9f265543c69020d3fea37cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dependency-submission.yml"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 35842, "scanner": "repobility-supply-chain", "fingerprint": "4c69ad2f5b91c4a30a9e8e58484093b9b438e5084cbab629349e14a4e66f70e4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4c69ad2f5b91c4a30a9e8e58484093b9b438e5084cbab629349e14a4e66f70e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dependency-submission.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-java` pinned to mutable ref `@v5`: `uses: actions/setup-java@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 35841, "scanner": "repobility-supply-chain", "fingerprint": "cfeb33d737f6c659cd0e9860d65a6f77a54e8c332172afc0c734f2dd0e91b5a4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cfeb33d737f6c659cd0e9860d65a6f77a54e8c332172afc0c734f2dd0e91b5a4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-ghidra.yml"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 35840, "scanner": "repobility-supply-chain", "fingerprint": "f7dfb4cf3688452100dd23913c67287a24ac08fa4e1e453077ca65c1294c0be0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f7dfb4cf3688452100dd23913c67287a24ac08fa4e1e453077ca65c1294c0be0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-ghidra.yml"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `alpine:3.20` not pinned by digest: `FROM alpine:3.20` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 35839, "scanner": "repobility-supply-chain", "fingerprint": "116feda3588ba5793f98493d8e2fc1c9bf5c6f680ea3f390a8b7a584d4cc98de", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|116feda3588ba5793f98493d8e2fc1c9bf5c6f680ea3f390a8b7a584d4cc98de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_boilerplate: Test function `test_boilerplate` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35838, "scanner": "repobility-ast-engine", "fingerprint": "38c550f5b3482d476603d969d6300cf9d6faa2a48c12b5c9c88132813f4ee37b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|38c550f5b3482d476603d969d6300cf9d6faa2a48c12b5c9c88132813f4ee37b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 114}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_fi: Test function `test_fi` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35837, "scanner": "repobility-ast-engine", "fingerprint": "bb878fb4180eafef8d4edbb309678a4a5993ec5daca2b5e0c026c5edb1009921", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bb878fb4180eafef8d4edbb309678a4a5993ec5daca2b5e0c026c5edb1009921"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_body: Test function `test_body` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35836, "scanner": "repobility-ast-engine", "fingerprint": "2f9c5c0f46cfab1a78f51c30aae50fc713c433d95c52668d9d4541d729e8c1db", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2f9c5c0f46cfab1a78f51c30aae50fc713c433d95c52668d9d4541d729e8c1db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_close_brace: Test function `test_close_brace` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35835, "scanner": "repobility-ast-engine", "fingerprint": "faad7e0c14ae2c385d979003c47178da68b2c9532434067daf3b07008c11e4cf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|faad7e0c14ae2c385d979003c47178da68b2c9532434067daf3b07008c11e4cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_main: Test function `test_main` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35834, "scanner": "repobility-ast-engine", "fingerprint": "2a601ecaafa2b02045674aa0e7e12e0a8e84ec8e7a937b36074b3a4a3a9f4c60", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a601ecaafa2b02045674aa0e7e12e0a8e84ec8e7a937b36074b3a4a3a9f4c60"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_open_brace: Test function `test_open_brace` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35833, "scanner": "repobility-ast-engine", "fingerprint": "e046a715ac661149d2bc0996a1ec158565c383dd29d75811862812a934bc07ff", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e046a715ac661149d2bc0996a1ec158565c383dd29d75811862812a934bc07ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_endif: Test function `test_endif` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35832, "scanner": "repobility-ast-engine", "fingerprint": "2dc3ce9c3c4e0f69305385186dd22c69ff286cba741e9cb2a8759792bba21fe4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2dc3ce9c3c4e0f69305385186dd22c69ff286cba741e9cb2a8759792bba21fe4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_if: Test function `test_if` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35831, "scanner": "repobility-ast-engine", "fingerprint": "a10c21a59991a47532d265405ce6216282c60a010bcf8f0522cd9b76a0046400", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a10c21a59991a47532d265405ce6216282c60a010bcf8f0522cd9b76a0046400"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_test: Test function `test_test` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35830, "scanner": "repobility-ast-engine", "fingerprint": "d6954b6b22d1f7a550fde99f02ad449a3080e4d19f2b21d5a98e75fb50d6f229", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d6954b6b22d1f7a550fde99f02ad449a3080e4d19f2b21d5a98e75fb50d6f229"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_hdr: Test function `test_hdr` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35829, "scanner": "repobility-ast-engine", "fingerprint": "91e0e13a0cf8aff9eb5bf99102f652110852a3766932af10344ee43dfc2647d0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|91e0e13a0cf8aff9eb5bf99102f652110852a3766932af10344ee43dfc2647d0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/tpp.