{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "WEB003", "name": "Public web service has no security.txt", "shortDescription": {"text": "Public web service has no security.txt"}, "fullDescription": {"text": "security.txt gives researchers and customers a safe disclosure channel. Public web apps and APIs should publish it under /.well-known/security.txt."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "SEC068", "name": "[SEC068] Dockerfile: base image uses :latest or no tag: FROM uses :latest or no tag \u2014 builds are not reproducible and ma", "shortDescription": {"text": "[SEC068] Dockerfile: base image uses :latest or no tag: FROM uses :latest or no tag \u2014 builds are not reproducible and may pull a compromised parent image. Ported from trivy DS001 (Apache-2.0)."}, "fullDescription": {"text": "Pin to a specific version tag (e.g. python:3.12.4-slim) or digest (image@sha256:...)."}, "properties": {"scanner": "repobility-threat-engine", "category": "docker", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `__init__` has cognitive complexity 16 (SonarSource scale). Cognitive comp", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `__init__` has cognitive complexity 16 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 16."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "SEC034", "name": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines o", "shortDescription": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (S"}, "fullDescription": {"text": "Strip control characters before logging:\n  safe = user_input.replace('\\n','').replace('\\r','').replace('\\x00','')\n  logger.info('User action: %s', safe)\nAlways use parameterized logging (`%s` + args), never f-strings or string concat \u2014 that's also what mitigates log4shell-style attacks. For structured logging, use a JSON formatter that escapes values."}, "properties": {"scanner": "repobility-threat-engine", "category": "log_injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT012", "name": "Agent control bridge may listen on a network interface without visible auth", "shortDescription": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "fullDescription": {"text": "Agent, MCP, sidecar, and command bridge servers often start as local helpers. Binding them to 0.0.0.0 or a default all-interface listener without an authorization guard can expose tool execution or session data to the LAN."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AGT005", "name": "Calendar/event date parsing can crash on malformed persisted data", "shortDescription": {"text": "Calendar/event date parsing can crash on malformed persisted data"}, "fullDescription": {"text": "Browser storage, migrations, and partial writes can leave invalid date strings. Rendering `new Date(event.startAt)` without a validity guard can crash React views."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.76, "cwe": "", "owasp": ""}}, {"id": "MINED124", "name": "requirements.txt: `twine` has no version pin", "shortDescription": {"text": "requirements.txt: `twine` has no version pin"}, "fullDescription": {"text": "Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "Mutable default argument in `wait_for_build_finish` (list)", "shortDescription": {"text": "Mutable default argument in `wait_for_build_finish` (list)"}, "fullDescription": {"text": "`def wait_for_build_finish(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "QUAL003", "name": "Magic number used as default arg", "shortDescription": {"text": "Magic number used as default arg"}, "fullDescription": {"text": "Using hardcoded default values for complex configuration objects makes the code brittle and difficult to manage. Consider using a dedicated factory or builder pattern.\n\nAuto-promoted from proposal 444 on 2026-05-12. Synth confidence: 0.85. FP estimate: 0.00."}, "properties": {"scanner": "repobility", "category": "quality", "severity": "medium", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "QUAL002", "name": "Python mutable default argument", "shortDescription": {"text": "Python mutable default argument"}, "fullDescription": {"text": "def f(x=[]) \u2014 Python gotcha; mutates across calls."}, "properties": {"scanner": "repobility", "category": "quality", "severity": "medium", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "TEST002", "name": "Function is stub-only (pass/raise NotImplementedError)", "shortDescription": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "fullDescription": {"text": "Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"scanner": "repobility", "category": "test_quality", "severity": "medium", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "SUPC002", "name": "Supply chain \u2014 npm install without lockfile", "shortDescription": {"text": "Supply chain \u2014 npm install without lockfile"}, "fullDescription": {"text": "Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "properties": {"scanner": "repobility", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "CWE-285", "owasp": "WSTG-AUTHZ"}}, {"id": "DKR007", "name": "Docker build context has no .dockerignore", "shortDescription": {"text": "Docker build context has no .dockerignore"}, "fullDescription": {"text": "Without .dockerignore, build context can include source history, local env files, dependencies, and generated artifacts."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "DKR001", "name": "Docker final stage has no non-root USER", "shortDescription": {"text": "Docker final stage has no non-root USER"}, "fullDescription": {"text": "Docker images run as root unless the image or Dockerfile switches to a non-root user."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "DKR003", "name": "Dockerfile base image uses the latest tag", "shortDescription": {"text": "Dockerfile base image uses the latest tag"}, "fullDescription": {"text": "The latest tag is mutable and can change without a code review, producing different images from the same source."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.94, "cwe": "", "owasp": ""}}, {"id": "ERR002", "name": "[ERR002] Empty Catch Block: Empty catch blocks hide errors.", "shortDescription": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "fullDescription": {"text": "Log the error or rethrow it. Use console.error() at minimum."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AIC001", "name": "Parallel implementation file sits beside a canonical file", "shortDescription": {"text": "Parallel implementation file sits beside a canonical file"}, "fullDescription": {"text": "AI-assisted edits often create a new sibling file instead of integrating the change into the existing module. That leaves two paths for future maintainers to understand and can hide the code that is actually wired into the app."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "SEC075", "name": "[SEC075] Dockerfile: no HEALTHCHECK: No HEALTHCHECK directive \u2014 orchestrators can't detect a wedged process. Ported from", "shortDescription": {"text": "[SEC075] Dockerfile: no HEALTHCHECK: No HEALTHCHECK directive \u2014 orchestrators can't detect a wedged process. Ported from trivy DS026 / checkov CKV_DOCKER_2 (Apache-2.0). Implement file-level: skip if file contains `^\\s*HEALTHCHECK\\b`."}, "fullDescription": {"text": "Add `HEALTHCHECK CMD curl -f http://localhost:PORT/health || exit 1`."}, "properties": {"scanner": "repobility-threat-engine", "category": "docker", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "SEC022", "name": "[SEC022] Database URL With Embedded Credential: A database connection URL contains an embedded username and password. Th", "shortDescription": {"text": "[SEC022] Database URL With Embedded Credential: A database connection URL contains an embedded username and password. These URLs are often copied into defaults, docs, and scripts, then leak working credentials."}, "fullDescription": {"text": "Remove the embedded password, require the URL from a secret store or environment variable, and rotate the database credential."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "low", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Files named as final, fixed, copy, new, or backup are often temporary patch artifacts. They may be legitimate, but they deserve review before becoming production surface area."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED062", "name": "[MINED062] Python Dataclass No Fields (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED062] Python Dataclass No Fields (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 12 more): Same pattern found in 12 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED054", "name": "[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.", "shortDescription": {"text": "[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-704 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 80 more): Same pattern found in 80 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 80 more): Same pattern found in 80 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED045", "name": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.", "shortDescription": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED052", "name": "[MINED052] Ts Any Typed (and 20 more): Same pattern found in 20 additional files. Review if needed.", "shortDescription": {"text": "[MINED052] Ts Any Typed (and 20 more): Same pattern found in 20 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-704 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 10 more): Same pattern found in 10 addi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod (and 31 more): Same pattern found in 31 additional files. Review if needed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod (and 31 more): Same pattern found in 31 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC001", "name": "[SEC001] Hardcoded Password: Hardcoded password found in source code.", "shortDescription": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "fullDescription": {"text": "Use environment variables or a secrets manager."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequen", "shortDescription": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "cwe": "", "owasp": ""}}, {"id": "SEC083", "name": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported fr", "shortDescription": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "fullDescription": {"text": "Use a literal RegExp or whitelist-validate user input before constructing patterns."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC069", "name": "[SEC069] Dockerfile: no USER directive (runs as root): Container runs as root because no USER directive was set. Ported ", "shortDescription": {"text": "[SEC069] Dockerfile: no USER directive (runs as root): Container runs as root because no USER directive was set. Ported from trivy DS002 / checkov CKV_DOCKER_3 (Apache-2.0). Implement as a file-level rule: skip if file contains `^\\s*USER\\s+"}, "fullDescription": {"text": "Add `RUN adduser -D app && USER app` before the CMD/ENTRYPOINT."}, "properties": {"scanner": "repobility-threat-engine", "category": "docker", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED016", "name": "[MINED016] Go Error Ignored: _, err := fn() with err not checked. Go anti-pattern.", "shortDescription": {"text": "[MINED016] Go Error Ignored: _, err := fn() with err not checked. Go anti-pattern."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-754 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC040", "name": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that int", "shortDescription": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTM"}, "fullDescription": {"text": "For plain text: use el.textContent = data.value (auto-escapes).\nFor HTML you need to render: el.innerHTML = DOMPurify.sanitize(html).\nFor React/Vue/Svelte: stop using innerHTML; use the framework's binding.\nWhen data comes from CV/PDF parsers, sanitize at the parser boundary too."}, "properties": {"scanner": "repobility-threat-engine", "category": "xss", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/upload-artifact` pinned to mutable ref `@v4`", "shortDescription": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "fullDescription": {"text": "`uses: actions/upload-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "Dockerfile FROM `e2bdev/code-interpreter:latest` not pinned by digest", "shortDescription": {"text": "Dockerfile FROM `e2bdev/code-interpreter:latest` not pinned by digest"}, "fullDescription": {"text": "`FROM e2bdev/code-interpreter:latest` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED110", "name": "Blocking call `urllib.request.urlopen` inside async function `test_download_url_with_expired_signing`", "shortDescription": {"text": "Blocking call `urllib.request.urlopen` inside async function `test_download_url_with_expired_signing`"}, "fullDescription": {"text": "`urllib.request.urlopen` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.rfile` used but never assigned in __init__", "shortDescription": {"text": "`self.rfile` used but never assigned in __init__"}, "fullDescription": {"text": "Method `do_PUT` of class `Handler` reads `self.rfile`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_traces_on_from_gcp_registry", "shortDescription": {"text": "Phantom test coverage: test_traces_on_from_gcp_registry"}, "fullDescription": {"text": "Test function `test_traces_on_from_gcp_registry` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "TEST001", "name": "Phantom test coverage \u2014 test files without real assertions", "shortDescription": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "fullDescription": {"text": "Test function that runs code but contains no assert/expect/should \u2014 passes regardless of behaviour."}, "properties": {"scanner": "repobility", "category": "test_quality", "severity": "high", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "ERRH001", "name": "Bare except: pass \u2014 silent failure", "shortDescription": {"text": "Bare except: pass \u2014 silent failure"}, "fullDescription": {"text": "except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"scanner": "repobility", "category": "error_handling", "severity": "high", "confidence": 0.45, "cwe": "", "owasp": ""}}, {"id": "CONC001", "name": "Concurrency \u2014 blocking call inside asyncio coroutine", "shortDescription": {"text": "Concurrency \u2014 blocking call inside asyncio coroutine"}, "fullDescription": {"text": "requests.get / time.sleep / open().read inside async def \u2014 blocks the event loop."}, "properties": {"scanner": "repobility", "category": "race_condition", "severity": "high", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "JRN004", "name": "Consent is collected in UI without visible backend audit persistence", "shortDescription": {"text": "Consent is collected in UI without visible backend audit persistence"}, "fullDescription": {"text": "A frontend journey appears to ask for consent to share identity/KYC/biometric data, but backend code does not show a consent audit model with scope, purpose, legal text version, timestamp, IP, or user-agent evidence."