Scan timing: clone 8.49s · analysis 14.66s · 24.7 MB · GitHub preflight 459ms
https://github.com/phpbb/phpbb
· scanned 2026-05-20 15:04 UTC (2 weeks, 1 day ago)
· 10 languages
216 findings (116 legacy + 100 scanner)
Last scanned 2 weeks, 1 day ago · v2 · 166 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.
| Component | Sub-score | Weight | Contribution |
|---|---|---|---|
structure_score |
60.0 | 0.15 | 9.00 |
security_score |
48.8 | 0.25 | 12.20 |
testing_score |
85.0 | 0.20 | 17.00 |
documentation_score |
68.6 | 0.15 | 10.29 |
practices_score |
87.0 | 0.15 | 13.05 |
code_quality |
50.0 | 0.10 | 5.00 |
| Overall | 1.00 | 66.5 |
All 2981 nodes from the latest scan, grouped by kind. Each node is a unit the engine identified (file, function, endpoint, table…). Most users won't need this view — it's primarily for debugging the engine's graph extraction or for AI agents that want to enumerate the project structure.
| Label | Layer | Status | Path |
|---|---|---|---|
README.md |
software | healthy | README.md |
package.json |
software | healthy | package.json |
package-lock.json |
software | healthy | package-lock.json |
SECURITY.md |
software | healthy | SECURITY.md |
Dockerfile |
software | healthy | .devcontainer/Dockerfile |
devcontainer.json |
software | healthy | .devcontainer/development-team/devcontainer.json |
setup.sh |
software | healthy | .devcontainer/development-team/setup.sh |
phpbb-config.yml |
software | healthy | .devcontainer/development-team/phpbb-config.yml |
devcontainer.json |
software | healthy | .devcontainer/customisations-team/devcontainer.json |
setup.sh |
software | healthy | .devcontainer/customisations-team/setup.sh |
phpbb-config.yml |
software | healthy | .devcontainer/customisations-team/phpbb-config.yml |
lint_test.php |
software | healthy | tests/lint_test.php |
bootstrap.php |
software | healthy | tests/bootstrap.php |
error_collector_test.php |
software | healthy | tests/error_collector_test.php |
config_php_file_test.php |
software | healthy | tests/config_php_file_test.php |
RUNNING_TESTS.md |
software | healthy | tests/RUNNING_TESTS.md |
helper_is_absolute_test.php |
software | healthy | tests/filesystem/helper_is_absolute_test.php |
is_absolute_test.php |
software | healthy | tests/filesystem/is_absolute_test.php |
helper_realpath_test.php |
software | healthy | tests/filesystem/helper_realpath_test.php |
clean_path_test.php |
software | healthy | tests/filesystem/clean_path_test.php |
helper_clean_path_test.php |
software | healthy | tests/filesystem/helper_clean_path_test.php |
realpath_test.php |
software | healthy | tests/filesystem/realpath_test.php |
extract_current_page_test.php |
software | healthy | tests/security/extract_current_page_test.php |
redirect_test.php |
software | healthy | tests/security/redirect_test.php |
hash_test.php |
software | healthy | tests/security/hash_test.php |
base.php |
software | healthy | tests/security/base.php |
notification_method_email_test.php |
software | healthy | tests/notification/notification_method_email_test.php |
submit_post_base.php |
software | healthy | tests/notification/submit_post_base.php |
submit_post_type_quote_test.php |
software | healthy | tests/notification/submit_post_type_quote_test.php |
submit_post_type_mention_test.php |
software | healthy | tests/notification/submit_post_type_mention_test.php |
user_list_trim_test.php |
software | healthy | tests/notification/user_list_trim_test.php |
notification_test.php |
software | healthy | tests/notification/notification_test.php |
group_request_test.php |
software | healthy | tests/notification/group_request_test.php |
submit_post_type_forum_test.php |
software | healthy | tests/notification/submit_post_type_forum_test.php |
convert_test.php |
software | healthy | tests/notification/convert_test.php |
submit_post_type_bookmark_test.php |
software | healthy | tests/notification/submit_post_type_bookmark_test.php |
manager_helper.php |
software | healthy | tests/notification/manager_helper.php |
manager_mark_by_id_test.php |
