{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED124", "name": "[MINED124] requirements.txt: `zstandard` has no version pin: Unpinned pip requirement means every fresh install may reso", "shortDescription": {"text": "[MINED124] requirements.txt: `zstandard` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible ins"}, "fullDescription": {"text": "Replace `zstandard` with `zstandard==<version>` and manage upgrades through PRs / Dependabot."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 0.45, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `_df_to_scuba_samples` has cognitive complexity 24 (SonarSource scale). Co", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `_df_to_scuba_samples` has cognitive complexity 24 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and re"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 24."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Rename it to the domain concept it implements or merge it into the existing module it was meant to change."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "MINED056", "name": "[MINED056] React Key As Index: key={index} in map() \u2014 re-renders the wrong elements on re-order.", "shortDescription": {"text": "[MINED056] React Key As Index: key={index} in map() \u2014 re-renders the wrong elements on re-order."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-682 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED045", "name": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.", "shortDescription": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 1 more): Same pattern found in 1 addit", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED055", "name": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of ", "shortDescription": {"text": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1357 / A06:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.", "shortDescription": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO ", "shortDescription": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED075", "name": "[MINED075] C Malloc No Check (and 9 more): Same pattern found in 9 additional files. Review if needed.", "shortDescription": {"text": "[MINED075] C Malloc No Check (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-690 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run t", "shortDescription": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) in"}, "fullDescription": {"text": "Replace with: `uses: actions/checkout@<40-char-sha>  # v4` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_handler_smoke: Test function `test_handler_smoke` runs code but contains no asser", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_handler_smoke: Test function `test_handler_smoke` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.assertFalse` used but never assigned in __init__: Method `test_field_lz` of class `CompressTest` reads ", "shortDescription": {"text": "[MINED108] `self.assertFalse` used but never assigned in __init__: Method `test_field_lz` of class `CompressTest` reads `self.assertFalse`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError"}, "fullDescription": {"text": "Initialize `self.assertFalse = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC040", "name": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that int", "shortDescription": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTM"}, "fullDescription": {"text": "For plain text: use el.textContent = data.value (auto-escapes).\nFor HTML you need to render: el.innerHTML = DOMPurify.sanitize(html).\nFor React/Vue/Svelte: stop using innerHTML; use the framework's binding.\nWhen data comes from CV/PDF parsers, sanitize at the parser boundary too."}, "properties": {"scanner": "repobility-threat-engine", "category": "xss", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC013", "name": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows ", "shortDescription": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "fullDescription": {"text": "Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `html` used but not imported: The file uses `html.something(...)` but never imports `html`. T", "shortDescription": {"text": "[MINED107] Missing import: `html` used but not imported: The file uses `html.something(...)` but never imports `html`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import html` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf.", "shortDescription": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1378"}, "properties": {"repository": "facebook/openzl", "repoUrl": "https://github.com/facebook/openzl", "branch": "dev"}, "results": [{"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `zstandard` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 140953, "scanner": "repobility-supply-chain", "fingerprint": "fc3c6e39f5268ca71de323b6e67482cfd85cef14d0a29c6a39b7e581cfe6e0fd", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fc3c6e39f5268ca71de323b6e67482cfd85cef14d0a29c6a39b7e581cfe6e0fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/requirements.txt"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `pandas` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 140952, "scanner": "repobility-supply-chain", "fingerprint": "4c22822e7023ab47348c693b46cf912f4d57a5261eb754c15108b4857495f1a3", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4c22822e7023ab47348c693b46cf912f4d57a5261eb754c15108b4857495f1a3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/requirements.txt"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `numpy` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 140951, "scanner": "repobility-supply-chain", "fingerprint": "f754d8e6521fa9ef0f6b107427ca6c5344fe8dea18e658655c799df2a6f507b1", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f754d8e6521fa9ef0f6b107427ca6c5344fe8dea18e658655c799df2a6f507b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/requirements.txt"}, "region": {"startLine": 4}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `kaggle` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 140950, "scanner": "repobility-supply-chain", "fingerprint": "ca9dc06301bc5749f1c420ab7b578477dac3aca8cab002d67f73e8c05be06ee2", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ca9dc06301bc5749f1c420ab7b578477dac3aca8cab002d67f73e8c05be06ee2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/requirements.txt"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `requests` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 140949, "scanner": "repobility-supply-chain", "fingerprint": "722d64e506840314b70eb860203b4f953bc738621bb31f2be3ecc97d793f5613", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|722d64e506840314b70eb860203b4f953bc738621bb31f2be3ecc97d793f5613"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140948, "scanner": "repobility-ast-engine", "fingerprint": "be3e0293fafab2bca7f83934c2c223bd21b24f0373e0239d8f21e874e4c58846", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|be3e0293fafab2bca7f83934c2c223bd21b24f0373e0239d8f21e874e4c58846"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_manager.