}, "properties": {"scanner": "repobility-journey-contract", "category": "auth", "severity": "high", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "SEC084", "name": "[SEC084] JS: require() with non-literal: require(<variable>) loads arbitrary modules \u2014 equivalent to eval at module scop", "shortDescription": {"text": "[SEC084] JS: require() with non-literal: require(<variable>) loads arbitrary modules \u2014 equivalent to eval at module scope. Ported from eslint-plugin-security detect-non-literal-require (Apache-2.0)."}, "fullDescription": {"text": "Use static imports or a static mapping `const modules = { foo: require('./foo') }`."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED035", "name": "[MINED035] Js New Function: new Function(...) compiles strings to functions.", "shortDescription": {"text": "[MINED035] Js New Function: new Function(...) compiles strings to functions."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED116", "name": "Workflow uses `secrets.E2B_API_KEY_STAGING` on a `pull_request` trigger", "shortDescription": {"text": "Workflow uses `secrets.E2B_API_KEY_STAGING` on a `pull_request` trigger"}, "fullDescription": {"text": "This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.E2B_API_KEY_STAGING }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "critical", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "SECR004", "name": "Password embedded in URL", "shortDescription": {"text": "Password embedded in URL"}, "fullDescription": {"text": "https://user:password@host \u2014 leaks creds via logs, referrer, error messages."}, "properties": {"scanner": "repobility", "category": "credential_exposure", "severity": "critical", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "SSTI001", "name": "SSTI \u2014 Jinja2 Template from user string", "shortDescription": {"text": "SSTI \u2014 Jinja2 Template from user string"}, "fullDescription": {"text": "jinja2.Environment().from_string(user_input) \u2014 full RCE via templates."}, "properties": {"scanner": "repobility", "category": "injection", "severity": "critical", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "SEC010", "name": "[SEC010] Cloud Provider Token: Cloud provider or SaaS API token found in source code.", "shortDescription": {"text": "[SEC010] Cloud Provider Token: Cloud provider or SaaS API token found in source code."}, "fullDescription": {"text": "Remove immediately and rotate the token. Use environment variables."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/223"}, "properties": {"repository": "e2b-dev/E2B", "repoUrl": "https://github.com/e2b-dev/E2B", "branch": "main"}, "results": [{"ruleId": "WEB003", "level": "warning", "message": {"text": "Public web service has no security.txt"}, "properties": {"repobilityId": 47144, "scanner": "repobility-web-presence", "fingerprint": "5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app/API but no security.txt file or route was discovered.", "evidence": {"rule_id": "WEB003", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9116", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".well-known/security.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC068", "level": "warning", "message": {"text": "[SEC068] Dockerfile: base image uses :latest or no tag: FROM uses :latest or no tag \u2014 builds are not reproducible and may pull a compromised parent image. Ported from trivy DS001 (Apache-2.0)."}, "properties": {"repobilityId": 47137, "scanner": "repobility-threat-engine", "fingerprint": "9c1e48686e7d61c1f2c60cd51259864654741bfd1b000845df2070654b18ec4d", "category": "docker", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "from typing", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC068", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9c1e48686e7d61c1f2c60cd51259864654741bfd1b000845df2070654b18ec4d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/dockerfile_parser.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 47135, "scanner": "repobility-threat-engine", "fingerprint": "10c86896669586aee8047e598acd7fd48c63a3109e3bca5f10b737df1a11151f", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|10c86896669586aee8047e598acd7fd48c63a3109e3bca5f10b737df1a11151f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/dockerfile_parser.py"}, "region": {"startLine": 276}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 47134, "scanner": "repobility-threat-engine", "fingerprint": "9999c77ac01e98f11d69c8ed9800941f78847bdd2cb35b247ff6a2112882abc8", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n            pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9999c77ac01e98f11d69c8ed9800941f78847bdd2cb35b247ff6a2112882abc8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/filesystem/watch_handle.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 47132, "scanner": "repobility-threat-engine", "fingerprint": "4edbdc3df3824f3c8177602146a111b5466ceffc2fff713e95bed6a313c0a47c", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n            pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|4edbdc3df3824f3c8177602146a111b5466ceffc2fff713e95bed6a313c0a47c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/commands/command_handle.py"}, "region": {"startLine": 143}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `__init__` has cognitive complexity 16 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: if=9, nested_bonus=2, or=2, recursion=1, ternary=2."}, "properties": {"repobilityId": 47106, "scanner": "repobility-threat-engine", "fingerprint": "c5de63112692da1811d2a469ced13e3a0a63f924ba052885cf36ec3c978f80a4", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 16 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "__init__", "breakdown": {"if": 9, "or": 2, "ternary": 2, "recursion": 1, "nested_bonus": 2}, "complexity": 16, "correlation_key": "fp|c5de63112692da1811d2a469ced13e3a0a63f924ba052885cf36ec3c978f80a4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/__init__.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "SEC034", "level": "warning", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (SIEM, splunk). Combined with template injection this can escalate to RCE (CVE-2021-44228 log4shell). CWE-117."}, "properties": {"repobilityId": 47103, "scanner": "repobility-threat-engine", "fingerprint": "05e28a708aa2fdca91973729aa979c7255b7eebd17771d54ec719ae9e7404f4b", "category": "log_injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "logger.info(f\"Request: {req", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|05e28a708aa2fdca91973729aa979c7255b7eebd17771d54ec719ae9e7404f4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client_sync/__init__.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "SEC034", "level": "warning", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (SIEM, splunk). Combined with template injection this can escalate to RCE (CVE-2021-44228 log4shell). CWE-117."}, "properties": {"repobilityId": 47101, "scanner": "repobility-threat-engine", "fingerprint": "bba71d6656078fe4016b87c839c3e3d5de1240588d9130dbded2dfd4149ec21c", "category": "log_injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "logger.info(f\"Request: {req", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|bba71d6656078fe4016b87c839c3e3d5de1240588d9130dbded2dfd4149ec21c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client_async/__init__.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "SEC034", "level": "warning", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\\n` to forge fake log entries, hide tracks, or exploit downstream log parsers (SIEM, splunk). Combined with template injection this can escalate to RCE (CVE-2021-44228 log4shell). CWE-117."}, "properties": {"repobilityId": 47100, "scanner": "repobility-threat-engine", "fingerprint": "b264d70910fd6265cadeece7f78ed10b81ff427a58f9662d94a7072672673699", "category": "log_injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "logger.info(f\"Request {request.method} {req", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b264d70910fd6265cadeece7f78ed10b81ff427a58f9662d94a7072672673699"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/__init__.py"}, "region": {"startLine": 177}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 47093, "scanner": "repobility-threat-engine", "fingerprint": "892e921f2834dfbf458abfa652663234078311ade21effb3c474e41764b06999", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new Function(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|16|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/undici.ts"}, "region": {"startLine": 16}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 47041, "scanner": "repobility-agent-runtime", "fingerprint": "a8950f4a4e46c7455289975f38542f19c7cbb5f07c55115ce39334b88ab6846e", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|a8950f4a4e46c7455289975f38542f19c7cbb5f07c55115ce39334b88ab6846e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/main.py"}, "region": {"startLine": 193}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 47038, "scanner": "repobility-agent-runtime", "fingerprint": "9a6e826bc55a7a8e02e0fec17d58cf5539e2ef250dac2a34f524b43c1eacb034", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|9a6e826bc55a7a8e02e0fec17d58cf5539e2ef250dac2a34f524b43c1eacb034"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/main.py"}, "region": {"startLine": 195}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 47036, "scanner": "repobility-agent-runtime", "fingerprint": "4f109d6c34d9ac50b95cb9c5bdfb3fef67b236643b5df4e82eec90c9fcbd5303", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|4f109d6c34d9ac50b95cb9c5bdfb3fef67b236643b5df4e82eec90c9fcbd5303"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/sandbox_api.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AGT005", "level": "warning", "message": {"text": "Calendar/event date parsing can crash on malformed persisted data"}, "properties": {"repobilityId": 47034, "scanner": "repobility-agent-runtime", "fingerprint": "f98c762fa839c8578e57fedda903d6950e5d4854e0c217b00015a34d25d0fd7c", "category": "quality", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File parses startAt/endAt directly with new Date but does not show an isValid/isNaN/parseISO guard.", "evidence": {"rule_id": "AGT005", "scanner": "repobility-agent-runtime", "references": ["https://react.dev/reference/react/useEffect"], "correlation_key": "fp|f98c762fa839c8578e57fedda903d6950e5d4854e0c217b00015a34d25d0fd7c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/sandboxApi.ts"}, "region": {"startLine": 854}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `twine` has no version pin"}, "properties": {"repobilityId": 46984, "scanner": "repobility-supply-chain", "fingerprint": "ae025a50549d8e5e25561d5d3a4d5af9f23e3ba71187b4767cc45d3b23276149", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ae025a50549d8e5e25561d5d3a4d5af9f23e3ba71187b4767cc45d3b23276149"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/connect-python/requirements-dev.txt"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `build` has no version pin"}, "properties": {"repobilityId": 46983, "scanner": "repobility-supply-chain", "fingerprint": "df11e5725f6e91489d49997a468cf9d53f8a39a077e0f27e819b182e688ede49", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|df11e5725f6e91489d49997a468cf9d53f8a39a077e0f27e819b182e688ede49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/connect-python/requirements-dev.txt"}, "region": {"startLine": 4}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `ruff` has no version pin"}, "properties": {"repobilityId": 46982, "scanner": "repobility-supply-chain", "fingerprint": "d5fd5f6d35629cee35cfa817925c3f89b2d122f457d1c7116ab5818e9502da53", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d5fd5f6d35629cee35cfa817925c3f89b2d122f457d1c7116ab5818e9502da53"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/connect-python/requirements-dev.txt"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46978, "scanner": "repobility-ast-engine", "fingerprint": "88b7538e986a874cea1c7c2b65bcc3c17a5a708b3c27d8b188333cf32a39cb97", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|88b7538e986a874cea1c7c2b65bcc3c17a5a708b3c27d8b188333cf32a39cb97"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/commands/command_handle.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46977, "scanner": "repobility-ast-engine", "fingerprint": "f4bb37f36ffd2bcdcbf97de061ffb43b221f10968549f3f18a15f76a93b0573f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f4bb37f36ffd2bcdcbf97de061ffb43b221f10968549f3f18a15f76a93b0573f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/_git/parse.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46976, "scanner": "repobility-ast-engine", "fingerprint": "30f65086d3f22291e849bec23111f5f20a5165296027555d88dc762cdd335d52", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|30f65086d3f22291e849bec23111f5f20a5165296027555d88dc762cdd335d52"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/_git/parse.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46975, "scanner": "repobility-ast-engine", "fingerprint": "c5aaa162a860442faa43846372b309c4eddeab87d247a13c3f6a4635a1f9f49f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c5aaa162a860442faa43846372b309c4eddeab87d247a13c3f6a4635a1f9f49f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/filesystem/watch_handle.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46974, "scanner": "repobility-ast-engine", "fingerprint": "4d1a65f31d9a10f98997d40784df0adbfe659c9164bb5e349fe390d63fca1cb8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4d1a65f31d9a10f98997d40784df0adbfe659c9164bb5e349fe390d63fca1cb8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/commands/command_handle.py"}, "region": {"startLine": 163}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "Mutable default argument in `wait_for_build_finish` (list)"}, "properties": {"repobilityId": 46973, "scanner": "repobility-ast-engine", "fingerprint": "afd6b4c7dc1d46d1d04918c3be451e6629dc52a4e4e8a6da02ba26b2044634ed", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|afd6b4c7dc1d46d1d04918c3be451e6629dc52a4e4e8a6da02ba26b2044634ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template_async/build_api.py"}, "region": {"startLine": 203}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46972, "scanner": "repobility-ast-engine", "fingerprint": "535c03d75a6a9620713d429b604780f168ffdb443368ff429edafd09243fb620", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|535c03d75a6a9620713d429b604780f168ffdb443368ff429edafd09243fb620"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/git.py"}, "region": {"startLine": 224}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46971, "scanner": "repobility-ast-engine", "fingerprint": "f011161460ce40055593ab2073a3473c8d9d6c692e8421d1ecd4d6d89e7a8fd0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f011161460ce40055593ab2073a3473c8d9d6c692e8421d1ecd4d6d89e7a8fd0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/git.py"}, "region": {"startLine": 210}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46970, "scanner": "repobility-ast-engine", "fingerprint": "a8e6689c535bd53b3ee215aedb167e3f1c4ddc639094dacf05d5778c3ae91ac1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a8e6689c535bd53b3ee215aedb167e3f1c4ddc639094dacf05d5778c3ae91ac1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/git.