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_invalid_loader_type: Test function `test_invalid_loader_type` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35826, "scanner": "repobility-ast-engine", "fingerprint": "cd69f606d48d8dd6308ec2227d58523d279a091cd913880154325e5bbde868de", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cd69f606d48d8dd6308ec2227d58523d279a091cd913880154325e5bbde868de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/PyGhidra/src/main/py/tests/test_core.py"}, "region": {"startLine": 139}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_invalid_loader: Test function `test_invalid_loader` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35825, "scanner": "repobility-ast-engine", "fingerprint": "e9afe79af3ee2bfee6481d7c7a237835f40c4672fbc883d059758bb925b7a171", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e9afe79af3ee2bfee6481d7c7a237835f40c4672fbc883d059758bb925b7a171"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/PyGhidra/src/main/py/tests/test_core.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_language_with_compiler: Test function `test_no_language_with_compiler` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35824, "scanner": "repobility-ast-engine", "fingerprint": "a2250c3d07bc5959247dd1820967e1fb304263086766a6c70380e978179f5e37", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a2250c3d07bc5959247dd1820967e1fb304263086766a6c70380e978179f5e37"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/PyGhidra/src/main/py/tests/test_core.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_compiler: Test function `test_no_compiler` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35823, "scanner": "repobility-ast-engine", "fingerprint": "9f00a27132613d7176b0a4e3cc10cf0a22c5685eae11cdb0d90ec9077a426f43", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9f00a27132613d7176b0a4e3cc10cf0a22c5685eae11cdb0d90ec9077a426f43"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/PyGhidra/src/main/py/tests/test_core.py"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bad_compiler: Test function `test_bad_compiler` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35822, "scanner": "repobility-ast-engine", "fingerprint": "326110720f93529d616930add1262148dad9143b4d5dd9a3bd1f2b0ee9866e94", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|326110720f93529d616930add1262148dad9143b4d5dd9a3bd1f2b0ee9866e94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/PyGhidra/src/main/py/tests/test_core.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bad_language: Test function `test_bad_language` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 35821, "scanner": "repobility-ast-engine", "fingerprint": "61364238cc96c22ae01811579291f4ad158a631a7ff4b03f11adfbab463ea960", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|61364238cc96c22ae01811579291f4ad158a631a7ff4b03f11adfbab463ea960"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/PyGhidra/src/main/py/tests/test_core.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_bookmarks` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_bookmarks`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35787, "scanner": "repobility-ast-engine", "fingerprint": "c41c183a4eef3f35cd15a30e81c024e52bbd62bcc317591814f7fd2402117cbd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c41c183a4eef3f35cd15a30e81c024e52bbd62bcc317591814f7fd2402117cbd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 326}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_comments` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_comments`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35786, "scanner": "repobility-ast-engine", "fingerprint": "5c61300bc31dbaa68c5f6480d86d38a0eeac1b886e14b6803cd85ef342e30cdf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5c61300bc31dbaa68c5f6480d86d38a0eeac1b886e14b6803cd85ef342e30cdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 325}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_data` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_data`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35785, "scanner": "repobility-ast-engine", "fingerprint": "be4e685e99bf1327a3b3953eb2067fd835a5afaea40c2a1c7f45c6ae5dcb4783", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|be4e685e99bf1327a3b3953eb2067fd835a5afaea40c2a1c7f45c6ae5dcb4783"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 323}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_code` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_code`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35784, "scanner": "repobility-ast-engine", "fingerprint": "52e3efffb7b4455ec32a111692326bcbcfdd22e32028f96803e601c0b5d37679", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|52e3efffb7b4455ec32a111692326bcbcfdd22e32028f96803e601c0b5d37679"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 