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140947, "scanner": "repobility-ast-engine", "fingerprint": "d3ad506025fd57cceff2929b0e46da0d869bcfb62417b3c7367649bad636101e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d3ad506025fd57cceff2929b0e46da0d869bcfb62417b3c7367649bad636101e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_utils.py"}, "region": {"startLine": 461}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140946, "scanner": "repobility-ast-engine", "fingerprint": "7cce982b20f65b2a76e626f2804cfc811ed74c3444190e097112f9236ea4b452", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7cce982b20f65b2a76e626f2804cfc811ed74c3444190e097112f9236ea4b452"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_utils.py"}, "region": {"startLine": 393}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140945, "scanner": "repobility-ast-engine", "fingerprint": "2251dd0cbf3203e315492006ea25ce26472c4f181306fca3d0ba6cd53135823a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2251dd0cbf3203e315492006ea25ce26472c4f181306fca3d0ba6cd53135823a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_utils.py"}, "region": {"startLine": 316}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140944, "scanner": "repobility-ast-engine", "fingerprint": "70a9c00db6a52116a46767baa1f3fe08b7f069218ee242d65a0fa95f85bcaca4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|70a9c00db6a52116a46767baa1f3fe08b7f069218ee242d65a0fa95f85bcaca4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_utils.py"}, "region": {"startLine": 272}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140943, "scanner": "repobility-ast-engine", "fingerprint": "68de06227f13cc547205487456e704f3a9e4fdf08202336aa5812ec47d4a29ad", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|68de06227f13cc547205487456e704f3a9e4fdf08202336aa5812ec47d4a29ad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_utils.py"}, "region": {"startLine": 153}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140942, "scanner": "repobility-ast-engine", "fingerprint": "4f65de806f5d019a18a36d484404b2d8540308c3df28598675369ec7a649af8c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4f65de806f5d019a18a36d484404b2d8540308c3df28598675369ec7a649af8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_utils.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140941, "scanner": "repobility-ast-engine", "fingerprint": "c62a8d7fb4bec3a2850d9ef262ed890cc86c23f5b68d4ba026d49dc7c6c938cc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c62a8d7fb4bec3a2850d9ef262ed890cc86c23f5b68d4ba026d49dc7c6c938cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/dataset_manager/dataset_utils.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140889, "scanner": "repobility-ast-engine", "fingerprint": "65a1e91504a0a239d4894a396896ee1c2c1b478bef8b46f2a51327b093594bc8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|65a1e91504a0a239d4894a396896ee1c2c1b478bef8b46f2a51327b093594bc8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/round_trip/generate_sddl2_parse_test_data.py"}, "region": {"startLine": 116}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140888, "scanner": "repobility-ast-engine", "fingerprint": "044a2a53e92cbf91a81f8485504099d820051df959ff5d6d3c371ca6f4695a8d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|044a2a53e92cbf91a81f8485504099d820051df959ff5d6d3c371ca6f4695a8d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/round_trip/generate_sddl2_parse_test_data.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 140860, "scanner": "repobility-threat-engine", "fingerprint": "d37477343407bdaa9165a60f239228083e1622e9b7025150d51a15363088a7f0", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|70|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/compressor_serialization/to_cbor.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 140850, "scanner": "repobility-threat-engine", "fingerprint": "ba4d909ba19a51557e0a6681db1d83d73f8cd3a5a31aa29075ae93e069ac71b2", "category": "error_handling", "severity": "medium", "confidence": 0.45, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Pattern matched with no mitigating context found | [R34 auto-suppress: documentation/example path]", "evidence": {"match": "except Exception:\n        pass", "reason": "Pattern matched with no mitigating context found | [R34 auto-suppress: documentation/example path]", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 0.45, "correlation_key": "fp|ba4d909ba19a51557e0a6681db1d83d73f8cd3a5a31aa29075ae93e069ac71b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/ml_selector/generate_data.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `_df_to_scuba_samples` has cognitive complexity 24 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=4, else=2, for=2, if=2, nested_bonus=14."}, "properties": {"repobilityId": 140840, "scanner": "repobility-threat-engine", "fingerprint": "3b05592f2bb3add85e39e31a55e472e3b30833abe0f77ba4a0e55e2897e276d6", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 24 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "_df_to_scuba_samples", "breakdown": {"if": 2, "for": 2, "elif": 4, "else": 2, "nested_bonus": 14}, "complexity": 24, "correlation_key": "fp|3b05592f2bb3add85e39e31a55e472e3b30833abe0f77ba4a0e55e2897e276d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark/runner/scuba_utils.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `process_results` has cognitive complexity 15 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, else=2, except=1, if=7, nested_bonus=3, ternary=1."}, "properties": {"repobilityId": 140839, "scanner": "repobility-threat-engine", "fingerprint": "585fedfad8b458b88079ab6715bad499b837e0586f54a26b5e89c4d71cc2c3a8", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 15 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "process_results", "breakdown": {"if": 7, "elif": 1, "else": 2, "except": 1, "ternary": 1, "nested_bonus": 3}, "complexity": 15, "correlation_key": "fp|585fedfad8b458b88079ab6715bad499b837e0586f54a26b5e89c4d71cc2c3a8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark/runner/main.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140887, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fa9f388d3eddda6e74dfbc4f0c00f253c3f6440a6b4919f3f73326ef9ed4fd50", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "custom_parsers/pytorch_model_compressor.cpp", "duplicate_line": 47, "correlation_key": "fp|fa9f388d3eddda6e74dfbc4f0c00f253c3f6440a6b4919f3f73326ef9ed4fd50"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/compress.cpp"}, "region": {"startLine": 61}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140886, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fb86afa0ed92f2b364a59dfeafa6cb364387fd17c2064847be196f2967686bcc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "custom_parsers/parquet/thrift_types.h", "duplicate_line": 19, "correlation_key": "fp|fb86afa0ed92f2b364a59dfeafa6cb364387fd17c2064847be196f2967686bcc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "custom_transforms/thrift/thrift_types.h"}, "region": {"startLine": 23}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140885, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1759885c0eed4e959439590ee4be8c05eff655932aba1778438507b1415750fc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "custom_transforms/thrift/binary_splitter.h", "duplicate_line": 4, "correlation_key": "fp|1759885c0eed4e959439590ee4be8c05eff655932aba1778438507b1415750fc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "custom_transforms/thrift/compact_splitter.h"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140884, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5d3725f614e408d936b78bd4898e4c3e26cfc7ef2bcffda6c642a1cf66c656e0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "custom_transforms/parse/decode_parse_float.cpp", "duplicate_line": 48, "correlation_key": "fp|5d3725f614e408d936b78bd4898e4c3e26cfc7ef2bcffda6c642a1cf66c656e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "custom_transforms/parse/decode_parse_int.cpp"}, "region": {"startLine": 236}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140883, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e12ede187f032e04f54cb680511f835a2475e8f4db50151ad08b95077b570da4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/src/openzl/cpp/experimental/trace/DecompressChunkTrace.hpp", "duplicate_line": 18, "correlation_key": "fp|e12ede187f032e04f54cb680511f835a2475e8f4db50151ad08b95077b570da4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/src/openzl/cpp/experimental/trace/DecompressTracer.hpp"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140882, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b284587a24e2ccad8b99ae716e71f54422ab5d1cb7fa32f9988915f21a1f2c30", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/src/openzl/cpp/experimental/trace/CompressTracer.cpp", "duplicate_line": 193, "correlation_key": "fp|b284587a24e2ccad8b99ae716e71f54422ab5d1cb7fa32f9988915f21a1f2c30"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/src/openzl/cpp/experimental/trace/DecompressTracer.cpp"}, "region": {"startLine": 125}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140881, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c0409eeaab849d25b6ae0fd534d0d571e6ef2295542d5cca842374723de7a062", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/src/openzl/cpp/experimental/trace/CompressChunkTrace.cpp", "duplicate_line": 