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "Mutable default argument in `wait_for_build_finish` (list)"}, "properties": {"repobilityId": 46969, "scanner": "repobility-ast-engine", "fingerprint": "88c077b4db597f233ccea246ecf9dc123f06269e7f1ce20dc09cb000115d1447", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|88c077b4db597f233ccea246ecf9dc123f06269e7f1ce20dc09cb000115d1447"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template_sync/build_api.py"}, "region": {"startLine": 202}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46968, "scanner": "repobility-ast-engine", "fingerprint": "1c8d1bdb2ba469cf2454a752bf3e51440d282ff034f3e27598d6df983b204a0f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c8d1bdb2ba469cf2454a752bf3e51440d282ff034f3e27598d6df983b204a0f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/git.py"}, "region": {"startLine": 245}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46967, "scanner": "repobility-ast-engine", "fingerprint": "bf12d3d8c1cb1c11763e26bf73aeab4e4b030a3808122eae8c7b5831b701b404", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bf12d3d8c1cb1c11763e26bf73aeab4e4b030a3808122eae8c7b5831b701b404"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/git.py"}, "region": {"startLine": 231}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46966, "scanner": "repobility-ast-engine", "fingerprint": "db09d2a247a0d0df0acc7c40a812e7357bd9b1a63ffb77f7747dd3c7be1f8b70", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|db09d2a247a0d0df0acc7c40a812e7357bd9b1a63ffb77f7747dd3c7be1f8b70"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/git.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46965, "scanner": "repobility-ast-engine", "fingerprint": "f555691eb7b06b8ea8851e5ebf7b051a396477b79654dba653a505c7d0a0b1f9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f555691eb7b06b8ea8851e5ebf7b051a396477b79654dba653a505c7d0a0b1f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/utils.py"}, "region": {"startLine": 348}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46964, "scanner": "repobility-ast-engine", "fingerprint": "b564951c03277c762fd5d051fcb594ab9ce8765fbd343943867f5662d65d6bff", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b564951c03277c762fd5d051fcb594ab9ce8765fbd343943867f5662d65d6bff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_files_list.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46960, "scanner": "repobility-ast-engine", "fingerprint": "4935f6c56350a68c66df97a9c1a7fdb78bc1c93dda8e957ae313c12fb1af32b3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4935f6c56350a68c66df97a9c1a7fdb78bc1c93dda8e957ae313c12fb1af32b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46959, "scanner": "repobility-ast-engine", "fingerprint": "109cf2f88b8cf7eba5f8996462d559fd03fde99f2416ae92efd6b1dc2e357979", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|109cf2f88b8cf7eba5f8996462d559fd03fde99f2416ae92efd6b1dc2e357979"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/sandbox_sync/files/test_files_list.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 46953, "scanner": "repobility-ast-engine", "fingerprint": "f41106dc3b44c69c5d20520483ac42f26c29b5e03287e7d1017df4cf10b4e94a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f41106dc3b44c69c5d20520483ac42f26c29b5e03287e7d1017df4cf10b4e94a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_stacktrace.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21815, "scanner": "repobility", "fingerprint": "5804e57a245788338132acc7aca6e77d", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 1024", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/template/types.ts"}, "region": {"startLine": 42}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21814, "scanner": "repobility", "fingerprint": "872979f6133b8bae8ecb3e3e0b4b7e3e", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 2", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/template/types.ts"}, "region": {"startLine": 37}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21813, "scanner": "repobility", "fingerprint": "e567461eed33aa092698546b34c47c16", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 60", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/commands/index.ts"}, "region": {"startLine": 79}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21812, "scanner": "repobility", "fingerprint": "f834d3b6a1ebe8661e5e7085b80a6c60", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 60", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/commands/pty.ts"}, "region": {"startLine": 41}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21811, "scanner": "repobility", "fingerprint": "e2a3f4bec9cb81d9695cd4a2f2b81e65", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 60", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/filesystem/index.ts"}, "region": {"startLine": 202}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21810, "scanner": "repobility", "fingerprint": "d97ae3be9a6053391b9f1a769f13c64f", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 100", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/sandboxApi.ts"}, "region": {"startLine": 267}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21809, "scanner": "repobility", "fingerprint": "8970fe51a552cf5b846f91e2ebc96d33", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 100", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/sandboxApi.ts"}, "region": {"startLine": 234}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21808, "scanner": "repobility", "fingerprint": "c9166ab98e394e2b08859e6f5ce85adb", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 300", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/sandboxApi.ts"}, "region": {"startLine": 207}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21807, "scanner": "repobility", "fingerprint": "2f8a7337cdf3d03a40267243f635f3f1", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 300", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/sandboxApi.ts"}, "region": {"startLine": 138}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21806, "scanner": "repobility", "fingerprint": "f6dd7e98414e011d3174072591842a1a", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 15", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/api/schema.gen.ts"}, "region": {"startLine": 2116}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21805, "scanner": "repobility", "fingerprint": "90b6b5218e45fa82f02b2761c1b91a31", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 15", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/api/schema.gen.ts"}, "region": {"startLine": 1979}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21804, "scanner": "repobility", "fingerprint": "8ba6b0addedd78d49f6a81a69e732819", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 60", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/volume/client.ts"}, "region": {"startLine": 38}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21803, "scanner": "repobility", "fingerprint": "976a4b8a02903feb0a4ab0c494ffe9f8", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "default 60", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/connectionConfig.ts"}, "region": {"startLine": 53}}}]}, {"ruleId": "QUAL002", "level": "warning", "message": {"text": "Python mutable default argument"}, "properties": {"repobilityId": 21790, "scanner": "repobility", "fingerprint": "ee087c4837fe61080159a56f76f85378", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def wait_for_build_finish(... = mutable)", "aljefra_cwe": ["CWE-1023"], "aljefra_owasp": null, "aljefra_pattern_slug": "mutable-default-arg"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template_async/build_api.py"}, "region": {"startLine": 203}}}]}, {"ruleId": "QUAL002", "level": "warning", "message": {"text": "Python mutable default argument"}, "properties": {"repobilityId": 21789, "scanner": "repobility", "fingerprint": "fa3faf7f4de3f2dcc98db08f86644be7", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def wait_for_build_finish(... = mutable)", "aljefra_cwe": ["CWE-1023"], "aljefra_owasp": null, "aljefra_pattern_slug": "mutable-default-arg"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template_sync/build_api.py"}, "region": {"startLine": 202}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21260, "scanner": "repobility", "fingerprint": "551487eaa0e8120f606b88e1af5ccabc", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def beta_pause(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/main.py"}, "region": {"startLine": 680}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21259, "scanner": "repobility", "fingerprint": "3da6fb4c501908d2564645be5541e92d", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def beta_pause(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/main.py"}, "region": {"startLine": 673}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21258, "scanner": "repobility", "fingerprint": "65bb09ede539e098b754cac3dbef8d0c", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def read_file(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/volume/volume_async.py"}, "region": {"startLine": 438}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21257, "scanner": "repobility", "fingerprint": "440783d942f527db24f890ceb7a1fe72", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def read_file(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/volume/volume_async.py"}, "region": {"startLine": 430}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21256, "scanner": "repobility", "fingerprint": "c3543ec63eb428f393870dc3b6e204d8", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def read_file(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/volume/volume_async.py"}, "region": {"startLine": 422}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21255, "scanner": "repobility", "fingerprint": "abdce68d2c2f7b6b295997343c1a891f", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def read_file(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/volume/volume_sync.py"}, "region": {"startLine": 436}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21254, "scanner": "repobility", "fingerprint": "bb30a67a57c113799f7c6efa2d77c1d5", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def read_file(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/volume/volume_sync.py"}, "region": {"startLine": 428}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21253, "scanner": "repobility", "fingerprint": "f679bc2db60587a3fc148fd5f9c7d1b3", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def read_file(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/volume/volume_sync.py"}, "region": {"startLine": 420}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21252, "scanner": "repobility", "fingerprint": "b626103e18e0c1f904ff8eafbd422720", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 144}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21251, "scanner": "repobility", "fingerprint": "2442e6dfa0ab0f2f012bdd45a4a4e34a", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 124}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21250, "scanner": "repobility", "fingerprint": "972976d42f4ea78f43c9bcdc73031e7f", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 89}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21249, "scanner": "repobility", "fingerprint": "0485610a7c518b2efaedb4d79ed9d3bc", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 83}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21248, "scanner": "repobility", "fingerprint": "c1378426460971e8a8927ad46df82ff2", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 77}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21247, "scanner": "repobility", "fingerprint": "eadb9245f98bfbcf4a8baf0a503fbd72", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 73}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21246, "scanner": "repobility", "fingerprint": "4db11af97313b2ce42ec6d560517b9d4", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 67}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21245, "scanner": "repobility", "fingerprint": "897f2139450ef8c8b7aa9eb86d6d2fd4", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 61}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21244, "scanner": "repobility", "fingerprint": "12ab2858972cbd6971e1a15f66f57f07", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 55}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21243, "scanner": "repobility", "fingerprint": "d06a800518d61b2697874286515b257d", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/filesystem/filesystem_pb2.pyi"}, "region": {"startLine": 47}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21242, "scanner": "repobility", "fingerprint": "e84a5300a834ad222cf2b4705da3a161", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 195}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21241, "scanner": "repobility", "fingerprint": "4660de4978c4943fb97330df6a76ec7b", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 183}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21240, "scanner": "repobility", "fingerprint": "6405a95de3a1bb4b7162d5358b128d88", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 128}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21239, "scanner": "repobility", "fingerprint": "28dad79e8dcffdf96eb23fde5943a1e0", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 120}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21238, "scanner": "repobility", "fingerprint": "db29b77f746dbc6eb634dab41d46104c", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 106}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21237, "scanner": "repobility", "fingerprint": "b3339b84b310d1568a36ff7a1eb0b497", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 92}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21236, "scanner": "repobility", "fingerprint": "eb46df56b225b604fff39b1b035ea872", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 81}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21235, "scanner": "repobility", "fingerprint": "86d779a2cd84f3853d88d4ad51c17bd9", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 71}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21234, "scanner": "repobility", "fingerprint": "c0d9a94d8824a70b4ae605b15f04ead2", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 61}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21233, "scanner": "repobility", "fingerprint": "400c0a17e2f42e33976b73d4520a11fb", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def __init__(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/envd/process/process_pb2.pyi"}, "region": {"startLine": 39}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21232, "scanner": "repobility", "fingerprint": "6fb7d9dc3540859b49b29feb1029530d", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def content(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/__init__.