321}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_register_values` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_register_values`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35783, "scanner": "repobility-ast-engine", "fingerprint": "b759e9597d8ed1b79064a1d4dace144400692a15e70a14319662c0fd166cffa6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b759e9597d8ed1b79064a1d4dace144400692a15e70a14319662c0fd166cffa6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 319}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_memory_map` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_memory_map`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35782, "scanner": "repobility-ast-engine", "fingerprint": "9362bbbf1a7d247149402600ae815b47e499c7b96e4655a821b43eefede2c6de", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9362bbbf1a7d247149402600ae815b47e499c7b96e4655a821b43eefede2c6de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 317}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_datatypes` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_datatypes`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35781, "scanner": "repobility-ast-engine", "fingerprint": "23c8e6a32e2d2454b3ef484439d267f6d10b2b0689622f30adae2036910d0f05", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|23c8e6a32e2d2454b3ef484439d267f6d10b2b0689622f30adae2036910d0f05"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 314}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35780, "scanner": "repobility-ast-engine", "fingerprint": "f9b941341f5f88bfd9330271f53ec941d75bd14c279259e94af02b24a9630d37", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9b941341f5f88bfd9330271f53ec941d75bd14c279259e94af02b24a9630d37"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 297}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35779, "scanner": "repobility-ast-engine", "fingerprint": "f08ae6df3c36b0fdb86d050f939762c11f89c3b1100fbdac82575e16bacb6d89", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f08ae6df3c36b0fdb86d050f939762c11f89c3b1100fbdac82575e16bacb6d89"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 291}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.display_summary` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.display_summary`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35778, "scanner": "repobility-ast-engine", "fingerprint": "ea50d13f45e07d11aba3e74c1bc29cef7dab5c7684e01f1328c8aa03475c43a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ea50d13f45e07d11aba3e74c1bc29cef7dab5c7684e01f1328c8aa03475c43a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 343}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.display_cpu_time` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.display_cpu_time`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35777, "scanner": "repobility-ast-engine", "fingerprint": "7215316c5b399bc71d7d60dd57e16dc7f34cf9aa8cd84c529835ec9c0a99b0b2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7215316c5b399bc71d7d60dd57e16dc7f34cf9aa8cd84c529835ec9c0a99b0b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 341}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.end_element` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.end_element`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35776, "scanner": "repobility-ast-engine", "fingerprint": "9a7875050d59570ebb026d653355f23d0ab38c4235be447caf41cebb7f1418b9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9a7875050d59570ebb026d653355f23d0ab38c4235be447caf41cebb7f1418b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 338}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.export_program` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.export_program`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35775, "scanner": "repobility-ast-engine", "fingerprint": "84ccb97247db2dcea44ba6009b31349cc9b5cf88443b39d8c798e7495ed53001", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|84ccb97247db2dcea44ba6009b31349cc9b5cf88443b39d8c798e7495ed53001"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 308}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.write_xml_declaration` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.write_xml_declaration`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35774, "scanner": "repobility-ast-engine", "fingerprint": "179016cf10194d3b8a1d575e80b33078dfc711d1c130ac345744f381c0d08885", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|179016cf10194d3b8a1d575e80b33078dfc711d1c130ac345744f381c0d08885"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 307}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35773, "scanner": "repobility-ast-engine", "fingerprint": "76245913c660526e301f0b109c715732a2651ae00536f3a5766e5de6e19e1475", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|76245913c660526e301f0b109c715732a2651ae00536f3a5766e5de6e19e1475"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 299}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.open_file` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.open_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35772, "scanner": "repobility-ast-engine", "fingerprint": "ed6ae24b18e7b47a43b94e81731c507440f2c6996c381a4f4b1e66d5f449a7a5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ed6ae24b18e7b47a43b94e81731c507440f2c6996c381a4f4b1e66d5f449a7a5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 