103, "correlation_key": "fp|c0409eeaab849d25b6ae0fd534d0d571e6ef2295542d5cca842374723de7a062"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/src/openzl/cpp/experimental/trace/CompressionTraceHooks.cpp"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140880, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dfcac4980a198706d88778c39737d156a7d722749266d6ab7b1c899bd70884c3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/src/openzl/cpp/experimental/trace/CompressChunkTrace.hpp", "duplicate_line": 17, "correlation_key": "fp|dfcac4980a198706d88778c39737d156a7d722749266d6ab7b1c899bd70884c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/src/openzl/cpp/experimental/trace/CompressTracer.hpp"}, "region": {"startLine": 19}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140879, "scanner": "repobility-ai-code-hygiene", "fingerprint": "80d2ac5d29161f10e4343188006df56f55f02b3bd3c51e1b4f68a4666ba800c4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/include/openzl/cpp/CCtx.hpp", "duplicate_line": 32, "correlation_key": "fp|80d2ac5d29161f10e4343188006df56f55f02b3bd3c51e1b4f68a4666ba800c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/include/openzl/cpp/FunctionGraph.hpp"}, "region": {"startLine": 84}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140878, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3cf84acca77f41a12dcf0bb3ed15b6b09f697f4a4280a310afac0a5c52c1d202", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/include/openzl/cpp/CCtx.hpp", "duplicate_line": 32, "correlation_key": "fp|3cf84acca77f41a12dcf0bb3ed15b6b09f697f4a4280a310afac0a5c52c1d202"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/include/openzl/cpp/DCtx.hpp"}, "region": {"startLine": 45}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140877, "scanner": "repobility-ai-code-hygiene", "fingerprint": "26b8d462b400034ffe864a1e51fbff8ab266c7a5901ac46547a3a2d2e130978b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/include/openzl/cpp/CustomDecoder.hpp", "duplicate_line": 35, "correlation_key": "fp|26b8d462b400034ffe864a1e51fbff8ab266c7a5901ac46547a3a2d2e130978b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/include/openzl/cpp/CustomEncoder.hpp"}, "region": {"startLine": 38}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140876, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1b1c9e3319f995944fcdb44727058a46807fdff0e197145c2302877f58879444", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cpp/include/openzl/cpp/CCtx.hpp", "duplicate_line": 32, "correlation_key": "fp|1b1c9e3319f995944fcdb44727058a46807fdff0e197145c2302877f58879444"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cpp/include/openzl/cpp/Compressor.hpp"}, "region": {"startLine": 40}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140875, "scanner": "repobility-ai-code-hygiene", "fingerprint": "77c889d3853f577e3c6d2f04718bdabda9bab22b6adb8752a3f0c988c16c9da2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "contrib/reproducibility/lzbench/analysis.cpp", "duplicate_line": 12, "correlation_key": "fp|77c889d3853f577e3c6d2f04718bdabda9bab22b6adb8752a3f0c988c16c9da2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/reproducibility/watermark/analysis.cpp"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140874, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c42a067b57c3c44fd0c8300498886504ce78c3d37f883413720004311bf88e3c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "contrib/lz-research/codecs/IsoByte.cpp", "duplicate_line": 43, "correlation_key": "fp|c42a067b57c3c44fd0c8300498886504ce78c3d37f883413720004311bf88e3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/lz-research/codecs/VarByte.cpp"}, "region": {"startLine": 77}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140873, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3db2de8e055367daebd80c517a6a63fbc37e327dcc8b94c6aef8385cc94d8d7c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cli/commands/cmd_compress.cpp", "duplicate_line": 45, "correlation_key": "fp|3db2de8e055367daebd80c517a6a63fbc37e327dcc8b94c6aef8385cc94d8d7c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/commands/cmd_decompress.cpp"}, "region": {"startLine": 8}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 140872, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3b004d04d4d3e6c9706949f8ea803822fcdbb8a188bef8e7588f6e9d339138c0", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "fixed", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|3b004d04d4d3e6c9706949f8ea803822fcdbb8a188bef8e7588f6e9d339138c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/zstrong/fuzz_fixed.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `query_scuba` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=1, for=2, if=6, nested_bonus=2."}, "properties": {"repobilityId": 140841, "scanner": "repobility-threat-engine", "fingerprint": "a4a27a442e114df944dea4ae85e9c0e5b47bc11d656612a0916c87f6e9b25a6a", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "query_scuba", "breakdown": {"if": 6, "for": 2, "else": 1, "nested_bonus": 2}, "complexity": 11, "correlation_key": "fp|a4a27a442e114df944dea4ae85e9c0e5b47bc11d656612a0916c87f6e9b25a6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark/runner/scuba_utils.py"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED056", "level": "none", "message": {"text": "[MINED056] React Key As Index: key={index} in map() \u2014 re-renders the wrong elements on re-order."}, "properties": {"repobilityId": 140870, "scanner": "repobility-threat-engine", "fingerprint": "193b01a5229f3539a62b7114ffea291784fff820a908821f33706d2d4ccf6738", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "react-key-as-index", "owasp": null, "cwe_ids": ["CWE-682"], "languages": ["typescript", "tsx", "javascript", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348032+00:00", "triaged_in_corpus": 12, "observations_count": 299917, "ai_coder_pattern_id": 135}, "scanner": "repobility-threat-engine", "correlation_key": "fp|193b01a5229f3539a62b7114ffea291784fff820a908821f33706d2d4ccf6738"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/visualization_app/src/graphVisualization/views/LocalParamsView.tsx"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 140869, "scanner": "repobility-threat-engine", "fingerprint": "dadf7e43ce0e9183e8bd65f73963b35b3f7d327d51fe3a9fbdf9135dfbf78307", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|dadf7e43ce0e9183e8bd65f73963b35b3f7d327d51fe3a9fbdf9135dfbf78307"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/visualization_app/src/utils/decodeCbor.ts"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 140868, "scanner": "repobility-threat-engine", "fingerprint": "422af021fab5a94e4fd1dc89343c81a39e2e59341bf05efb62b10e69cd15adf9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|422af021fab5a94e4fd1dc89343c81a39e2e59341bf05efb62b10e69cd15adf9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/visualization_app/src/graphVisualization/models/CodecDag.ts"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 140867, "scanner": "repobility-threat-engine", "fingerprint": "bd9a459af23c8a40feb9de005f82ba947dd99c25f097aaddee07508990896483", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bd9a459af23c8a40feb9de005f82ba947dd99c25f097aaddee07508990896483"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/visualization_app/src/utils/decodeCbor.ts"}, "region": {"startLine": 121}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 140866, "scanner": "repobility-threat-engine", "fingerprint": "d0172af34075a1937b047b3a1499ee0a8e7523c3213c2f8a6d9b6b5373335d53", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d0172af34075a1937b047b3a1499ee0a8e7523c3213c2f8a6d9b6b5373335d53"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/visualization_app/src/graphVisualization/models/InteractiveStreamdumpGraph.ts"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 140865, "scanner": "repobility-threat-engine", "fingerprint": "de48db1b2422df7ba1d022be97f0f60204e2144151774a195ee76095210974f9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|de48db1b2422df7ba1d022be97f0f60204e2144151774a195ee76095210974f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/visualization_app/src/App.tsx"}, "region": {"startLine": 78}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 140864, "scanner": "repobility-threat-engine", "fingerprint": "8a77ffb0a8fcdda223aabe32cdaf0e5bdc6cae13db4c9684d2f2d4932a1285a8", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|8a77ffb0a8fcdda223aabe32cdaf0e5bdc6cae13db4c9684d2f2d4932a1285a8"}}}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 140857, "scanner": "repobility-threat-engine", "fingerprint": "f32ef303a96c078d04c39bfb2b3945f11f223a80125176c73655b758a9a9c2bd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f32ef303a96c078d04c39bfb2b3945f11f223a80125176c73655b758a9a9c2bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/py/quick_start.