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21231, "scanner": "repobility", "fingerprint": "751afa2f257694413b038980bbf6179b", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def status_code(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/__init__.py"}, "region": {"startLine": 71}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21230, "scanner": "repobility", "fingerprint": "a254dc3e1d504b1becf6f8a6043a9a0a", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def beta_pause(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/main.py"}, "region": {"startLine": 677}}}]}, {"ruleId": "TEST002", "level": "warning", "message": {"text": "Function is stub-only (pass/raise NotImplementedError)"}, "properties": {"repobilityId": 21229, "scanner": "repobility", "fingerprint": "15ff04ac812fff1b1c08df29dbdc3480", "category": "test_quality", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "def beta_pause(...): ...", "aljefra_cwe": ["CWE-1188"], "aljefra_owasp": null, "aljefra_pattern_slug": "stub-only-function"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/main.py"}, "region": {"startLine": 670}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15629, "scanner": "repobility", "fingerprint": "c39f4760a3c499e8c1a9d17565f9b0fa", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN npm install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_from_dockerfile.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15628, "scanner": "repobility", "fingerprint": "f29b21613bb6557f367761fedfd71e74", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN pip install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/main.py"}, "region": {"startLine": 1059}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15627, "scanner": "repobility", "fingerprint": "584d804bca9f55de8e84c0302049e889", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "\tpip install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/Makefile"}, "region": {"startLine": 31}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15626, "scanner": "repobility", "fingerprint": "293ca6c0c5b81b1a54c1696506e88422", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN pip install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/start-cmd/e2b.Dockerfile"}, "region": {"startLine": 4}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15625, "scanner": "repobility", "fingerprint": "4bae7657ad2506b6f99edb73818a7c12", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN pip install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/start-cmd/e2b.Dockerfile"}, "region": {"startLine": 3}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15624, "scanner": "repobility", "fingerprint": "66bf8dc1a61ee47a44a7507ed35bec1c", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN pip install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/complex-python/e2b.Dockerfile"}, "region": {"startLine": 7}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15623, "scanner": "repobility", "fingerprint": "01c7df0edeebdd4224192755dff83558", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN npm install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/tests/template/methods/fromDockerfile.test.ts"}, "region": {"startLine": 10}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15622, "scanner": "repobility", "fingerprint": "43a5991a5234f0491186cad2449ab9e6", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN pip install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/template/types.ts"}, "region": {"startLine": 328}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15621, "scanner": "repobility", "fingerprint": "2419af69d0834fa4484c2cffbcbaef81", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN npm install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "templates/base/e2b.Dockerfile"}, "region": {"startLine": 58}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15620, "scanner": "repobility", "fingerprint": "0877438127133b416422d0bc3426650e", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN npm install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "codegen.Dockerfile"}, "region": {"startLine": 51}}}]}, {"ruleId": "SUPC002", "level": "warning", "message": {"text": "Supply chain \u2014 npm install without lockfile"}, "properties": {"repobilityId": 15619, "scanner": "repobility", "fingerprint": "2c4df8792c3df03e00d8f7ef05a07499", "category": "supply_chain", "severity": "medium", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "RUN pip install", "aljefra_cwe": ["CWE-1357"], "aljefra_owasp": "A06:2021", "aljefra_pattern_slug": "npm-install-no-lockfile"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "codegen.Dockerfile"}, "region": {"startLine": 37}}}]}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 7033, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django", "Next.js"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "DKR007", "level": "warning", "message": {"text": "Docker build context has no .dockerignore"}, "properties": {"repobilityId": 7032, "scanner": "repobility-docker", "fingerprint": "c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Dockerfile exists but repository root has no .dockerignore.", "evidence": {"rule_id": "DKR007", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 7031, "scanner": "repobility-docker", "fingerprint": "e61f17ca40441140805f8e91de206f543dba25f4551829fa1f643fc9d8c7603e", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "ubuntu:latest", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|e61f17ca40441140805f8e91de206f543dba25f4551829fa1f643fc9d8c7603e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/testground/demo-basic/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR003", "level": "warning", "message": {"text": "Dockerfile base image uses the latest tag"}, "properties": {"repobilityId": 7030, "scanner": "repobility-docker", "fingerprint": "b8d269d5989f3e4b3092ce5dd732360cd47a79071622207643ae76e42a952c88", "category": "docker", "severity": "medium", "confidence": 0.94, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Image tag is latest.", "evidence": {"image": "ubuntu:latest", "rule_id": "DKR003", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|b8d269d5989f3e4b3092ce5dd732360cd47a79071622207643ae76e42a952c88"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/testground/demo-basic/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 7027, "scanner": "repobility-threat-engine", "fingerprint": "1b275e9f63c0a3d75506db57ab1799b368b38e67ce4557064f99f29450c83f56", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "fixed", "verdict": "confirmed", "isResolved": true, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1b275e9f63c0a3d75506db57ab1799b368b38e67ce4557064f99f29450c83f56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/dockerfile_parser.py"}, "region": {"startLine": 275}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 7025, "scanner": "repobility-threat-engine", "fingerprint": "62c6d6ce235eed88593534e31ddbb40e937dceb7dbc3c70522fae8cb7efc644a", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".catch(() => {})", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|62c6d6ce235eed88593534e31ddbb40e937dceb7dbc3c70522fae8cb7efc644a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/create.ts"}, "region": {"startLine": 116}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 7023, "scanner": "repobility-agent-runtime", "fingerprint": "496ec9df44305d88749630664f026242e190b851be3e03b9cf18d52f2e0d7e59", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|496ec9df44305d88749630664f026242e190b851be3e03b9cf18d52f2e0d7e59"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/main.py"}, "region": {"startLine": 192}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 7022, "scanner": "repobility-agent-runtime", "fingerprint": "2570b0568931a3f9bd888345a571a470cf864ae89f9f163d8f1633be3e21299d", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|2570b0568931a3f9bd888345a571a470cf864ae89f9f163d8f1633be3e21299d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/main.py"}, "region": {"startLine": 194}}}]}, {"ruleId": "AGT005", "level": "warning", "message": {"text": "Calendar/event date parsing can crash on malformed persisted data"}, "properties": {"repobilityId": 7021, "scanner": "repobility-agent-runtime", "fingerprint": "b8a5450e3e5d7efaa0bc573c9bd216e6b375833c7d9bb0d11db6d0159a6c88be", "category": "quality", "severity": "medium", "confidence": 0.76, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File parses startAt/endAt directly with new Date but does not show an isValid/isNaN/parseISO guard.", "evidence": {"rule_id": "AGT005", "scanner": "repobility-agent-runtime", "references": ["https://react.dev/reference/react/useEffect"], "correlation_key": "fp|b8a5450e3e5d7efaa0bc573c9bd216e6b375833c7d9bb0d11db6d0159a6c88be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/sandboxApi.ts"}, "region": {"startLine": 609}}}]}, {"ruleId": "AGT005", "level": "warning", "message": {"text": "Calendar/event date parsing can crash on malformed persisted data"}, "properties": {"repobilityId": 7020, "scanner": "repobility-agent-runtime", "fingerprint": "75211a4ea901649b71f05967f556dd3136450dca0cfafe83b13e28e6139fcf17", "category": "quality", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File parses startAt/endAt directly with new Date but does not show an isValid/isNaN/parseISO guard.", "evidence": {"rule_id": "AGT005", "scanner": "repobility-agent-runtime", "references": ["https://react.dev/reference/react/useEffect"], "correlation_key": "fp|75211a4ea901649b71f05967f556dd3136450dca0cfafe83b13e28e6139fcf17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/list.ts"}, "region": {"startLine": 98}}}]}, {"ruleId": "AIC001", "level": "warning", "message": {"text": "Parallel implementation file sits beside a canonical file"}, "properties": {"repobilityId": 7005, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d1348586dde21e7ddd812e12ad30978d9ea4a92b08a0d9c22a3cc15e88021ecb", "category": "quality", "severity": "medium", "confidence": 0.82, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "Source filename has a patch-style suffix and a same-directory canonical sibling exists.", "evidence": {"suffix": "v3", "rule_id": "AIC001", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195", "https://knip.dev/"], "canonical_file": "packages/python-sdk/e2b/api/client/models/template_build_request.py", "correlation_key": "fp|d1348586dde21e7ddd812e12ad30978d9ea4a92b08a0d9c22a3cc15e88021ecb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_build_request_v3.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC001", "level": "warning", "message": {"text": "Parallel implementation file sits beside a canonical file"}, "properties": {"repobilityId": 7004, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f9b845b0dff74ae96fce6a0667e8d062fd95876f03d9d5142ec46b13681fb153", "category": "quality", "severity": "medium", "confidence": 0.82, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "Source filename has a patch-style suffix and a same-directory canonical sibling exists.", "evidence": {"suffix": "v2", "rule_id": "AIC001", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195", "https://knip.dev/"], "canonical_file": "packages/python-sdk/e2b/api/client/models/template_build_request.py", "correlation_key": "fp|f9b845b0dff74ae96fce6a0667e8d062fd95876f03d9d5142ec46b13681fb153"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_build_request_v2.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `_parse_response` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=1, for=1, if=5, nested_bonus=1."}, "properties": {"repobilityId": 47109, "scanner": "repobility-threat-engine", "fingerprint": "6dfcff85c8b32efb2890c3dad27faec0a047b390e06f07d3f35c40289caa15e9", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "_parse_response", "breakdown": {"if": 5, "for": 1, "else": 1, "nested_bonus": 1}, "complexity": 8, "correlation_key": "fp|6dfcff85c8b32efb2890c3dad27faec0a047b390e06f07d3f35c40289caa15e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `handle_api_exception` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, if=5, nested_bonus=2, ternary=1."}, "properties": {"repobilityId": 47108, "scanner": "repobility-threat-engine", "fingerprint": "e6645ef4a77e0d7c12d0001fffb05c76bfbaafa1cab03e3004abeeb2d15a993c", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "handle_api_exception", "breakdown": {"if": 5, "except": 1, "ternary": 1, "nested_bonus": 2}, "complexity": 9, "correlation_key": "fp|e6645ef4a77e0d7c12d0001fffb05c76bfbaafa1cab03e3004abeeb2d15a993c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/__init__.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "SEC075", "level": "note", "message": {"text": "[SEC075] Dockerfile: no HEALTHCHECK: No HEALTHCHECK directive \u2014 orchestrators can't detect a wedged process. Ported from trivy DS026 / checkov CKV_DOCKER_2 (Apache-2.0). Implement file-level: skip if file contains `^\\s*HEALTHCHECK\\b`."}, "properties": {"repobilityId": 47092, "scanner": "repobility-threat-engine", "fingerprint": "55b217aba521d28a06c65425ea916f2591fcdb223d28317f40988ed58535bb2a", "category": "docker", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "import json\nimport os\nimport re\nimport tempfile\nfrom typing import Dict, List, Optional, Protocol, U", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC075", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|55b217aba521d28a06c65425ea916f2591fcdb223d28317f40988ed58535bb2a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/dockerfile_parser.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC075", "level": "note", "message": {"text": "[SEC075] Dockerfile: no HEALTHCHECK: No HEALTHCHECK directive \u2014 orchestrators can't detect a wedged process. Ported from trivy DS026 / checkov CKV_DOCKER_2 (Apache-2.0). Implement file-level: skip if file contains `^\\s*HEALTHCHECK\\b`."}, "properties": {"repobilityId": 47090, "scanner": "repobility-threat-engine", "fingerprint": "47e0077adb308982e9be2e612665a5d6dfa84ac1fce7a933167bea2207249a18", "category": "docker", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "import { CopyItem } from './types'\nimport {\n  Argument,\n  DockerfileParser,\n  Instruction as Dockerf", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC075", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|47e0077adb308982e9be2e612665a5d6dfa84ac1fce7a933167bea2207249a18"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/template/dockerfileParser.ts"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46907, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e3abfddc5cd9851f9702a87493e0752a1e0f775fcf9e21b5b110e0b176c54e07", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_connect.py", "duplicate_line": 30, "correlation_key": "fp|e3abfddc5cd9851f9702a87493e0752a1e0f775fcf9e21b5b110e0b176c54e07"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/tags/post_templates_tags.