299}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35771, "scanner": "repobility-ast-engine", "fingerprint": "6d5d34312390002e015cd3c40e3129449cc10778843ec86dc7b71b26ec2c8770", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6d5d34312390002e015cd3c40e3129449cc10778843ec86dc7b71b26ec2c8770"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 294}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35770, "scanner": "repobility-ast-engine", "fingerprint": "8992fbc23af6bc305cdc5af62e3a38fc59960ca83f7bf837c220ebf47ca28760", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8992fbc23af6bc305cdc5af62e3a38fc59960ca83f7bf837c220ebf47ca28760"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 292}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.autorun` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.autorun`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35769, "scanner": "repobility-ast-engine", "fingerprint": "ba938f83017509761f6e5955aee242c67011b75c28903fc198f44254c8e6b1b1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ba938f83017509761f6e5955aee242c67011b75c28903fc198f44254c8e6b1b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 290}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.get_options` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.get_options`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35768, "scanner": "repobility-ast-engine", "fingerprint": "7a45b87565a6ef2ca629ac89c60acf2b5e1d2fa49b2e20b113fd5c1b399fa737", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a45b87565a6ef2ca629ac89c60acf2b5e1d2fa49b2e20b113fd5c1b399fa737"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 288}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.check_and_load_decompiler` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.check_and_load_decompiler`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35767, "scanner": "repobility-ast-engine", "fingerprint": "79f1d1f9eaf623ac74a2bbdceff0c654109b63932f3a35204a125d968cb15651", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|79f1d1f9eaf623ac74a2bbdceff0c654109b63932f3a35204a125d968cb15651"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 286}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.display_version` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.display_version`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35766, "scanner": "repobility-ast-engine", "fingerprint": "3c13375244d01ee14e8d3336c681e8654d5c92965bcd3ca2c472bf5e4d83498b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3c13375244d01ee14e8d3336c681e8654d5c92965bcd3ca2c472bf5e4d83498b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 285}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.xmlfile` used but never assigned in __init__: Method `export_xml` of class `XmlExporter` reads `self.xmlfile`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35765, "scanner": "repobility-ast-engine", "fingerprint": "78dff040795fd1918f9068268788911fda8c68d7e0239dfd4551078360785a5a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|78dff040795fd1918f9068268788911fda8c68d7e0239dfd4551078360785a5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 299}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `display_summary` of class `IdaXml` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35764, "scanner": "repobility-ast-engine", "fingerprint": "2a74eab796f7929378cc01c73299408eaa4594d3896d61021cc343905d9fd434", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a74eab796f7929378cc01c73299408eaa4594d3896d61021cc343905d9fd434"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 164}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.close_xmlfile` used but never assigned in __init__: Method `cleanup` of class `IdaXml` reads `self.close_xmlfile`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 35763, "scanner": "repobility-ast-engine", "fingerprint": "16f35b964c83d42b86640885cf0c95be1d8aadccf8ad76bed0ad5fedbfc1a854", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|16f35b964c83d42b86640885cf0c95be1d8aadccf8ad76bed0ad5fedbfc1a854"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "DKR014", "level": "error", "message": {"text": "Dockerfile copies the entire context without .dockerignore"}, "properties": {"repobilityId": 35754, "scanner": "repobility-docker", "fingerprint": "769478f78e9604eb2ac24a17c234ec0a0fc7e05afca559e292034aeceaa4b477", "category": "docker", "severity": "high", "confidence": 0.92, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Broad context copy and missing .dockerignore were found together.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|769478f78e9604eb2ac24a17c234ec0a0fc7e05afca559e292034aeceaa4b477"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker/Dockerfile"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 35711, "scanner": "repobility-threat-engine", "fingerprint": "4255d9e3f046d9a7cec99de74f89dfb31e8eaf65a3b6f3d437e95a6cbce26de9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4255d9e3f046d9a7cec99de74f89dfb31e8eaf65a3b6f3d437e95a6cbce26de9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/ghidra_scripts/QueryWithFiltersScript.java"}, "region": {"startLine": 305}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 35710, "scanner": "repobility-threat-engine", "fingerprint": "df7ead09104de5e49c7afa08673ae3ffd5392e037710452171b92e4e19f3a8b7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|df7ead09104de5e49c7afa08673ae3ffd5392e037710452171b92e4e19f3a8b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/ghidra_scripts/GenerateSignatures.