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 140856, "scanner": "repobility-threat-engine", "fingerprint": "b3171390f61139c4a5abc46d5434952507aa5bfa6c746bce179bcaa1836b485c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b3171390f61139c4a5abc46d5434952507aa5bfa6c746bce179bcaa1836b485c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/py/parsing.py"}, "region": {"startLine": 208}}}]}, {"ruleId": "MINED055", "level": "none", "message": {"text": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "properties": {"repobilityId": 140855, "scanner": "repobility-threat-engine", "fingerprint": "cfafa41b4e145ba8b426f4ee50a54b2ee406abd6db496f4fddb1fbc90433224a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "npm-install-no-lockfile", "owasp": "A06:2021", "cwe_ids": ["CWE-1357"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348030+00:00", "triaged_in_corpus": 12, "observations_count": 317602, "ai_coder_pattern_id": 42}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cfafa41b4e145ba8b426f4ee50a54b2ee406abd6db496f4fddb1fbc90433224a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/py/quick_start.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED055", "level": "none", "message": {"text": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "properties": {"repobilityId": 140854, "scanner": "repobility-threat-engine", "fingerprint": "b9e26f5614432cd463a87d9b233bc94e595fcfa77d45f8ac364b2ddf93325ad2", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "npm-install-no-lockfile", "owasp": "A06:2021", "cwe_ids": ["CWE-1357"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348030+00:00", "triaged_in_corpus": 12, "observations_count": 317602, "ai_coder_pattern_id": 42}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b9e26f5614432cd463a87d9b233bc94e595fcfa77d45f8ac364b2ddf93325ad2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/py/parsing.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 140851, "scanner": "repobility-threat-engine", "fingerprint": "30cf6facfccda8d1fbc5fd5c3b706af9af0a1e3f5127d00f4ef50ee61222eb19", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|30cf6facfccda8d1fbc5fd5c3b706af9af0a1e3f5127d00f4ef50ee61222eb19"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/ml_selector/train_model.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 140849, "scanner": "repobility-threat-engine", "fingerprint": "9e4d3f9d6225806a46d3f9488fdd6470dc9de571a6ab2fe2d860e8d79efd245a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9e4d3f9d6225806a46d3f9488fdd6470dc9de571a6ab2fe2d860e8d79efd245a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/compressor_serialization/to_cbor.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 140848, "scanner": "repobility-threat-engine", "fingerprint": "7ec05d1704cf5f07531a0dfefe4c05ad5573aca536555606f8bde782f20f37c8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7ec05d1704cf5f07531a0dfefe4c05ad5573aca536555606f8bde782f20f37c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/ml_selector/generate_data.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "properties": {"repobilityId": 140846, "scanner": "repobility-threat-engine", "fingerprint": "28d6fa88cfd2b47bf6540af52e0c1f0c3dfa68aa8869f5f0481e0bfb0d3c6207", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|28d6fa88cfd2b47bf6540af52e0c1f0c3dfa68aa8869f5f0481e0bfb0d3c6207", "aggregated_count": 9}}}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 140845, "scanner": "repobility-threat-engine", "fingerprint": "c7389fe9cc395d0508808897e6b7d4319c1bd317096f47bef06534f060ce0de9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c7389fe9cc395d0508808897e6b7d4319c1bd317096f47bef06534f060ce0de9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/compress_app.cpp"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 140844, "scanner": "repobility-threat-engine", "fingerprint": "8cea20033deffea5213f2f9f99eae8e725e9fa5db192f6c71707b82e619a2831", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8cea20033deffea5213f2f9f99eae8e725e9fa5db192f6c71707b82e619a2831"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark/tools/inspect_split_byrange.c"}, "region": {"startLine": 214}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 140843, "scanner": "repobility-threat-engine", "fingerprint": "a8b5e149ce6ce3827eeff14ee00e82d5f187b485119b9353d5049126c19d03b0", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a8b5e149ce6ce3827eeff14ee00e82d5f187b485119b9353d5049126c19d03b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark/tools/input_gen.cpp"}, "region": {"startLine": 91}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "properties": {"repobilityId": 140842, "scanner": "repobility-threat-engine", "fingerprint": "29306b5028b90ab8087937c717cb745fd7e07ab4ccb4b2237f19cccb49788ca3", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "process_results", "breakdown": {"if": 7, "elif": 1, "else": 2, "except": 1, "ternary": 1, "nested_bonus": 3}, "aggregated": true, "complexity": 15, "correlation_key": "fp|29306b5028b90ab8087937c717cb745fd7e07ab4ccb4b2237f19cccb49788ca3", "aggregated_count": 9}}}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140978, "scanner": "repobility-supply-chain", "fingerprint": "e722473b034f4e9695f60c6fc4c66a654c709c3093db14da6b60a51075f1d7b2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e722473b034f4e9695f60c6fc4c66a654c709c3093db14da6b60a51075f1d7b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy-docs.yml"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140977, "scanner": "repobility-supply-chain", "fingerprint": "f1ce09388264b68aadf23341d32dabc58a174ab35a30dd60b1d548642c2a6668", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f1ce09388264b68aadf23341d32dabc58a174ab35a30dd60b1d548642c2a6668"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cmake-ci.yml"}, "region": {"startLine": 153}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140976, "scanner": "repobility-supply-chain", "fingerprint": "dc1279bde20a2bbf8f318cfe2f097b46bd7454c11e6624f658dc0778e1c059c9", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|dc1279bde20a2bbf8f318cfe2f097b46bd7454c11e6624f658dc0778e1c059c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cmake-ci.yml"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140975, "scanner": "repobility-supply-chain", "fingerprint": "d33098370e765e2577c9dcb41b9c5084deb80af5f780aa2bb9a9b5c76cb41e56", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d33098370e765e2577c9dcb41b9c5084deb80af5f780aa2bb9a9b5c76cb41e56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cmake-ci.yml"}, "region": {"startLine": 76}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140974, "scanner": "repobility-supply-chain", "fingerprint": "47243b10b2c72af00b09cff4e93a5d5bc9b95e285f4e0da6290d8b84921dce5d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|47243b10b2c72af00b09cff4e93a5d5bc9b95e285f4e0da6290d8b84921dce5d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/weekly-static-analysis.