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46906, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4dd444dc310828e179dcb0c7ff6283a23e11e80c6b1edae2a19f1547cae7229a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|4dd444dc310828e179dcb0c7ff6283a23e11e80c6b1edae2a19f1547cae7229a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/tags/delete_templates_tags.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46905, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f3805cf2ab8bd3d3adfa4797f7e2ef9385f49a23661396f6cb8d60f9bc8aa4de", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id_metrics.py", "duplicate_line": 33, "correlation_key": "fp|f3805cf2ab8bd3d3adfa4797f7e2ef9385f49a23661396f6cb8d60f9bc8aa4de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/tags/delete_templates_tags.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46904, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8b0dca8082d027c19212c1f42165b96c6740f6f092d5d3b3ae55577d0d66ec79", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_pause.py", "duplicate_line": 16, "correlation_key": "fp|8b0dca8082d027c19212c1f42165b96c6740f6f092d5d3b3ae55577d0d66ec79"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/put_sandboxes_sandbox_id_network.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46903, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9df1905d9f2cf687abbcc2e37b87ba70390ef2058e6f8e59751d2633d6ed5576", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 15, "correlation_key": "fp|9df1905d9f2cf687abbcc2e37b87ba70390ef2058e6f8e59751d2633d6ed5576"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/put_sandboxes_sandbox_id_network.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46902, "scanner": "repobility-ai-code-hygiene", "fingerprint": "58aa9fe5de792dd0475032e4e2df25714e89239f8da9084da73407f901ac5905", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_refreshes.py", "duplicate_line": 19, "correlation_key": "fp|58aa9fe5de792dd0475032e4e2df25714e89239f8da9084da73407f901ac5905"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/put_sandboxes_sandbox_id_network.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46901, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2cc1b1057b778e4274665e185c216afcc9ce5e5b715e1eb3a712e7896465bd95", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 15, "correlation_key": "fp|2cc1b1057b778e4274665e185c216afcc9ce5e5b715e1eb3a712e7896465bd95"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_timeout.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46900, "scanner": "repobility-ai-code-hygiene", "fingerprint": "766681bd450113a46283aa4799b45284254db19fec0482a2c4ec8bc266c01091", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_refreshes.py", "duplicate_line": 19, "correlation_key": "fp|766681bd450113a46283aa4799b45284254db19fec0482a2c4ec8bc266c01091"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_timeout.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46899, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c504cea11bdbcf5ccc1a374bb3bd4da66a8bb7726f80e33f1ab973108b1ab92f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|c504cea11bdbcf5ccc1a374bb3bd4da66a8bb7726f80e33f1ab973108b1ab92f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_snapshots.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46898, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8e61eb85c5730fb24a3ca0a1b4d349d68ff49fba22f2fd5dafcd648500aaee14", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id_metrics.py", "duplicate_line": 33, "correlation_key": "fp|8e61eb85c5730fb24a3ca0a1b4d349d68ff49fba22f2fd5dafcd648500aaee14"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_snapshots.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46897, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b30c67fca3612ed3d8a25d927fde9a106f0b489d8dfe88eb85b30b67e2e12add", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_connect.py", "duplicate_line": 30, "correlation_key": "fp|b30c67fca3612ed3d8a25d927fde9a106f0b489d8dfe88eb85b30b67e2e12add"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_snapshots.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46896, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bed7f1eb6f7d97622963eb6f0d0c3aa810e410391f0c39f5db9c9a670e5f4ede", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_connect.py", "duplicate_line": 45, "correlation_key": "fp|bed7f1eb6f7d97622963eb6f0d0c3aa810e410391f0c39f5db9c9a670e5f4ede"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_resume.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46895, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1e2b7a8e01addd2f2e7cad6b2b8a53932e1e418b61c51f15374e6c73f5020ada", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes.py", "duplicate_line": 33, "correlation_key": "fp|1e2b7a8e01addd2f2e7cad6b2b8a53932e1e418b61c51f15374e6c73f5020ada"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_resume.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46894, "scanner": "repobility-ai-code-hygiene", "fingerprint": "60f56f1087976d9fa2004713adccfae55588f2c1c9f2cc5169364a5d7f55655c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_pause.py", "duplicate_line": 21, "correlation_key": "fp|60f56f1087976d9fa2004713adccfae55588f2c1c9f2cc5169364a5d7f55655c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_resume.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46893, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d6d561c7d7302623f51e4c10335b9f611ccf973a13e03584f79adc3709555f08", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 15, "correlation_key": "fp|d6d561c7d7302623f51e4c10335b9f611ccf973a13e03584f79adc3709555f08"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_refreshes.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46892, "scanner": "repobility-ai-code-hygiene", "fingerprint": "920351e4b94fe13e45170dc7c4878b28d6a8a47d19a91a977f4a5e5a15730e0d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 14, "correlation_key": "fp|920351e4b94fe13e45170dc7c4878b28d6a8a47d19a91a977f4a5e5a15730e0d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_pause.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46891, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bb73d935b041f5181563227caeb57ca753bc057496ae64cd082916112dcd7c87", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes.py", "duplicate_line": 33, "correlation_key": "fp|bb73d935b041f5181563227caeb57ca753bc057496ae64cd082916112dcd7c87"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_connect.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 46890, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4e439f7c34385fe5d37edaae96b4b7d38a5f6d988d1520ae49d487ed4c07de5a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/js-sdk/src/api/http2.ts", "duplicate_line": 57, "correlation_key": "fp|4e439f7c34385fe5d37edaae96b4b7d38a5f6d988d1520ae49d487ed4c07de5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/envd/http2.ts"}, "region": {"startLine": 51}}}]}, {"ruleId": "SEC022", "level": "note", "message": {"text": "[SEC022] Database URL With Embedded Credential: A database connection URL contains an embedded username and password. These URLs are often copied into defaults, docs, and scripts, then leak working credentials."}, "properties": {"repobilityId": 7028, "scanner": "repobility-threat-engine", "fingerprint": "d77434046c299a0eb308592be4781f92e5e7ebbcf0b9aa32eb73e6d90133ce69", "category": "credential_exposure", "severity": "low", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Value contains development/placeholder marker", "evidence": {"match": "mysql://user:password@", "reason": "Value contains development/placeholder marker", "rule_id": "SEC022", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "secret|token|23|mysql://user:password"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/mcp.py"}, "region": {"startLine": 240}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7019, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a0fc1f0aec2b5318e4cfbf653e8f3a1a54148ec355cc3bda02a407be15cc9881", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|a0fc1f0aec2b5318e4cfbf653e8f3a1a54148ec355cc3bda02a407be15cc9881"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_connect.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7018, "scanner": "repobility-ai-code-hygiene", "fingerprint": "533d2725d3f6d4e5d2762ab8ae98c1fce63f0db286888a2b28eb29e65d8ae0b4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id_metrics.py", "duplicate_line": 33, "correlation_key": "fp|533d2725d3f6d4e5d2762ab8ae98c1fce63f0db286888a2b28eb29e65d8ae0b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes_sandbox_id_connect.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7017, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2f9b09ef8f8b8a10943ff7157106d7cfe05e4b56d5d017070c37a37106cc104d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes.py", "duplicate_line": 30, "correlation_key": "fp|2f9b09ef8f8b8a10943ff7157106d7cfe05e4b56d5d017070c37a37106cc104d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/post_sandboxes.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7016, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fc574fbbb188ec4b506874ca8b31ab03e00a40ba0e8ea641404651268b7390c9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|fc574fbbb188ec4b506874ca8b31ab03e00a40ba0e8ea641404651268b7390c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_v_2_sandboxes_sandbox_id_logs.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7015, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9e016069bca987c3d52510312689e31b2b1882964b460bef98ce7f1cb6c7bfc2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|9e016069bca987c3d52510312689e31b2b1882964b460bef98ce7f1cb6c7bfc2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_v_2_sandboxes_sandbox_id_logs.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7014, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ca7a7da6b7de9f87fe8e2b4a6d0795ca94291131b6a3d958469c2a985871ec3b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes.py", "duplicate_line": 18, "correlation_key": "fp|ca7a7da6b7de9f87fe8e2b4a6d0795ca94291131b6a3d958469c2a985871ec3b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_v2_sandboxes.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7013, "scanner": "repobility-ai-code-hygiene", "fingerprint": "272ecae62a6b120f4ca02f54e457396d3184d0ce4ae138c18bf438f559f932e2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|272ecae62a6b120f4ca02f54e457396d3184d0ce4ae138c18bf438f559f932e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id_metrics.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7012, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3f6930f0c0aef8e28e9a6a4814130e8cff454657621fc3400ce8338eba0c1b64", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|3f6930f0c0aef8e28e9a6a4814130e8cff454657621fc3400ce8338eba0c1b64"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id_logs.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7011, "scanner": "repobility-ai-code-hygiene", "fingerprint": "82d05d576c0db2408c5c9f04d3bac11f220a83c71956a6af4a33e59b5d78ff4b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|82d05d576c0db2408c5c9f04d3bac11f220a83c71956a6af4a33e59b5d78ff4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id_logs.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7010, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6aba22780118319b1a1b8ac892ead65fcadf17acda1f03e11298758a403f9019", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/delete_sandboxes_sandbox_id.py", "duplicate_line": 21, "correlation_key": "fp|6aba22780118319b1a1b8ac892ead65fcadf17acda1f03e11298758a403f9019"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_sandbox_id.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7009, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f79c40a186b91a694a054079df757ee9952af507ea9f818bfc1ec51f6265b838", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes.py", "duplicate_line": 29, "correlation_key": "fp|f79c40a186b91a694a054079df757ee9952af507ea9f818bfc1ec51f6265b838"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/api/sandboxes/get_sandboxes_metrics.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 7008, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dadbf17859bd43605dae8db5e9b5d89b112ce237baad01be062060f3e19dc656", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/js-sdk/src/envd/filesystem/filesystem_pb.ts", "duplicate_line": 1, "correlation_key": "fp|dadbf17859bd43605dae8db5e9b5d89b112ce237baad01be062060f3e19dc656"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/envd/process/process_pb.ts"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 7007, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ea12b7dfd2d0a51b448e2cb042f473f666266b26b25679c2f04b76eabfc2c1cf", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "fixed", "verdict": "needs_review", "isResolved": true, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "v3", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|ea12b7dfd2d0a51b448e2cb042f473f666266b26b25679c2f04b76eabfc2c1cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_request_response_v3.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 7006, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dd21369687908b401076e4bdbfe1cc1f27f4ba5518675c91a77ecf0ce724b0ff", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "fixed", "verdict": "needs_review", "isResolved": true, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "v2", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|dd21369687908b401076e4bdbfe1cc1f27f4ba5518675c91a77ecf0ce724b0ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_build_start_v2.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 47130, "scanner": "repobility-threat-engine", "fingerprint": "3ed4a11ec48650075e843160edf55362aa121897a652d0286a1dc826dd94d954", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|3ed4a11ec48650075e843160edf55362aa121897a652d0286a1dc826dd94d954", "aggregated_count": 1}}}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 47122, "scanner": "repobility-threat-engine", "fingerprint": "f21a509cb42d5a10654d67728dd01be5ca388dbc41df3dd3b607b559fba18ef1", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|f21a509cb42d5a10654d67728dd01be5ca388dbc41df3dd3b607b559fba18ef1", "aggregated_count": 5}}}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 47121, "scanner": "repobility-threat-engine", "fingerprint": "e29a36ebbfb448fd707d56f5c7960fa454b3be851f7aaf0d09327046998d0cd7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e29a36ebbfb448fd707d56f5c7960fa454b3be851f7aaf0d09327046998d0cd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/commands/main.