software | healthy | tests/notification/manager_mark_by_id_test.php |
submit_post_type_post_in_queue_test.php |
software | healthy | tests/notification/submit_post_type_post_in_queue_test.php |
notification_method_webpush_test.php |
software | healthy | tests/notification/notification_method_webpush_test.php |
base.php |
software | healthy | tests/notification/base.php |
submit_post_type_topic_test.php |
software | healthy | tests/notification/submit_post_type_topic_test.php |
submit_post_type_post_test.php |
software | healthy | tests/notification/submit_post_type_post_test.php |
test.php |
software | healthy | tests/notification/ext/test/notification/type/test.php |
services_notification.yml |
software | healthy | tests/notification/fixtures/services_notification.yml |
select_auth_method_test.php |
software | healthy | tests/acp_board/select_auth_method_test.php |
invalid.php |
software | healthy | tests/acp_board/auth_provider/invalid.php |
valid.php |
software | healthy | tests/acp_board/auth_provider/valid.php |
imagesize_test.php |
software | healthy | tests/upload/imagesize_test.php |
fileupload_test.php |
software | healthy | tests/upload/fileupload_test.php |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
.devcontainer |
software | healthy | .devcontainer |
development-team |
software | healthy | .devcontainer/development-team |
customisations-team |
software | healthy | .devcontainer/customisations-team |
tests |
software | healthy | tests |
filesystem |
software | healthy | tests/filesystem |
security |
software | healthy | tests/security |
notification |
software | healthy | tests/notification |
ext |
software | healthy | tests/notification/ext |
test |
software | healthy | tests/notification/ext/test |
notification |
software | healthy | tests/notification/ext/test/notification |
type |
software | healthy | tests/notification/ext/test/notification/type |
fixtures |
software | healthy | tests/notification/fixtures |
acp_board |
software | healthy | tests/acp_board |
auth_provider |
software | healthy | tests/acp_board/auth_provider |
upload |
software | healthy | tests/upload |
test_framework |
software | healthy | tests/test_framework |
mock |
software | healthy | tests/test_framework/mock |
help |
software | healthy | tests/help |
language |
software | healthy | tests/language |
functions |
software | healthy | tests/functions |
datetime |
software | healthy | tests/datetime |
content_visibility |
software | healthy | tests/content_visibility |
viewonline |
software | healthy | tests/viewonline |
privmsgs |
software | healthy | tests/privmsgs |
email |
software | healthy | tests/email |
config |
software | healthy | tests/config |
auth |
software | healthy | tests/auth |
bbcode |
software | healthy | tests/bbcode |
json |
software | healthy | tests/json |
text_reparser |
software | healthy | tests/text_reparser |
plugins |
software | healthy | tests/text_reparser/plugins |
class_loader |
software | healthy | tests/class_loader |
phpbb |
software | healthy | tests/class_loader/phpbb |
dir |
software | healthy | tests/class_loader/phpbb/dir |
subdir |
software | healthy | tests/class_loader/phpbb/dir/subdir |
dir2 |
software | healthy | tests/class_loader/phpbb/dir2 |
functions_content |
software | healthy | tests/functions_content |
fixtures |
software | healthy | tests/fixtures |
mcp |
software | healthy | tests/mcp |
network |
software | healthy | tests/network |
regex |
software | healthy | tests/regex |
ban |
software | healthy | tests/ban |
migrator |
software | healthy | tests/migrator |
controller |
software | healthy | tests/controller |
ext |
software | healthy | tests/controller/ext |
vendor2 |
software | healthy | tests/controller/ext/vendor2 |
bar |
software | healthy | tests/controller/ext/vendor2/bar |
config |
software | healthy | tests/controller/ext/vendor2/bar/config |
test |
software | healthy | tests/controller/ext/vendor2/bar/config/test |
routing |
software | healthy | tests/controller/ext/vendor2/bar/config/test/routing |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