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/configure-pages` pinned to mutable ref `@v5`: `uses: actions/configure-pages@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140973, "scanner": "repobility-supply-chain", "fingerprint": "50ae34b21b4c0a0e10d5c70afafb92fd2a0aba95f2090600678c6c0e1df13368", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|50ae34b21b4c0a0e10d5c70afafb92fd2a0aba95f2090600678c6c0e1df13368"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-deploy-docs.yml"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v4`: `uses: actions/setup-node@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140972, "scanner": "repobility-supply-chain", "fingerprint": "fa21cfbab4a849b98ecfb551b8e635b430d0c26b936d29861b165366a2171d3c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fa21cfbab4a849b98ecfb551b8e635b430d0c26b936d29861b165366a2171d3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-deploy-docs.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140971, "scanner": "repobility-supply-chain", "fingerprint": "2187aa39c4e6ff2de20d8089997c277cd1fada3c17c299a4187c895e6488fcb3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2187aa39c4e6ff2de20d8089997c277cd1fada3c17c299a4187c895e6488fcb3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-deploy-docs.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140970, "scanner": "repobility-supply-chain", "fingerprint": "be2997da6b959e62ab3046b2bbcf50971cf465fbe669d36f5f418a5b36336447", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|be2997da6b959e62ab3046b2bbcf50971cf465fbe669d36f5f418a5b36336447"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cross-platform-ci.yml"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140969, "scanner": "repobility-supply-chain", "fingerprint": "eca75f17cec5d0be4cd51575de6703222b1e4ff969c82fd958d2b213c272fa76", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|eca75f17cec5d0be4cd51575de6703222b1e4ff969c82fd958d2b213c272fa76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 256}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140968, "scanner": "repobility-supply-chain", "fingerprint": "8a0375b45289de54522a7fb761cbb60bb54d6082dad9b97c7911638ea959dcd4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8a0375b45289de54522a7fb761cbb60bb54d6082dad9b97c7911638ea959dcd4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 254}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140967, "scanner": "repobility-supply-chain", "fingerprint": "11dfe45f5637ec53a6bfa291db4722901283ff950d710b73695c1a9eaa23b02f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|11dfe45f5637ec53a6bfa291db4722901283ff950d710b73695c1a9eaa23b02f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 242}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140966, "scanner": "repobility-supply-chain", "fingerprint": "6193ea3e212085b60e7625dda9f6683f7af0cc7070541aae1195f250de93a9f6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6193ea3e212085b60e7625dda9f6683f7af0cc7070541aae1195f250de93a9f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 222}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140965, "scanner": "repobility-supply-chain", "fingerprint": "b7878edcd1b08662bc209de215eff515b918a15a65d35f17038b09fe4ab207fd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b7878edcd1b08662bc209de215eff515b918a15a65d35f17038b09fe4ab207fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 196}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140964, "scanner": "repobility-supply-chain", "fingerprint": "d90846e3fe0e5969f2e07f8e54202b31a754597bf78d3b6bb3466ced464be06a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d90846e3fe0e5969f2e07f8e54202b31a754597bf78d3b6bb3466ced464be06a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 194}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140963, "scanner": "repobility-supply-chain", "fingerprint": "a07cfab44d586c40bec828975dfedad5a037383ea652891b86334d5151af7e7b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a07cfab44d586c40bec828975dfedad5a037383ea652891b86334d5151af7e7b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 185}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140962, "scanner": "repobility-supply-chain", "fingerprint": "b55b9b111353d6dc549640ad778f752965d8c1b2810c45a2cf9a8ec8622c4c20", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b55b9b111353d6dc549640ad778f752965d8c1b2810c45a2cf9a8ec8622c4c20"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 176}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140961, "scanner": "repobility-supply-chain", "fingerprint": "5d652a91e018c70f725f99a14d672efb4d1755eb67da78bde9db207c53f54190", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5d652a91e018c70f725f99a14d672efb4d1755eb67da78bde9db207c53f54190"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140960, "scanner": "repobility-supply-chain", "fingerprint": "0af1fa7efc10d392cb876a4de930f222ed9b61690110c6e111379bb9969cf53a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0af1fa7efc10d392cb876a4de930f222ed9b61690110c6e111379bb9969cf53a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 126}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140959, "scanner": "repobility-supply-chain", "fingerprint": "9bfdb8290a3b8aa000342d493f966029d5602406dfce9d63d055242da82e6d83", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9bfdb8290a3b8aa000342d493f966029d5602406dfce9d63d055242da82e6d83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140958, "scanner": "repobility-supply-chain", "fingerprint": "a07d639c88c490d68590d3cb3b4fcf3f94a0a762765bd24b25a47dcba87f875b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a07d639c88c490d68590d3cb3b4fcf3f94a0a762765bd24b25a47dcba87f875b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dev-ci.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `msys2/setup-msys2` pinned to mutable ref `@v2`: `uses: msys2/setup-msys2@v2` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140957, "scanner": "repobility-supply-chain", "fingerprint": "f54b09577a1cf5e124cfde6e7331329273663f0eb5241a0bbf031b40b44519fa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f54b09577a1cf5e124cfde6e7331329273663f0eb5241a0bbf031b40b44519fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/windows-ci.yml"}, "region": {"startLine": 165}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140956, "scanner": "repobility-supply-chain", "fingerprint": "dccbeb940cb5319d4837a78840b0362007a78e0bff0afcd2da0ba78a8609d1aa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|dccbeb940cb5319d4837a78840b0362007a78e0bff0afcd2da0ba78a8609d1aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/windows-ci.yml"}, "region": {"startLine": 162}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `microsoft/setup-msbuild` pinned to mutable ref `@v2`: `uses: microsoft/setup-msbuild@v2` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140955, "scanner": "repobility-supply-chain", "fingerprint": "2b8bbae0d0abab944f9d2b79085bf3c0c2ba4b5cb807504ea63117220be0a371", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2b8bbae0d0abab944f9d2b79085bf3c0c2ba4b5cb807504ea63117220be0a371"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/windows-ci.yml"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140954, "scanner": "repobility-supply-chain", "fingerprint": "3c19317fc302805bef68cdc58b6cbe6f1a880db0bac986b14b8fb45f0b19999d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3c19317fc302805bef68cdc58b6cbe6f1a880db0bac986b14b8fb45f0b19999d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/windows-ci.yml"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_handler_smoke: Test function `test_handler_smoke` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140939, "scanner": "repobility-ast-engine", "fingerprint": "59e142f6b68a237209b61618a5e2211d7d173a44acaa7258376543fff238c939", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|59e142f6b68a237209b61618a5e2211d7d173a44acaa7258376543fff238c939"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/mkdocs/mkdocstrings-zstd/tests/test_handler.