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 47119, "scanner": "repobility-threat-engine", "fingerprint": "10ac9b480be2490bae6f7579cef68a5509ea0816d8db8b690e9f0c99daf11c7e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|10ac9b480be2490bae6f7579cef68a5509ea0816d8db8b690e9f0c99daf11c7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/commands/command_handle.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 47117, "scanner": "repobility-threat-engine", "fingerprint": "c7391daa9447ed35fe85ba721ea19d7f7f329e7470e35a0355d42dbd63f8bca7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c7391daa9447ed35fe85ba721ea19d7f7f329e7470e35a0355d42dbd63f8bca7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/_git/types.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "properties": {"repobilityId": 47116, "scanner": "repobility-threat-engine", "fingerprint": "cd4ff08cbb509778875d04bc81c4d5dddf6eb913fbf65972cae2187283af5035", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 12 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|cd4ff08cbb509778875d04bc81c4d5dddf6eb913fbf65972cae2187283af5035", "aggregated_count": 12}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 47115, "scanner": "repobility-threat-engine", "fingerprint": "ddb894229a05a21659dab11c77119cbf8e4cd0e4e771e2ea9c6d43969e1b129a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ddb894229a05a21659dab11c77119cbf8e4cd0e4e771e2ea9c6d43969e1b129a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/team_api_key.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 47114, "scanner": "repobility-threat-engine", "fingerprint": "ee8d8b772f968368f2621d969f935d4f639a97d9eb9dc97742c466fcba41b7f3", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ee8d8b772f968368f2621d969f935d4f639a97d9eb9dc97742c466fcba41b7f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/new_sandbox.py"}, "region": {"startLine": 155}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 47112, "scanner": "repobility-threat-engine", "fingerprint": "a8e8a2d14adcc31739e579a0887dd668aa9ddd0699cf4adb349f12d884298d19", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a8e8a2d14adcc31739e579a0887dd668aa9ddd0699cf4adb349f12d884298d19"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/created_team_api_key.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 34 more): Same pattern found in 34 additional files. Review if needed."}, "properties": {"repobilityId": 47110, "scanner": "repobility-threat-engine", "fingerprint": "f32658a5bd3d365389dc9d8dcea6e6d2e8635eb72198c95a3e3592aeed9da33b", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 34 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "__init__", "breakdown": {"if": 9, "or": 2, "ternary": 2, "recursion": 1, "nested_bonus": 2}, "aggregated": true, "complexity": 16, "correlation_key": "fp|f32658a5bd3d365389dc9d8dcea6e6d2e8635eb72198c95a3e3592aeed9da33b", "aggregated_count": 34}}}, {"ruleId": "SEC034", "level": "none", "message": {"text": "[SEC034] Log Injection / Log Forging \u2014 unsanitized user input in log (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 47105, "scanner": "repobility-threat-engine", "fingerprint": "ef1de2b205a575342e12c9f71cad0f292ab32e48606665e0a711fdbfede1d1af", "category": "log_injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC034", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|ef1de2b205a575342e12c9f71cad0f292ab32e48606665e0a711fdbfede1d1af"}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 47086, "scanner": "repobility-threat-engine", "fingerprint": "a938c233e043cc853814bd1aa5f07f615e4331302a1e24d0791445c902565e6d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a938c233e043cc853814bd1aa5f07f615e4331302a1e24d0791445c902565e6d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/connection_config.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 47084, "scanner": "repobility-threat-engine", "fingerprint": "8ec857b6a8b87caa795924f100f7155d59101ea791ec8d6305d58a92f4440033", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8ec857b6a8b87caa795924f100f7155d59101ea791ec8d6305d58a92f4440033"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/connectionConfig.ts"}, "region": {"startLine": 244}}}]}, {"ruleId": "MINED054", "level": "none", "message": {"text": "[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely."}, "properties": {"repobilityId": 47081, "scanner": "repobility-threat-engine", "fingerprint": "b5d9c372d3510879d103ec78d23ae8599b18e764dfabe410582efd8e9eb32d01", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-as-any", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348028+00:00", "triaged_in_corpus": 12, "observations_count": 341218, "ai_coder_pattern_id": 98}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b5d9c372d3510879d103ec78d23ae8599b18e764dfabe410582efd8e9eb32d01"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/utils.ts"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED054", "level": "none", "message": {"text": "[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely."}, "properties": {"repobilityId": 47080, "scanner": "repobility-threat-engine", "fingerprint": "a79c5286955b446d50ecb59d541ce9269e8043dd24eacb87f5a04df56e995f2e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-as-any", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348028+00:00", "triaged_in_corpus": 12, "observations_count": 341218, "ai_coder_pattern_id": 98}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a79c5286955b446d50ecb59d541ce9269e8043dd24eacb87f5a04df56e995f2e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/index.ts"}, "region": {"startLine": 30}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 80 more): Same pattern found in 80 additional files. Review if needed."}, "properties": {"repobilityId": 47079, "scanner": "repobility-threat-engine", "fingerprint": "868497fe79f215272919a8244f997b4c49df70698a822a30d9d87f9ac348b460", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 80 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 80 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|868497fe79f215272919a8244f997b4c49df70698a822a30d9d87f9ac348b460"}}}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 47072, "scanner": "repobility-threat-engine", "fingerprint": "c9998e464bf937855ec84857cab041ec3d5e095aba320abce5717ead3ba4c3dc", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c9998e464bf937855ec84857cab041ec3d5e095aba320abce5717ead3ba4c3dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/undici.ts"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 47071, "scanner": "repobility-threat-engine", "fingerprint": "e1285a98cce4986145794da729717e1b8ed64bca746bf5d87b3757e16951e6aa", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e1285a98cce4986145794da729717e1b8ed64bca746bf5d87b3757e16951e6aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/envd/rpc.ts"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 47069, "scanner": "repobility-threat-engine", "fingerprint": "f9acfd8be07a6decadc58cb1b0c493d63b84d6fa00379583f819e602efdc9724", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f9acfd8be07a6decadc58cb1b0c493d63b84d6fa00379583f819e602efdc9724"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/template/buildWithProxy.ts"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED052", "level": "none", "message": {"text": "[MINED052] Ts Any Typed (and 20 more): Same pattern found in 20 additional files. Review if needed."}, "properties": {"repobilityId": 47065, "scanner": "repobility-threat-engine", "fingerprint": "87a25b5d2136cb25a9c0e8ca888d0ef9def52d4db675882cc34d89f0fea209d1", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 20 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "ts-any-typed", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348022+00:00", "triaged_in_corpus": 12, "observations_count": 496002, "ai_coder_pattern_id": 97}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|87a25b5d2136cb25a9c0e8ca888d0ef9def52d4db675882cc34d89f0fea209d1", "aggregated_count": 20}}}, {"ruleId": "MINED052", "level": "none", "message": {"text": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety."}, "properties": {"repobilityId": 47063, "scanner": "repobility-threat-engine", "fingerprint": "90502f7b05d108003b044498dab2a5941e040d3010e23442731b64aabee06c0b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-any-typed", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348022+00:00", "triaged_in_corpus": 12, "observations_count": 496002, "ai_coder_pattern_id": 97}, "scanner": "repobility-threat-engine", "correlation_key": "fp|90502f7b05d108003b044498dab2a5941e040d3010e23442731b64aabee06c0b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/exec.ts"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED052", "level": "none", "message": {"text": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety."}, "properties": {"repobilityId": 47061, "scanner": "repobility-threat-engine", "fingerprint": "0c852c375f02a166a83056746bbcaa34c8ceb6fef6b3cd2d39d3ce0feeffe072", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-any-typed", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348022+00:00", "triaged_in_corpus": 12, "observations_count": 496002, "ai_coder_pattern_id": 97}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0c852c375f02a166a83056746bbcaa34c8ceb6fef6b3cd2d39d3ce0feeffe072"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/create.ts"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED052", "level": "none", "message": {"text": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety."}, "properties": {"repobilityId": 47060, "scanner": "repobility-threat-engine", "fingerprint": "67bfdafa53e1b3fbb97db62202881bbf269fe3d244700da50ba74b7dea12a3da", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-any-typed", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348022+00:00", "triaged_in_corpus": 12, "observations_count": 496002, "ai_coder_pattern_id": 97}, "scanner": "repobility-threat-engine", "correlation_key": "fp|67bfdafa53e1b3fbb97db62202881bbf269fe3d244700da50ba74b7dea12a3da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/connect.ts"}, "region": {"startLine": 26}}}]}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "properties": {"repobilityId": 47058, "scanner": "repobility-threat-engine", "fingerprint": "0f70dcb830f007110a79342e3f81eda77503ccc94f6c49e7c60c391ea17cb0cb", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 10 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 10 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|0f70dcb830f007110a79342e3f81eda77503ccc94f6c49e7c60c391ea17cb0cb"}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod (and 31 more): Same pattern found in 31 additional files. Review if needed."}, "properties": {"repobilityId": 47051, "scanner": "repobility-threat-engine", "fingerprint": "d9e39829123f3e9f450928a62e6b542c8fb15491c89f00035a0c6548ca7fc599", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 31 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|d9e39829123f3e9f450928a62e6b542c8fb15491c89f00035a0c6548ca7fc599", "aggregated_count": 31}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 47048, "scanner": "repobility-threat-engine", "fingerprint": "a298ba5541d240a332e0b035be2b0ba6305638c61e6d3c24ccd3804866656357", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a298ba5541d240a332e0b035be2b0ba6305638c61e6d3c24ccd3804866656357"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/auth/info.ts"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 47046, "scanner": "repobility-threat-engine", "fingerprint": "3704113cd1105b08db95b266e03e64c307ddbefc3fcc3757c502c1452a689ab9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3704113cd1105b08db95b266e03e64c307ddbefc3fcc3757c502c1452a689ab9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/auth/configure.ts"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 47044, "scanner": "repobility-threat-engine", "fingerprint": "5eff99c69bcfb426c5ddcf55c8722b623ed17f3a4b07ffc4c9190400f280f127", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5eff99c69bcfb426c5ddcf55c8722b623ed17f3a4b07ffc4c9190400f280f127"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/api.ts"}, "region": {"startLine": 55}}}]}, {"ruleId": "SEC001", "level": "none", "message": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "properties": {"repobilityId": 7026, "scanner": "repobility-threat-engine", "fingerprint": "fd552f514bafe02ddc23f6b8cc1931cbd5f1b135bcfd9623e742955558114e31", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe context pattern detected", "evidence": {"match": "password='<redacted>'", "reason": "Safe context pattern detected", "rule_id": "SEC001", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "secret|token|100|password redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/main.py"}, "region": {"startLine": 1004}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 7024, "scanner": "repobility-threat-engine", "fingerprint": "b548bc966c133ba25d9c2371444ebb16a72d3099b1f225b452a6beaf40df660f", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "console.error(authErrorBox('E2B_API_KEY')", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|packages/cli/src/api.ts|5|console.error autherrorbox e2b_api_key"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/api.ts"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 47128, "scanner": "repobility-threat-engine", "fingerprint": "f6dc4073eef4dd2c9c5c98ba512d8da3eae590bcb9fcef2e87173ee73a428968", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f6dc4073eef4dd2c9c5c98ba512d8da3eae590bcb9fcef2e87173ee73a428968"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_sync/commands/command_handle.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 47126, "scanner": "repobility-threat-engine", "fingerprint": "aba181a9099353f4933edea07280dfdf2cca3a3c6540b370bbb30d0ca6768404", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|aba181a9099353f4933edea07280dfdf2cca3a3c6540b370bbb30d0ca6768404"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/filesystem/watch_handle.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 47124, "scanner": "repobility-threat-engine", "fingerprint": "759395aab02d50df584b63eb31c55922a2efd94fa691bfe0b4b5f194b08290c0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|759395aab02d50df584b63eb31c55922a2efd94fa691bfe0b4b5f194b08290c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/commands/command_handle.py"}, "region": {"startLine": 143}}}]}, {"ruleId": "SEC083", "level": "error", "message": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "properties": {"repobilityId": 47097, "scanner": "repobility-threat-engine", "fingerprint": "48291deb76a8bd79c81f3f9e66c5468b78fc6c5f7d80f301d403342bf195560d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new RegExp(pattern", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC083", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|48291deb76a8bd79c81f3f9e66c5468b78fc6c5f7d80f301d403342bf195560d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/utils.ts"}, "region": {"startLine": 99}}}]}, {"ruleId": "SEC069", "level": "error", "message": {"text": "[SEC069] Dockerfile: no USER directive (runs as root): Container runs as root because no USER directive was set. Ported from trivy DS002 / checkov CKV_DOCKER_3 (Apache-2.0). Implement as a file-level rule: skip if file contains `^\\s*USER\\s+\\S+` other than `root`."