error |
software | healthy | phpBB/develop/remove-php-end-tags.py:8 |
fix_content |
software | healthy | phpBB/develop/remove-php-end-tags.py:34 |
process_file |
software | healthy | phpBB/develop/remove-php-end-tags.py:39 |
process_dir |
software | healthy | phpBB/develop/remove-php-end-tags.py:53 |
o |
software | healthy | phpBB/assets/cookieconsent/cookieconsent.min.js:o |
i |
software | healthy | phpBB/assets/cookieconsent/cookieconsent.min.js:i |
runUpdate |
software | healthy | phpBB/assets/javascript/plupload.js:runUpdate |
updateBbcode |
software | healthy | phpBB/assets/javascript/plupload.js:updateBbcode |
Hermite_class |
software | healthy | phpBB/assets/javascript/hermite.js:Hermite_class |
l |
software | healthy | phpBB/assets/javascript/hermite.js:l |
jQueryCropper |
software | healthy | phpBB/assets/javascript/jquery-cropper.js:jQueryCropper |
noConflict |
software | healthy | phpBB/assets/javascript/jquery-cropper.js:noConflict |
createXhrObject |
software | healthy | phpBB/assets/javascript/installer.js:createXhrObject |
addMessage |
software | healthy | phpBB/assets/javascript/installer.js:addMessage |
addDownloadBox |
software | healthy | phpBB/assets/javascript/installer.js:addDownloadBox |
addUpdateFileStatus |
software | healthy | phpBB/assets/javascript/installer.js:addUpdateFileStatus |
addForm |
software | healthy | phpBB/assets/javascript/installer.js:addForm |
updateNavbarStatus |
software | healthy | phpBB/assets/javascript/installer.js:updateNavbarStatus |
setProgress |
software | healthy | phpBB/assets/javascript/installer.js:setProgress |
setCookies |
software | healthy | phpBB/assets/javascript/installer.js:setCookies |
redirect |
software | healthy | phpBB/assets/javascript/installer.js:redirect |
parseMessage |
software | healthy | phpBB/assets/javascript/installer.js:parseMessage |
processTimeoutResponse |
software | healthy | phpBB/assets/javascript/installer.js:processTimeoutResponse |
queryInstallerStatus |
software | healthy | phpBB/assets/javascript/installer.js:queryInstallerStatus |
pollContent |
software | healthy | phpBB/assets/javascript/installer.js:pollContent |
incrementFiller |
software | healthy | phpBB/assets/javascript/installer.js:incrementFiller |
for |
software | healthy | phpBB/assets/javascript/installer.js:for |
incrementProgressBar |
software | healthy | phpBB/assets/javascript/installer.js:incrementProgressBar |
resetPolling |
software | healthy | phpBB/assets/javascript/installer.js:resetPolling |
startPolling |
software | healthy | phpBB/assets/javascript/installer.js:startPolling |
doRefresh |
software | healthy | phpBB/assets/javascript/installer.js:doRefresh |
setupAjaxLayout |
software | healthy | phpBB/assets/javascript/installer.js:setupAjaxLayout |
submitForm |
software | healthy | phpBB/assets/javascript/installer.js:submitForm |
getFormFields |
software | healthy | phpBB/assets/javascript/installer.js:getFormFields |
interceptFormSubmit |
software | healthy | phpBB/assets/javascript/installer.js:interceptFormSubmit |
setAdminTimezone |
software | healthy | phpBB/assets/javascript/installer.js:setAdminTimezone |
_typeof |
software | healthy | phpBB/assets/javascript/cropper.js:_typeof |
_classCallCheck |
software | healthy | phpBB/assets/javascript/cropper.js:_classCallCheck |
_defineProperties |
software | healthy | phpBB/assets/javascript/cropper.js:_defineProperties |
_createClass |
software | healthy | phpBB/assets/javascript/cropper.js:_createClass |
_defineProperty |
software | healthy | phpBB/assets/javascript/cropper.js:_defineProperty |
ownKeys |
software | healthy | phpBB/assets/javascript/cropper.js:ownKeys |
_objectSpread2 |
software | healthy | phpBB/assets/javascript/cropper.js:_objectSpread2 |
_toConsumableArray |
software | healthy | phpBB/assets/javascript/cropper.js:_toConsumableArray |
_arrayWithoutHoles |
software | healthy | phpBB/assets/javascript/cropper.js:_arrayWithoutHoles |
_iterableToArray |
software | healthy | phpBB/assets/javascript/cropper.js:_iterableToArray |