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compress_decompress: Test function `test_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140938, "scanner": "repobility-ast-engine", "fingerprint": "d779b3d72970f863205531eb93db262fe6a563c105a0ec7ad54fcefe64de906f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d779b3d72970f863205531eb93db262fe6a563c105a0ec7ad54fcefe64de906f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 532}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_permissive_mode_succeeds: Test function `test_permissive_mode_succeeds` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140937, "scanner": "repobility-ast-engine", "fingerprint": "f93c67b9ac8a13904cf7706719a1ad7963e83c3a072a8fd8f49b813c6c98687f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f93c67b9ac8a13904cf7706719a1ad7963e83c3a072a8fd8f49b813c6c98687f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 466}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_serial_with_chunk_size: Test function `test_serial_with_chunk_size` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140936, "scanner": "repobility-ast-engine", "fingerprint": "79fdbb2a30e6eb9a4a5c1851628ce4589165be94b920d270b589e5b41c93c8b1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|79fdbb2a30e6eb9a4a5c1851628ce4589165be94b920d270b589e5b41c93c8b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 437}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_serial_default_chunk_size: Test function `test_serial_default_chunk_size` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140935, "scanner": "repobility-ast-engine", "fingerprint": "10dd4c5e2380232e672de4830e39a9180070de695f80edc7a4afad8789e50d51", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|10dd4c5e2380232e672de4830e39a9180070de695f80edc7a4afad8789e50d51"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 433}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_numeric_profiles_with_chunk_size: Test function `test_numeric_profiles_with_chunk_size` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140934, "scanner": "repobility-ast-engine", "fingerprint": "8fd5617d9a0f3128009c466dd82375195574eac67cabe38a29192113239a98be", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8fd5617d9a0f3128009c466dd82375195574eac67cabe38a29192113239a98be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 374}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_numeric_profiles_roundtrip: Test function `test_numeric_profiles_roundtrip` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140933, "scanner": "repobility-ast-engine", "fingerprint": "0c4e3aa4e8b7d8af3cff403a58c478ea5a732bb91809939845d64b3b33666953", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0c4e3aa4e8b7d8af3cff403a58c478ea5a732bb91809939845d64b3b33666953"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 368}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_benchmark: Test function `test_benchmark` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140932, "scanner": "repobility-ast-engine", "fingerprint": "d60c4780e0ba6790e703b03b43222e881287c63f3db5075b1c473b8f7fa37eb2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d60c4780e0ba6790e703b03b43222e881287c63f3db5075b1c473b8f7fa37eb2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140931, "scanner": "repobility-ast-engine", "fingerprint": "1c4d37e96ac961d4743ad1e00025c09ff9fbfecba1f36f965b5232583dd7a9ee", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c4d37e96ac961d4743ad1e00025c09ff9fbfecba1f36f965b5232583dd7a9ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 112}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compress_decompress: Test function `test_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140930, "scanner": "repobility-ast-engine", "fingerprint": "7a19ebeb2b117f1e928a1e48e17a5a7c4963490f6f76fc5326a8419b468a898d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a19ebeb2b117f1e928a1e48e17a5a7c4963490f6f76fc5326a8419b468a898d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compress_decompress: Test function `test_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140929, "scanner": "repobility-ast-engine", "fingerprint": "103bd12092dd2eace8dff41e80b7eb73375c83ad96f4d1afc3c3aedb6c065057", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|103bd12092dd2eace8dff41e80b7eb73375c83ad96f4d1afc3c3aedb6c065057"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_integration_tests.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140928, "scanner": "repobility-ast-engine", "fingerprint": "fa792efd53cde662f4a18ac769b3c364e63b3171ca1261391d56ebb3e347ad5a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fa792efd53cde662f4a18ac769b3c364e63b3171ca1261391d56ebb3e347ad5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_train_tests.py"}, "region": {"startLine": 339}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140927, "scanner": "repobility-ast-engine", "fingerprint": "754571a4b85f15e00034a5e89279983612e9ae64b96f0eda7a2c0f22dc2eef30", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|754571a4b85f15e00034a5e89279983612e9ae64b96f0eda7a2c0f22dc2eef30"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_train_tests.py"}, "region": {"startLine": 307}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_inline: Test function `test_train_inline` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140926, "scanner": "repobility-ast-engine", "fingerprint": "30ad76bc37f142e5e954b46c6b9d124079f94d8fef76c20af1cab5805f40cdb9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|30ad76bc37f142e5e954b46c6b9d124079f94d8fef76c20af1cab5805f40cdb9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_train_tests.py"}, "region": {"startLine": 286}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_inline: Test function `test_train_inline` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140925, "scanner": "repobility-ast-engine", "fingerprint": "cf1775b0b9a517f510d7079125d7c47bf661a9adf9d6eeb8a41e39a3c1036599", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf1775b0b9a517f510d7079125d7c47bf661a9adf9d6eeb8a41e39a3c1036599"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_train_tests.py"}, "region": {"startLine": 273}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140924, "scanner": "repobility-ast-engine", "fingerprint": "ed351baec44d3af99da0f38d08c12426f2fd30cfad257b711036ddcf03ac3da5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ed351baec44d3af99da0f38d08c12426f2fd30cfad257b711036ddcf03ac3da5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_train_tests.py"}, "region": {"startLine": 251}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_dynamic_ml_successors: Test function `test_dynamic_ml_successors` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140923, "scanner": "repobility-ast-engine", "fingerprint": "efab9d97fbf3bf6b67ee288812cca917bad425767c2512d34131520c3e26480c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|efab9d97fbf3bf6b67ee288812cca917bad425767c2512d34131520c3e26480c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_train_tests.py"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140922, "scanner": "repobility-ast-engine", "fingerprint": "1559dce9297a0c6166ef48eb86a5d28b0b762375c07048dd00a5756f80efb94a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1559dce9297a0c6166ef48eb86a5d28b0b762375c07048dd00a5756f80efb94a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 143}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_compress_decompress: Test function `test_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140921, "scanner": "repobility-ast-engine", "fingerprint": "f813bd7a8e286a571398377cb369eaca0e06ee06427187ebb4b071488e003b0a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f813bd7a8e286a571398377cb369eaca0e06ee06427187ebb4b071488e003b0a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140920, "scanner": "repobility-ast-engine", "fingerprint": "bacfdfd4d9271eb9696859d4c20ac177bb20995cd0fe45065e4c7c3b83e6e3fa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bacfdfd4d9271eb9696859d4c20ac177bb20995cd0fe45065e4c7c3b83e6e3fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140919, "scanner": "repobility-ast-engine", "fingerprint": "b2b3a7e24051a3bd2fcfb2cdfdd805f48c99e9636c49d0a65d186ceb895c85d5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b2b3a7e24051a3bd2fcfb2cdfdd805f48c99e9636c49d0a65d186ceb895c85d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140918, "scanner": "repobility-ast-engine", "fingerprint": "f68bc1cbe4eca461d707ef24506ecaa50b29697eb02e128b2333d7be41e741a8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f68bc1cbe4eca461d707ef24506ecaa50b29697eb02e128b2333d7be41e741a8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140917, "scanner": "repobility-ast-engine", "fingerprint": "98f76af6c4a789ba99ef3f53c8e7c26aa9c99a34d00bd54a7f283c09606c5b48", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|98f76af6c4a789ba99ef3f53c8e7c26aa9c99a34d00bd54a7f283c09606c5b48"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140916, "scanner": "repobility-ast-engine", "fingerprint": "633ab8a79df186efce286cb14b921c829b6449cd4f4be958db44835d2ed82b15", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|633ab8a79df186efce286cb14b921c829b6449cd4f4be958db44835d2ed82b15"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_train_compress_decompress: Test function `test_train_compress_decompress` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140915, "scanner": "repobility-ast-engine", "fingerprint": "210f76b1185a757e33927c2992c7cc92ca6f69a14022b05de1102648257fda2c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|210f76b1185a757e33927c2992c7cc92ca6f69a14022b05de1102648257fda2c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/cli_formats_tests.