}, "properties": {"repobilityId": 47089, "scanner": "repobility-threat-engine", "fingerprint": "d3f615234d76641cbd70294232113c98c5ea6910f364c81a3832593d2a0dc217", "category": "docker", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "import json\nimport os\nimport re\nimport tempfile\nfrom typing import Dict, List, Optional, Protocol, U", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC069", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d3f615234d76641cbd70294232113c98c5ea6910f364c81a3832593d2a0dc217"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/dockerfile_parser.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC069", "level": "error", "message": {"text": "[SEC069] Dockerfile: no USER directive (runs as root): Container runs as root because no USER directive was set. Ported from trivy DS002 / checkov CKV_DOCKER_3 (Apache-2.0). Implement as a file-level rule: skip if file contains `^\\s*USER\\s+\\S+` other than `root`."}, "properties": {"repobilityId": 47087, "scanner": "repobility-threat-engine", "fingerprint": "356f288fd68a7e19d8c917c034de2a8d81243bb0863c9ba42f5f149128357cef", "category": "docker", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "import { CopyItem } from './types'\nimport {\n  Argument,\n  DockerfileParser,\n  Instruction as Dockerf", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC069", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|356f288fd68a7e19d8c917c034de2a8d81243bb0863c9ba42f5f149128357cef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/template/dockerfileParser.ts"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED016", "level": "error", "message": {"text": "[MINED016] Go Error Ignored: _, err := fn() with err not checked. Go anti-pattern."}, "properties": {"repobilityId": 47083, "scanner": "repobility-threat-engine", "fingerprint": "64f1fa2897c5cef8cfd53db086c34dc9bf0a601b9f4a67c3e0aeca2301e85a6c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-error-ignored", "owasp": null, "cwe_ids": ["CWE-754"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347935+00:00", "triaged_in_corpus": 15, "observations_count": 83036, "ai_coder_pattern_id": 107}, "scanner": "repobility-threat-engine", "correlation_key": "fp|64f1fa2897c5cef8cfd53db086c34dc9bf0a601b9f4a67c3e0aeca2301e85a6c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/connect-python/cmd/protoc-gen-connect-python/main.go"}, "region": {"startLine": 72}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 47077, "scanner": "repobility-threat-engine", "fingerprint": "5d53b9ea0bc19111d3361fc06c04539bc40f6250ce58fa3e9ce547178f94efb3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "headers.update(more_headers)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5d53b9ea0bc19111d3361fc06c04539bc40f6250ce58fa3e9ce547178f94efb3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/__init__.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 47075, "scanner": "repobility-threat-engine", "fingerprint": "79b2c2553fbf1f86bfdbf140116f45816f819fc9bf1a4d7b1265b76efd1e784c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "resizeListener.destroy()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|79b2c2553fbf1f86bfdbf140116f45816f819fc9bf1a4d7b1265b76efd1e784c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/terminal.ts"}, "region": {"startLine": 58}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 47074, "scanner": "repobility-threat-engine", "fingerprint": "ecc180b56c36c03d3151269f619de09325849524370e8ce1928ffcaae9ca0600", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pkgJson.update({\n      scripts: {\n        ...pkgJson.content.scripts,\n        'e2b:build:dev':", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|ecc180b56c36c03d3151269f619de09325849524370e8ce1928ffcaae9ca0600"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/template/init.ts"}, "region": {"startLine": 113}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 47068, "scanner": "repobility-threat-engine", "fingerprint": "bc92f0cf0520832296ad8b5b150d681fe7f9c660c8206f7f22ce259e647c1417", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "map((line) => `  ${line}", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|bc92f0cf0520832296ad8b5b150d681fe7f9c660c8206f7f22ce259e647c1417"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/info.ts"}, "region": {"startLine": 97}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 47057, "scanner": "repobility-threat-engine", "fingerprint": "099804c38ca0dda623e3d227ddac8eb6dff707b61845fb4fa497348700b87148", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(\n        c", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|099804c38ca0dda623e3d227ddac8eb6dff707b61845fb4fa497348700b87148"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/template/buildWithProxy.ts"}, "region": {"startLine": 142}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 47055, "scanner": "repobility-threat-engine", "fingerprint": "1594be45ea681f9c5274fa2f03153c5920d864372320ff8d05e653c3d6e36027", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Url(s", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1594be45ea681f9c5274fa2f03153c5920d864372320ff8d05e653c3d6e36027"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/create.ts"}, "region": {"startLine": 76}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 47053, "scanner": "repobility-threat-engine", "fingerprint": "63ff210d88edcb9358bf87fa46e6bdbd039675ad4f5ebde3fd8ffa740987097c", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Url(s", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|63ff210d88edcb9358bf87fa46e6bdbd039675ad4f5ebde3fd8ffa740987097c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/sandbox/connect.ts"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47027, "scanner": "repobility-supply-chain", "fingerprint": "39e5460048661c033cad4ae8dfb75a7cbc8acfd3e6cbfc604c7d9c7c9a926415", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|39e5460048661c033cad4ae8dfb75a7cbc8acfd3e6cbfc604c7d9c7c9a926415"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pkg_artifacts.yml"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 47026, "scanner": "repobility-supply-chain", "fingerprint": "b80d9569f1deced86da0982a43b054d2d42d376af9c1bbbed23dd0fa565711cb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b80d9569f1deced86da0982a43b054d2d42d376af9c1bbbed23dd0fa565711cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pkg_artifacts.yml"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `pnpm/action-setup` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47025, "scanner": "repobility-supply-chain", "fingerprint": "291486e16e9a2cdb75213941dbfb023daa19b2e4ac5f5fba8d415045532b164c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|291486e16e9a2cdb75213941dbfb023daa19b2e4ac5f5fba8d415045532b164c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pkg_artifacts.yml"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `wistia/parse-tool-versions` pinned to mutable ref `@v2.1.1`"}, "properties": {"repobilityId": 47024, "scanner": "repobility-supply-chain", "fingerprint": "0075deb3d3addb87a6a573f4d75c81289491065cba25fa2f4df0c1704b9e099c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0075deb3d3addb87a6a573f4d75c81289491065cba25fa2f4df0c1704b9e099c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pkg_artifacts.yml"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47023, "scanner": "repobility-supply-chain", "fingerprint": "ee7e4a0c64eef5ccac58721c279f0c409f42028ef63d14f13516fc700239b526", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ee7e4a0c64eef5ccac58721c279f0c409f42028ef63d14f13516fc700239b526"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pkg_artifacts.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `changesets/action` pinned to mutable ref `@v1`"}, "properties": {"repobilityId": 47022, "scanner": "repobility-supply-chain", "fingerprint": "fec7fc7cccb78019e1740ddd527c807f68ddc5b014707d81db7100d9446faa44", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fec7fc7cccb78019e1740ddd527c807f68ddc5b014707d81db7100d9446faa44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 47020, "scanner": "repobility-supply-chain", "fingerprint": "6d308280c35e56ade53495fa0271fee3a2a8e86db7472c52818474161f11f11d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6d308280c35e56ade53495fa0271fee3a2a8e86db7472c52818474161f11f11d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `pnpm/action-setup` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47018, "scanner": "repobility-supply-chain", "fingerprint": "6e09cbf9f65e5fdc1926844086c6791c546e071191cf7044c2b02eaad1fe21a0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6e09cbf9f65e5fdc1926844086c6791c546e071191cf7044c2b02eaad1fe21a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `snok/install-poetry` pinned to mutable ref `@v1`"}, "properties": {"repobilityId": 47016, "scanner": "repobility-supply-chain", "fingerprint": "505dd0f07338a6052ae0975583ad4516266c3c49159272d15f96ff90e49620e2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|505dd0f07338a6052ae0975583ad4516266c3c49159272d15f96ff90e49620e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47014, "scanner": "repobility-supply-chain", "fingerprint": "54939e8fd693a17941c046c175ce9c9fe56eec83431be4f47bb461bf9a530862", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|54939e8fd693a17941c046c175ce9c9fe56eec83431be4f47bb461bf9a530862"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `wistia/parse-tool-versions` pinned to mutable ref `@v2.1.1`"}, "properties": {"repobilityId": 47012, "scanner": "repobility-supply-chain", "fingerprint": "353283ff98ea43e67e8fddd9a1072e55ef21e6d406f29ce8c66d9984a45d2d99", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|353283ff98ea43e67e8fddd9a1072e55ef21e6d406f29ce8c66d9984a45d2d99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 47010, "scanner": "repobility-supply-chain", "fingerprint": "d1a26e10830ff444d478cbf307729835d00523ef1c13ce81aaca625fc20895dd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d1a26e10830ff444d478cbf307729835d00523ef1c13ce81aaca625fc20895dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/create-github-app-token` pinned to mutable ref `@v1`"}, "properties": {"repobilityId": 47008, "scanner": "repobility-supply-chain", "fingerprint": "43142b1cbef1bdf1bcf91e4a4a92a74a361e8d4ab0637e7e2f5e25444542e441", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|43142b1cbef1bdf1bcf91e4a4a92a74a361e8d4ab0637e7e2f5e25444542e441"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish_packages.yml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 47006, "scanner": "repobility-supply-chain", "fingerprint": "0024d650cbdb4d55982a16cee1201c51004ca65a6340cd31d3ea8153813546b5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0024d650cbdb4d55982a16cee1201c51004ca65a6340cd31d3ea8153813546b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cli_tests.yml"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `pnpm/action-setup` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47005, "scanner": "repobility-supply-chain", "fingerprint": "616092a5e402e4956a1ea5937bf57e96926bde8d581bf7a53b67ed364346b8a2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|616092a5e402e4956a1ea5937bf57e96926bde8d581bf7a53b67ed364346b8a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cli_tests.yml"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `wistia/parse-tool-versions` pinned to mutable ref `@v2.1.1`"}, "properties": {"repobilityId": 47004, "scanner": "repobility-supply-chain", "fingerprint": "195851af5de115e636849f7d5efbc690e882ee3b8a3c64d981ac1a03f5982352", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|195851af5de115e636849f7d5efbc690e882ee3b8a3c64d981ac1a03f5982352"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cli_tests.yml"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47003, "scanner": "repobility-supply-chain", "fingerprint": "a51ec6d6526290dca27216fcd4869ca7fd908d4f14b5749ef629a0a688542b08", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a51ec6d6526290dca27216fcd4869ca7fd908d4f14b5749ef629a0a688542b08"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/cli_tests.yml"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `denoland/setup-deno` pinned to mutable ref `@v1`"}, "properties": {"repobilityId": 47002, "scanner": "repobility-supply-chain", "fingerprint": "667a5b9b53caaf4a95d4feae37216ed27b24328c6cf51bcbc84699fcd17eaf2b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|667a5b9b53caaf4a95d4feae37216ed27b24328c6cf51bcbc84699fcd17eaf2b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `oven-sh/setup-bun` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 47001, "scanner": "repobility-supply-chain", "fingerprint": "46d3eb7b41515d7ccf4ae32a3c7d8469b80f2bf483364caf3a002224e047cbe7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|46d3eb7b41515d7ccf4ae32a3c7d8469b80f2bf483364caf3a002224e047cbe7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/cache` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 47000, "scanner": "repobility-supply-chain", "fingerprint": "07040640a0c6f35c42a5ed81966148e01726ed038a11657fcf17a996c040e822", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|07040640a0c6f35c42a5ed81966148e01726ed038a11657fcf17a996c040e822"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/cache` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 46999, "scanner": "repobility-supply-chain", "fingerprint": "a1bc74161716ca6ae08041e24d2a64dc95b1796dba3ed5ba505b2cc5250f6328", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a1bc74161716ca6ae08041e24d2a64dc95b1796dba3ed5ba505b2cc5250f6328"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 46998, "scanner": "repobility-supply-chain", "fingerprint": "fce1aa0e0b37f5517618abe62d2311b5c5c8ed3f76d5cd265e2e67ae55bebcbc", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fce1aa0e0b37f5517618abe62d2311b5c5c8ed3f76d5cd265e2e67ae55bebcbc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `pnpm/action-setup` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 46997, "scanner": "repobility-supply-chain", "fingerprint": "9ab29c790f331c4fc5a6c94d97e6319952ca8539cbbe03c3f9cc6e6496e764a6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9ab29c790f331c4fc5a6c94d97e6319952ca8539cbbe03c3f9cc6e6496e764a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `wistia/parse-tool-versions` pinned