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 35709, "scanner": "repobility-threat-engine", "fingerprint": "12b172f54abe22cf3c59f933b5b529c9a9a7e3d1fe8291e9e822b975471ec4b9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|12b172f54abe22cf3c59f933b5b529c9a9a7e3d1fe8291e9e822b975471ec4b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/ghidra_scripts/GenerateSignatures.java"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED036", "level": "error", "message": {"text": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping."}, "properties": {"repobilityId": 35705, "scanner": "repobility-threat-engine", "fingerprint": "68f622abe6bbfebffb134eb394c7190b3e01c712603ea0ecdfa4b2c0dea2e744", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-os-system-call", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347982+00:00", "triaged_in_corpus": 15, "observations_count": 2221, "ai_coder_pattern_id": 117}, "scanner": "repobility-threat-engine", "correlation_key": "fp|68f622abe6bbfebffb134eb394c7190b3e01c712603ea0ecdfa4b2c0dea2e744"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/SleighDevTools/pcodetest/build.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 35702, "scanner": "repobility-threat-engine", "fingerprint": "625b7a5ca92839bebb4e198f963ce5fd382661afc0aff88dc3c35947ddf2fbce", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(u", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|625b7a5ca92839bebb4e198f963ce5fd382661afc0aff88dc3c35947ddf2fbce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/ghidra_scripts/CompareExecutablesScript.java"}, "region": {"startLine": 59}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 35701, "scanner": "repobility-threat-engine", "fingerprint": "2911ddc2153bee48009a9c012a4a8bc2934fe18f89ce01d897c49150f202f9ff", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(n", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|2911ddc2153bee48009a9c012a4a8bc2934fe18f89ce01d897c49150f202f9ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Features/BSim/ghidra_scripts/AddProgramToH2BSimDatabaseScript.java"}, "region": {"startLine": 113}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 35700, "scanner": "repobility-threat-engine", "fingerprint": "9b16726ab48b09673c27ebe1a545eeb12c4ab8347e57c63ba8d969f842db634c", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(n", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9b16726ab48b09673c27ebe1a545eeb12c4ab8347e57c63ba8d969f842db634c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger/src/main/java/ghidra/app/plugin/core/debug/utils/ProgramURLUtils.java"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 35688, "scanner": "repobility-threat-engine", "fingerprint": "bacc7b942fbe1b21f3dd9c6c2b77bc0d46e6afaea61007d7e7ec771be3842716", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "toRead.delete(alreadyKnown);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|bacc7b942fbe1b21f3dd9c6c2b77bc0d46e6afaea61007d7e7ec771be3842716"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger/src/main/java/ghidra/app/plugin/core/debug/gui/action/BasicAutoReadMemorySpec.java"}, "region": {"startLine": 176}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 35687, "scanner": "repobility-threat-engine", "fingerprint": "c17122dceb53aa459df32a38c3a268da11163bdb9cc739b3ed5dbfcf6b99a6da", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "tableModel.delete(entry);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c17122dceb53aa459df32a38c3a268da11163bdb9cc739b3ed5dbfcf6b99a6da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger/src/main/java/ghidra/app/plugin/core/debug/gui/AbstractDebuggerMapProposalDialog.java"}, "region": {"startLine": 75}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 35686, "scanner": "repobility-threat-engine", "fingerprint": "aae3dfa558aa2f9c254a0349fabf8415676b5762ac1a504c5980c524e14b6ea0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "mprot_catchpoint.delete()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|aae3dfa558aa2f9c254a0349fabf8415676b5762ac1a504c5980c524e14b6ea0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-gdb/src/main/py/src/ghidragdb/wine.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "SEC004", "level": "error", "message": {"text": "[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection."}, "properties": {"repobilityId": 35685, "scanner": "repobility-threat-engine", "fingerprint": "ce949cfe100e2943a8a543772a9fce4971f11440727d6170c94bdc0fa13f4376", "category": "injection", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "SQL string interpolation is near request/data/parameter input; user-controlled taint is plausible.", "evidence": {"match": ".execute(\"remote get {} {}\".format(", "reason": "SQL string interpolation is near request/data/parameter input; user-controlled taint is plausible.", "rule_id": "SEC004", "scanner": "repobility-threat-engine", "confidence": 0.85, "correlation_key": "code|injection|token|85|sec004"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-gdb/data/scripts/remote-proc-mappings.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "COMP001", "level": "error", "message": {"text": "[COMP001] High cognitive complexity: Function `get_arch` has cognitive complexity 30 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, if=29."