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertFalse` used but never assigned in __init__: Method `test_field_lz` of class `CompressTest` reads `self.assertFalse`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140914, "scanner": "repobility-ast-engine", "fingerprint": "7d3960d6e868b4930af08080599d72f34c3ce98184f3ecd8850af384e39d2186", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7d3960d6e868b4930af08080599d72f34c3ce98184f3ecd8850af384e39d2186"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.output` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.output`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140913, "scanner": "repobility-ast-engine", "fingerprint": "a5cd957dac28eb60169a2c8cb9c9aa7f6812028640c88f3dd1006249f10ffa9a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a5cd957dac28eb60169a2c8cb9c9aa7f6812028640c88f3dd1006249f10ffa9a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.input` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.input`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140912, "scanner": "repobility-ast-engine", "fingerprint": "5388c53f89e90459322273b283192f955ad3b9d204ef1c6f621d21f314810056", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5388c53f89e90459322273b283192f955ad3b9d204ef1c6f621d21f314810056"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.json` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.json`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140911, "scanner": "repobility-ast-engine", "fingerprint": "b2764abf1d271ba6fe3fd466d7464e41a6f394c177271f7580b23cb331cd7027", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b2764abf1d271ba6fe3fd466d7464e41a6f394c177271f7580b23cb331cd7027"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.output` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.output`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140910, "scanner": "repobility-ast-engine", "fingerprint": "d285986f0db355157ebacb73059a7eb2f2c1ebbc0afa1192835c35199458ac82", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d285986f0db355157ebacb73059a7eb2f2c1ebbc0afa1192835c35199458ac82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertTrue` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.assertTrue`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140909, "scanner": "repobility-ast-engine", "fingerprint": "f8e7601672f58255e72a36561544a22da2601ad81936fe6d804bef4481b06374", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f8e7601672f58255e72a36561544a22da2601ad81936fe6d804bef4481b06374"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.compress` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.compress`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140908, "scanner": "repobility-ast-engine", "fingerprint": "06bb676b9e6ea8c7df91078ff65a32330b3188b3df7d4b357848f1fb189c0b16", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|06bb676b9e6ea8c7df91078ff65a32330b3188b3df7d4b357848f1fb189c0b16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.dump` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.dump`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140907, "scanner": "repobility-ast-engine", "fingerprint": "b7c47ac71a2c725d0d41d3248effd86fb625a65cb5d79ef984ceb275fd930bfc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b7c47ac71a2c725d0d41d3248effd86fb625a65cb5d79ef984ceb275fd930bfc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertFalse` used but never assigned in __init__: Method `test_json_file` of class `CompressTest` reads `self.assertFalse`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140906, "scanner": "repobility-ast-engine", "fingerprint": "0c3d57af87586a6840386025a506def7d09d3fc08b0189dc0ef376724e84cda2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0c3d57af87586a6840386025a506def7d09d3fc08b0189dc0ef376724e84cda2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.output` used but never assigned in __init__: Method `test_constant` of class `CompressTest` reads `self.output`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140905, "scanner": "repobility-ast-engine", "fingerprint": "4173f933457008d97b998753b0a5fc7e039b0b6c3c7d02d87cd0876668115153", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4173f933457008d97b998753b0a5fc7e039b0b6c3c7d02d87cd0876668115153"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.input` used but never assigned in __init__: Method `test_constant` of class `CompressTest` reads `self.input`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140904, "scanner": "repobility-ast-engine", "fingerprint": "87731a64fea83483ff87a9779d695c637cc19b651a954cd03e7fbb5d840f9165", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|87731a64fea83483ff87a9779d695c637cc19b651a954cd03e7fbb5d840f9165"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.output` used but never assigned in __init__: Method `test_constant` of class `CompressTest` reads `self.output`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140903, "scanner": "repobility-ast-engine", "fingerprint": "d8c9e7556af12a81defa3fb831b6fd3f12f925893805e40cc8387ecf546f16ff", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d8c9e7556af12a81defa3fb831b6fd3f12f925893805e40cc8387ecf546f16ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertTrue` used but never assigned in __init__: Method `test_constant` of class `CompressTest` reads `self.assertTrue`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140902, "scanner": "repobility-ast-engine", "fingerprint": "a47057ef3dc89b7195c0bbf51fbe26e7e90cd4ce0c73860676030f78825c5cf5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a47057ef3dc89b7195c0bbf51fbe26e7e90cd4ce0c73860676030f78825c5cf5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.compress` used but never assigned in __init__: Method `test_constant` of class `CompressTest` reads `self.compress`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140901, "scanner": "repobility-ast-engine", "fingerprint": "de59efb5df030ef52cc7d8f612bda08e0b7d1c6966e3eeb8545bbf61dadab39f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|de59efb5df030ef52cc7d8f612bda08e0b7d1c6966e3eeb8545bbf61dadab39f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertFalse` used but never assigned in __init__: Method `test_constant` of class `CompressTest` reads `self.assertFalse`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140900, "scanner": "repobility-ast-engine", "fingerprint": "0bb362607cbd7130ad8972ef30893b826f252ca0c2739880d0d311652da44f03", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0bb362607cbd7130ad8972ef30893b826f252ca0c2739880d0d311652da44f03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.json` used but never assigned in __init__: Method `dump` of class `CompressTest` reads `self.json`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140899, "scanner": "repobility-ast-engine", "fingerprint": "852c1c54f23dbd8c6d82319e8991fa0a51080c6b223f571dea9be0abc41da078", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|852c1c54f23dbd8c6d82319e8991fa0a51080c6b223f571dea9be0abc41da078"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tempdir` used but never assigned in __init__: Method `tearDown` of class `CompressTest` reads `self.tempdir`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140898, "scanner": "repobility-ast-engine", "fingerprint": "5b3ca79d835d6c548f4c21ae5cc9e446482175352a6d81ed6e29119cf35642d5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5b3ca79d835d6c548f4c21ae5cc9e446482175352a6d81ed6e29119cf35642d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.input` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.input`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140897, "scanner": "repobility-ast-engine", "fingerprint": "115f0d6394af82b6c90dcd42d1c6516411e2101361aac1b1142064a40ee2e12a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|115f0d6394af82b6c90dcd42d1c6516411e2101361aac1b1142064a40ee2e12a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tempdir` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.tempdir`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140896, "scanner": "repobility-ast-engine", "fingerprint": "24baf5cf2ed38f3e762521268c23f0f396b3f7ebfb0bb481444bbd33e826f25e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|24baf5cf2ed38f3e762521268c23f0f396b3f7ebfb0bb481444bbd33e826f25e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.input` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.input`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140895, "scanner": "repobility-ast-engine", "fingerprint": "5685520d2e50b16331c260b3feba6e01686c8093f3df039f0959441c41406c04", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5685520d2e50b16331c260b3feba6e01686c8093f3df039f0959441c41406c04"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tempdir` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.tempdir`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140894, "scanner": "repobility-ast-engine", "fingerprint": "5117eee4f950d63ac89480cad8f91e562fe4a5574576f31d099aff2592c994b9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5117eee4f950d63ac89480cad8f91e562fe4a5574576f31d099aff2592c994b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.json` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.json`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140893, "scanner": "repobility-ast-engine", "fingerprint": "5dd1e26d4a25569c26c5dc0b5e3f1337716e40dd0a1eeced39c6c701c00caa34", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5dd1e26d4a25569c26c5dc0b5e3f1337716e40dd0a1eeced39c6c701c00caa34"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.output` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.output`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140892, "scanner": "repobility-ast-engine", "fingerprint": "5f2b72575224cfc85492743cacede4f4654fee98aa2fd06fc2919d486568c8c3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f2b72575224cfc85492743cacede4f4654fee98aa2fd06fc2919d486568c8c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.input` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.input`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140891, "scanner": "repobility-ast-engine", "fingerprint": "c00dbd8f1c62adc8ef0ebb6e5c51b19b8a55252019f08f21289ee48e4b0ce285", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c00dbd8f1c62adc8ef0ebb6e5c51b19b8a55252019f08f21289ee48e4b0ce285"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tempdir` used but never assigned in __init__: Method `setUp` of class `CompressTest` reads `self.tempdir`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140890, "scanner": "repobility-ast-engine", "fingerprint": "863297d5d73575bab2f401b7e639d185e1d8f89ff58f95f04a423335fcb0325e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|863297d5d73575bab2f401b7e639d185e1d8f89ff58f95f04a423335fcb0325e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/compress_test.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 140871, "scanner": "repobility-threat-engine", "fingerprint": "5ef534e91d26cffbd0f361cd7662f083c5921ed1007cfda00b036fb813940168", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "map((streamID) => `T${this.id} -> S${streamID}[label=\"#${labelNum--}", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5ef534e91d26cffbd0f361cd7662f083c5921ed1007cfda00b036fb813940168"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/visualization_app/src/models/Codec.ts"}, "region": {"startLine": 91}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 140863, "scanner": "repobility-threat-engine", "fingerprint": "e3600dc5383eaa2f4091fdc5d57aee593e8bc625e30c6fdb094053c85b3794bb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "sampler.update(component);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e3600dc5383eaa2f4091fdc5d57aee593e8bc625e30c6fdb094053c85b3794bb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/training/ace/ace_mutate.h"}, "region": {"startLine": 28}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 140862, "scanner": "repobility-threat-engine", "fingerprint": "a4fb98f1a5da62a16e7f9c14e400b45ba9080ea608dfc6b1b1ace552e34d940f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "sampler.update(component);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a4fb98f1a5da62a16e7f9c14e400b45ba9080ea608dfc6b1b1ace552e34d940f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/training/ace/ace_crossover.h"}, "region": {"startLine": 54}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 140861, "scanner": "repobility-threat-engine", "fingerprint": "fafe4956925b3bfb8d99d81aa91820727dc84073c95ba88019ad53a211ca91a4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "target.update({f\"{t}_ctime\": ctimes[t] for t in ctimes})", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|fafe4956925b3bfb8d99d81aa91820727dc84073c95ba88019ad53a211ca91a4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/py/zstrong_ml.py"}, "region": {"startLine": 285}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 140859, "scanner": "repobility-threat-engine", "fingerprint": "e6840169d64ce3c5a8450a8f56ffd74dee53454d3a2085786ac586c3a9ed34db", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|examples/zs2_struct.c|199|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/zs2_struct.c"}, "region": {"startLine": 199}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 140858, "scanner": "repobility-threat-engine", "fingerprint": "cff002d708b5d6296ad9f4552dbb7deb23b164d627a2ca5e99b84bd5b33016c9", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|examples/zs2_pipeline.c|136|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/zs2_pipeline.c"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 140847, "scanner": "repobility-threat-engine", "fingerprint": "7e91f89411985e7e7d99f7fd64f9255d1ea3a3a8c5efcab9e58dc19e461188bc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7e91f89411985e7e7d99f7fd64f9255d1ea3a3a8c5efcab9e58dc19e461188bc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/ml_selector/generate_data.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `html` used but not imported: The file uses `html.something(...)` but never imports `html`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140940, "scanner": "repobility-ast-engine", "fingerprint": "b88018b24611d0ec8095de5e2905b79140e328d0b2992047c02960ab796de98c", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b88018b24611d0ec8095de5e2905b79140e328d0b2992047c02960ab796de98c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/mkdocs/mkdocstrings-zstd/tests/test_handler.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 140853, "scanner": "repobility-threat-engine", "fingerprint": "9baad84b0a2dcb05654f361faa74f4e859283f15191e779ab178b3e2fa98563a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9baad84b0a2dcb05654f361faa74f4e859283f15191e779ab178b3e2fa98563a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/openzl/compress/name.c"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 140852, "scanner": "repobility-threat-engine", "fingerprint": "2bec9dce0bc1ee1afa870370e55c250dc6a4de975df8195706aeebdef2a06cad", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2bec9dce0bc1ee1afa870370e55c250dc6a4de975df8195706aeebdef2a06cad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/ml_selector/zs2_core_mlselector.c"}, "region": {"startLine": 57}}}]}]}]}