_unsupportedIterableToArray |
software | healthy | phpBB/assets/javascript/cropper.js:_unsupportedIterableToAr… |
_arrayLikeToArray |
software | healthy | phpBB/assets/javascript/cropper.js:_arrayLikeToArray |
_nonIterableSpread |
software | healthy | phpBB/assets/javascript/cropper.js:_nonIterableSpread |
isNumber |
software | healthy | phpBB/assets/javascript/cropper.js:isNumber |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
as |
software | healthy | phpBB/assets/javascript/cropper.js:as |
to |
software | healthy | phpBB/assets/javascript/cropper.js:to |
was |
software | healthy | phpBB/assets/javascript/cropper.js:was |
is |
software | healthy | phpBB/assets/javascript/mentions.js:is |
of |
software | healthy | phpBB/assets/javascript/core.js:of |
as |
software | healthy | phpBB/assets/javascript/cropper.min.js:as |
as |
software | healthy | phpBB/assets/javascript/tribute.min.js:as |
names |
software | healthy | phpBB/adm/style/admin.js:names |
| Label | Layer | Status | Path |
|---|---|---|---|
merge-check |
cicd | healthy | .github/workflows/check_merge_to_master.yml |
merge-branch |
cicd | healthy | .github/workflows/merge_3.3.x_to_master.yml |
basic-checks |
cicd | healthy | .github/workflows/tests.yml |
mysql-tests |
cicd | healthy | .github/workflows/tests.yml |
postgres-tests |
cicd | healthy | .github/workflows/tests.yml |
other-tests |
cicd | healthy | .github/workflows/tests.yml |
windows-tests |
cicd | healthy | .github/workflows/tests.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
mysql |
data | healthy | .devcontainer/Dockerfile |
postgres |
data | healthy | phpBB/config/default/container/services_search.yml |
mariadb |
data | healthy | .github/workflows/tests.yml |
redis |
data | healthy | .github/workflows/tests.yml |
postgresql |
data | healthy | .github/workflows/tests.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
port:3306 |
network | healthy | .github/workflows/tests.yml |
port:6379 |
network | healthy | .github/workflows/tests.yml |
port:5432 |
network | healthy | .github/workflows/tests.yml |
port:1433 |
network | healthy | .github/workflows/tests.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
gha::check_merge_to_master |
cicd | healthy | .github/workflows/check_merge_to_master.yml |
gha::merge_3.3.x_to_master |
cicd | healthy | .github/workflows/merge_3.3.x_to_master.yml |
gha::tests |
cicd | healthy | .github/workflows/tests.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
127.0.0.1 |
network | healthy | .devcontainer/development-team/phpbb-config.yml |
192.168.56.56 |
network | healthy | vagrant/bootstrap.yaml |
| Label | Layer | Status | Path |
|---|---|---|---|
auth::phpBB/composer.json |
security | healthy | phpBB/composer.json |
auth::phpBB/config/default/container/services_auth.yml |
security | healthy | phpBB/config/default/container/services_auth.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
GITHUB_TOKEN |
cicd | healthy | — |
MERGE_MASTER_SECRET |
cicd | healthy | — |
| Label | Layer | Status | Path |
|---|---|---|---|
repobility-clone-ks3lp1af |
software | healthy | /tmp/repobility-clone-ks3lp1af |
| Label | Layer | Status | Path |
|---|---|---|---|
TO |
data | healthy | phpBB/install/schemas/oracle_schema.sql |
| Label | Layer | Status | Path |
|---|---|---|---|
nginx |
network | healthy | .github/setup-webserver.sh |
| Label | Layer | Status | Path |
|---|---|---|---|
image::.devcontainer/Dockerfile |
hardware | healthy | .devcontainer/Dockerfile |
| Label | Layer | Status | Path |
|---|---|---|---|
/ |
frontend | healthy | phpBB/assets/cookieconsent/cookieconsent.min.js |
| Label | Layer | Status | Path |
|---|---|---|---|
password_literal::.github/workflows/tests.yml |
security | healthy | .github/workflows/tests.yml |
This page is publicly accessible at:
https://repobility.com/scan/39acd121-31dd-4d86-b94c-121eecd4031c/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/39acd121-31dd-4d86-b94c-121eecd4031c/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.