}, "properties": {"repobilityId": 35678, "scanner": "repobility-threat-engine", "fingerprint": "ff6dfc704a9f12c2d6c636a68ffaf24dacd78285ad243ad24bc50ac61deffe6a", "category": "quality", "severity": "high", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 30 (severity threshold for high: 25+).", "evidence": {"scanner": "repobility-threat-engine", "function": "get_arch", "breakdown": {"if": 29, "except": 1}, "complexity": 30, "correlation_key": "fp|ff6dfc704a9f12c2d6c636a68ffaf24dacd78285ad243ad24bc50ac61deffe6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/arch.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 35668, "scanner": "repobility-threat-engine", "fingerprint": "eff390f9af9d7d8056d9db7b8fe339150f6a7674d6d91456e24e14da29a280ed", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|eff390f9af9d7d8056d9db7b8fe339150f6a7674d6d91456e24e14da29a280ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-x64dbg/data/support/local-x64dbg-attach.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 35667, "scanner": "repobility-threat-engine", "fingerprint": "4a00557d3f2019c3023b860bd998b998dcfc530a29e5865012150aa795e4fc63", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4a00557d3f2019c3023b860bd998b998dcfc530a29e5865012150aa795e4fc63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 35666, "scanner": "repobility-threat-engine", "fingerprint": "73d190f88625677320d71ff786dc18fdb27db5622759964ec5dd4700aa124ba1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|73d190f88625677320d71ff786dc18fdb27db5622759964ec5dd4700aa124ba1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-attach.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 35664, "scanner": "repobility-threat-engine", "fingerprint": "918201087ec871de89d462d601b7b6d63cae68784a9a6305142a54afeda30714", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|918201087ec871de89d462d601b7b6d63cae68784a9a6305142a54afeda30714"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-ext.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 35663, "scanner": "repobility-threat-engine", "fingerprint": "c1bdef7a9014a6a079416ebc9f3a4845a507b748f8e0c3422975f3a6c52e0781", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c1bdef7a9014a6a079416ebc9f3a4845a507b748f8e0c3422975f3a6c52e0781"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/local-dbgeng-attach.py"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 35662, "scanner": "repobility-threat-engine", "fingerprint": "e06a84f2c04309962c5f7df8b067f5f0fc74c823ab1e0c4f42a7230dc20fbb50", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e06a84f2c04309962c5f7df8b067f5f0fc74c823ab1e0c4f42a7230dc20fbb50"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/data/support/kernel-dbgeng.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `inspect` used but not imported: The file uses `inspect.something(...)` but never imports `inspect`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35828, "scanner": "repobility-ast-engine", "fingerprint": "d592672c72183135c65759452ae71743f07434f0dee0832990e56de104fc5638", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d592672c72183135c65759452ae71743f07434f0dee0832990e56de104fc5638"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Extensions/Jython/jython-src/jintrospect.py"}, "region": {"startLine": 214}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `time` used but not imported: The file uses `time.something(...)` but never imports `time`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35820, "scanner": "repobility-ast-engine", "fingerprint": "7a800668ef5bf05045532e290be8775c774bea6ca5e9aa03e439ad9f7afa54e6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a800668ef5bf05045532e290be8775c774bea6ca5e9aa03e439ad9f7afa54e6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-rmi-trace/src/main/py/src/ghidratrace/client.py"}, "region": {"startLine": 328}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `time` used but not imported: The file uses `time.something(...)` but never imports `time`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35819, "scanner": "repobility-ast-engine", "fingerprint": "25c4a781a8fe60ed8c679d4bdfccc06641a54f65877bcba75804f7a299007993", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|25c4a781a8fe60ed8c679d4bdfccc06641a54f65877bcba75804f7a299007993"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-dbgeng/src/main/py/src/ghidradbg/util.py"}, "region": {"startLine": 1127}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35818, "scanner": "repobility-ast-engine", "fingerprint": "df449468efaca17b5551aead7de9ba3878eb7229f04a8ddbb8a18363ad6b4a49", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|df449468efaca17b5551aead7de9ba3878eb7229f04a8ddbb8a18363ad6b4a49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-drgn/src/main/py/src/ghidradrgn/arch.py"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35812, "scanner": "repobility-ast-engine", "fingerprint": "d18a5e5af68d068bb79bcf226856d45a1bbb1060208fa231e932e30776f30d22", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d18a5e5af68d068bb79bcf226856d45a1bbb1060208fa231e932e30776f30d22"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/arch.py"}, "region": {"startLine": 163}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35809, "scanner": "repobility-ast-engine", "fingerprint": "a717dc35633e5ee8adee6b279df5dd12d7f3b68b62631fdaf16a2794ad289b26", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a717dc35633e5ee8adee6b279df5dd12d7f3b68b62631fdaf16a2794ad289b26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Ghidra/Debug/Debugger-agent-lldb/src/main/py/src/ghidralldb/util.py"}, "region": {"startLine": 207}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `xml` used but not imported: The file uses `xml.something(...)` but never imports `xml`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35807, "scanner": "repobility-ast-engine", "fingerprint": "2c4d5ad671be6ec03b0547709da652bc845a4796478620bd83a0fb2f631c2fb9", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2c4d5ad671be6ec03b0547709da652bc845a4796478620bd83a0fb2f631c2fb9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/loaders/xml_loader.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `enum` used but not imported: The file uses `enum.something(...)` but never imports `enum`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35800, "scanner": "repobility-ast-engine", "fingerprint": "359355e2ab0dc9c9b4ca6c176bf34fbb0b62282eaea84d381d313cc8e538bb92", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|359355e2ab0dc9c9b4ca6c176bf34fbb0b62282eaea84d381d313cc8e538bb92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/python/idaxml.py"}, "region": {"startLine": 2885}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `xml` used but not imported: The file uses `xml.something(...)` but never imports `xml`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35798, "scanner": "repobility-ast-engine", "fingerprint": "4b8637df972a06143a9136b385b226ecf6923c176bedf97412855e494142d0fd", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4b8637df972a06143a9136b385b226ecf6923c176bedf97412855e494142d0fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/plugins/xml_importer.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `xml` used but not imported: The file uses `xml.something(...)` but never imports `xml`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35796, "scanner": "repobility-ast-engine", "fingerprint": "35001e08b041dfe7a2ad4e69012d349fbefbafe87cdaca89cf0bf847981aeb6f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|35001e08b041dfe7a2ad4e69012d349fbefbafe87cdaca89cf0bf847981aeb6f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/9xx/plugins/xml_exporter.py"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `xml` used but not imported: The file uses `xml.something(...)` but never imports `xml`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35794, "scanner": "repobility-ast-engine", "fingerprint": "b022eafca0e7967743c8da4d627ab6e54356d0b4321706708a46d262993e2912", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b022eafca0e7967743c8da4d627ab6e54356d0b4321706708a46d262993e2912"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/loaders/xml_loader.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `enum` used but not imported: The file uses `enum.something(...)` but never imports `enum`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35762, "scanner": "repobility-ast-engine", "fingerprint": "052ad0c05abc6a8d3136cf7863740a5ee55565d74675191c5954edacd3442cd1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|052ad0c05abc6a8d3136cf7863740a5ee55565d74675191c5954edacd3442cd1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/python/idaxml.py"}, "region": {"startLine": 2829}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `xml` used but not imported: The file uses `xml.something(...)` but never imports `xml`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35760, "scanner": "repobility-ast-engine", "fingerprint": "999f5670187080e5244361c7058f7f0abc4c15a7c1a234ae17f0b9667a04a0f0", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|999f5670187080e5244361c7058f7f0abc4c15a7c1a234ae17f0b9667a04a0f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/plugins/xml_importer.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `xml` used but not imported: The file uses `xml.something(...)` but never imports `xml`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 35758, "scanner": "repobility-ast-engine", "fingerprint": "8908418b8efe1f7a41b205c7334009bf1aecfd6c682215ed2cdf14c8fad52e4f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8908418b8efe1f7a41b205c7334009bf1aecfd6c682215ed2cdf14c8fad52e4f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GhidraBuild/IDAPro/Python/7xx/plugins/xml_exporter.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 35659, "scanner": "repobility-threat-engine", "fingerprint": "1b446bbbd415495237e8420e8a21bfed7744cf7a2f350cb8814fc17cf057df4a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|1b446bbbd415495237e8420e8a21bfed7744cf7a2f350cb8814fc17cf057df4a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_41/c/dyn-string.c"}, "region": {"startLine": 197}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 35658, "scanner": "repobility-threat-engine", "fingerprint": "93d58c191b35915bc4d8b6f9e2f4c33468e79f74d2bd303dac39fba7eac180f5", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|93d58c191b35915bc4d8b6f9e2f4c33468e79f74d2bd303dac39fba7eac180f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "GPL/DemanglerGnu/src/demangler_gnu_v2_24/c/dyn-string.c"}, "region": {"startLine": 197}}}]}]}]}