to mutable ref `@v2.1.1`"}, "properties": {"repobilityId": 46996, "scanner": "repobility-supply-chain", "fingerprint": "8dc64d0d2d69276407ddc5cfaf3e181040966c3904a4e453f3fd5b1e826a4385", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8dc64d0d2d69276407ddc5cfaf3e181040966c3904a4e453f3fd5b1e826a4385"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 46995, "scanner": "repobility-supply-chain", "fingerprint": "740e4bb154f54fcd37545aabd0237ed79eacd2de63555474b83e696101956c3d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|740e4bb154f54fcd37545aabd0237ed79eacd2de63555474b83e696101956c3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/js_sdk_tests.yml"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `e2bdev/code-interpreter:latest` not pinned by digest"}, "properties": {"repobilityId": 46994, "scanner": "repobility-supply-chain", "fingerprint": "cc61d918c02ab1b0b191ac7b912ab2e1717ae12cef3bed041277ec6739a2d077", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cc61d918c02ab1b0b191ac7b912ab2e1717ae12cef3bed041277ec6739a2d077"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/tests/integration/template/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `ubuntu:latest` not pinned by digest"}, "properties": {"repobilityId": 46993, "scanner": "repobility-supply-chain", "fingerprint": "3221a0c8ac4cb312857488bde6fba302d7f9b194f9b23c9828cc3a9066818aa6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3221a0c8ac4cb312857488bde6fba302d7f9b194f9b23c9828cc3a9066818aa6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/testground/demo-basic/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `node:18-slim` not pinned by digest"}, "properties": {"repobilityId": 46992, "scanner": "repobility-supply-chain", "fingerprint": "0957ab1f398e57420421169ae30b8e1e86fee2152891e1ffc7e177dbf7181560", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0957ab1f398e57420421169ae30b8e1e86fee2152891e1ffc7e177dbf7181560"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/multi-stage/e2b.Dockerfile"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `node:18` not pinned by digest"}, "properties": {"repobilityId": 46991, "scanner": "repobility-supply-chain", "fingerprint": "0890a2f1efe57b739b1b351f8949f107c18afc93e51a5232fd22250e32e04fb7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0890a2f1efe57b739b1b351f8949f107c18afc93e51a5232fd22250e32e04fb7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/multi-stage/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `ubuntu:latest` not pinned by digest"}, "properties": {"repobilityId": 46990, "scanner": "repobility-supply-chain", "fingerprint": "508f7fa359d35b64b192e2e9ff1ae4be381da7ac7c75a6edd17ef2d9ec993fdb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|508f7fa359d35b64b192e2e9ff1ae4be381da7ac7c75a6edd17ef2d9ec993fdb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/minimal-dockerfile/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `node:18` not pinned by digest"}, "properties": {"repobilityId": 46989, "scanner": "repobility-supply-chain", "fingerprint": "5e244e062b9ad6ea59ccce17be160bdd06bd83788f70d3d46843fad7043e338d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5e244e062b9ad6ea59ccce17be160bdd06bd83788f70d3d46843fad7043e338d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/multiple-env/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `alpine:latest` not pinned by digest"}, "properties": {"repobilityId": 46988, "scanner": "repobility-supply-chain", "fingerprint": "7d9548bd26dce6289e53d184053146bd631bb42077f115dd95829d417e375089", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7d9548bd26dce6289e53d184053146bd631bb42077f115dd95829d417e375089"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/copy-variations/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `python:3.11` not pinned by digest"}, "properties": {"repobilityId": 46987, "scanner": "repobility-supply-chain", "fingerprint": "e6834863a470a001e0acf74c24e2e7d6e28b514447722bc70b91a9dd48d3b6a7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e6834863a470a001e0acf74c24e2e7d6e28b514447722bc70b91a9dd48d3b6a7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/start-cmd/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `node:18` not pinned by digest"}, "properties": {"repobilityId": 46986, "scanner": "repobility-supply-chain", "fingerprint": "e45c71d8d3c7eef52a25a70cbb5ef015fceee739bf20fa4b75f1b56a474dd795", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e45c71d8d3c7eef52a25a70cbb5ef015fceee739bf20fa4b75f1b56a474dd795"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/custom-commands/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `python:3.11-slim` not pinned by digest"}, "properties": {"repobilityId": 46985, "scanner": "repobility-supply-chain", "fingerprint": "2a4f3919e942d32f91ca8b6b9d732fbfdffb1c0aaf34601c5f5bd186ea2df4fa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2a4f3919e942d32f91ca8b6b9d732fbfdffb1c0aaf34601c5f5bd186ea2df4fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/tests/commands/template/fixtures/complex-python/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `python:3.11.6` not pinned by digest"}, "properties": {"repobilityId": 46981, "scanner": "repobility-supply-chain", "fingerprint": "6af23c2ead86307d373a5c5cdfe6671f272881ec488badc2c5cafd94d7ad3b95", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6af23c2ead86307d373a5c5cdfe6671f272881ec488badc2c5cafd94d7ad3b95"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "templates/base/e2b.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `python:3.10` not pinned by digest"}, "properties": {"repobilityId": 46980, "scanner": "repobility-supply-chain", "fingerprint": "09138a5e5e71dcacb99d279567b490c5ee31256c540e184db6439f386132f9d6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|09138a5e5e71dcacb99d279567b490c5ee31256c540e184db6439f386132f9d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "codegen.Dockerfile"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `golang:1.23` not pinned by digest"}, "properties": {"repobilityId": 46979, "scanner": "repobility-supply-chain", "fingerprint": "4e141edbffd747a33451d4efdab50c60fc9c035d01528705da3d2ff16759c11f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4e141edbffd747a33451d4efdab50c60fc9c035d01528705da3d2ff16759c11f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "codegen.Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "Blocking call `urllib.request.urlopen` inside async function `test_download_url_with_expired_signing`"}, "properties": {"repobilityId": 46963, "scanner": "repobility-ast-engine", "fingerprint": "654e8aa106f8270ea5a279eae7f8438b5e2254fe5cdbb61dbd4c0dceb73f973a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|654e8aa106f8270ea5a279eae7f8438b5e2254fe5cdbb61dbd4c0dceb73f973a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_secured.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "Blocking call `urllib.request.urlopen` inside async function `test_download_url_with_signing_and_expiration`"}, "properties": {"repobilityId": 46962, "scanner": "repobility-ast-engine", "fingerprint": "57d61faab345f2dd9848a3970dc0054753be6cf9ba50a6c7ba6af088986d9af3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|57d61faab345f2dd9848a3970dc0054753be6cf9ba50a6c7ba6af088986d9af3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_secured.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "Blocking call `urllib.request.urlopen` inside async function `test_download_url_with_signing`"}, "properties": {"repobilityId": 46961, "scanner": "repobility-ast-engine", "fingerprint": "647a8290ebbc66bb9e0388d32c6d470dd98683f23aa29b55420e8a516fd8a9e1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|647a8290ebbc66bb9e0388d32c6d470dd98683f23aa29b55420e8a516fd8a9e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_secured.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.rfile` used but never assigned in __init__"}, "properties": {"repobilityId": 46958, "scanner": "repobility-ast-engine", "fingerprint": "cd1f197762f77afff1f1954e1dddf449ca0fa972104182dfeaa4e72d626cb438", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cd1f197762f77afff1f1954e1dddf449ca0fa972104182dfeaa4e72d626cb438"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_upload_file.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.headers` used but never assigned in __init__"}, "properties": {"repobilityId": 46957, "scanner": "repobility-ast-engine", "fingerprint": "fb8259389bb675d7d3a74a37ec259f6e395901ebec714ed71a20da5e134471db", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fb8259389bb675d7d3a74a37ec259f6e395901ebec714ed71a20da5e134471db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_upload_file.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.end_headers` used but never assigned in __init__"}, "properties": {"repobilityId": 46956, "scanner": "repobility-ast-engine", "fingerprint": "68eb5a6a2f1d14e62d093220b3e773a16ed5b8fd41b8027a88a8ec53f251c378", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|68eb5a6a2f1d14e62d093220b3e773a16ed5b8fd41b8027a88a8ec53f251c378"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_upload_file.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.send_response` used but never assigned in __init__"}, "properties": {"repobilityId": 46955, "scanner": "repobility-ast-engine", "fingerprint": "41d3b705a6b36d49f7cec8e57fd643331f0f9275c6e1ff98800a2c62026e1c93", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|41d3b705a6b36d49f7cec8e57fd643331f0f9275c6e1ff98800a2c62026e1c93"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_upload_file.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.headers` used but never assigned in __init__"}, "properties": {"repobilityId": 46954, "scanner": "repobility-ast-engine", "fingerprint": "898951ac93fc2a19166626a108bb56d0d5cc135867130ff30e600d84a11c6b51", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|898951ac93fc2a19166626a108bb56d0d5cc135867130ff30e600d84a11c6b51"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_upload_file.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_traces_on_from_gcp_registry"}, "properties": {"repobilityId": 46952, "scanner": "repobility-ast-engine", "fingerprint": "ca2593062e2fb1180df9bbd02b87f3da49e1f2ebcf23ccc1501778d67bb41e1a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ca2593062e2fb1180df9bbd02b87f3da49e1f2ebcf23ccc1501778d67bb41e1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_stacktrace.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_traces_on_from_aws_registry"}, "properties": {"repobilityId": 46951, "scanner": "repobility-ast-engine", "fingerprint": "adeeffbe114416c723bfa711f4ea848a568478c4377d8431d9f93b41d68dccd9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|adeeffbe114416c723bfa711f4ea848a568478c4377d8431d9f93b41d68dccd9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_stacktrace.py"}, "region": {"startLine": 137}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_traces_on_from_image_registry"}, "properties": {"repobilityId": 46950, "scanner": "repobility-ast-engine", "fingerprint": "a0d283728427df294765918fc56228eb396821f64d29d36e45a6b5db6910d1d8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a0d283728427df294765918fc56228eb396821f64d29d36e45a6b5db6910d1d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_stacktrace.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_traces_on_from_dockerfile"}, "properties": {"repobilityId": 46949, "scanner": "repobility-ast-engine", "fingerprint": "cf5197acea56562688c31a0c266e7c6db53d0b6569e5fd87797b530e57284e22", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf5197acea56562688c31a0c266e7c6db53d0b6569e5fd87797b530e57284e22"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_stacktrace.py"}, "region": {"startLine": 113}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_traces_on_from_template"}, "properties": {"repobilityId": 46948, "scanner": "repobility-ast-engine", "fingerprint": "0107b81e187cdb386e371822289b9a74d7dc42ef99fd792d825f8021a3e7b6e9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0107b81e187cdb386e371822289b9a74d7dc42ef99fd792d825f8021a3e7b6e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_stacktrace.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_traces_on_from_image"}, "properties": {"repobilityId": 46947, "scanner": "repobility-ast-engine", "fingerprint": "7efccbffc01477999d5a7690a741fbb66c6c9d0a57702411f5a9939dc93e499b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7efccbffc01477999d5a7690a741fbb66c6c9d0a57702411f5a9939dc93e499b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_stacktrace.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_build_template_with_resolve_symlinks"}, "properties": {"repobilityId": 46946, "scanner": "repobility-ast-engine", "fingerprint": "d996c7a16db57feb7a0702b555d9243bf64c0e5af97db0e50cb1105a3c449e5c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d996c7a16db57feb7a0702b555d9243bf64c0e5af97db0e50cb1105a3c449e5c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_build.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_build_template_with_symlinks"}, "properties": {"repobilityId": 46945, "scanner": "repobility-ast-engine", "fingerprint": "55c3d87dfa094e57ec6cf101a771ba82f9093d4c4f1b0bc4bcc55a19f1b37c8a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|55c3d87dfa094e57ec6cf101a771ba82f9093d4c4f1b0bc4bcc55a19f1b37c8a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_build.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_build_template_from_base_template"}, "properties": {"repobilityId": 46944, "scanner": "repobility-ast-engine", "fingerprint": "658d7a2d17e678b744aa32911dd2543604b58920bc2b6968b2c8bae9cc49d0ac", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|658d7a2d17e678b744aa32911dd2543604b58920bc2b6968b2c8bae9cc49d0ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_build.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_build_template"}, "properties": {"repobilityId": 46943, "scanner": "repobility-ast-engine", "fingerprint": "ff5b7dc5428b6aa89cda5aed8a2cae69cb1e61e332abfb39132f57de012d6e87", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ff5b7dc5428b6aa89cda5aed8a2cae69cb1e61e332abfb39132f57de012d6e87"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/template_sync/test_build.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_remove_nonexistent_raises"}, "properties": {"repobilityId": 46942, "scanner": "repobility-ast-engine", "fingerprint": "1da2da742b614747a83d3e6298e0016765e293e20fb16341b033a8c959d2c10f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1da2da742b614747a83d3e6298e0016765e293e20fb16341b033a8c959d2c10f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/volume_sync/test_file.py"}, "region": {"startLine": 249}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_list_nonexistent_raises"}, "properties": {"repobilityId": 46941, "scanner": "repobility-ast-engine", "fingerprint": "4237be6b9381ec6b7e5868da49183d2ab60b60e068de3185bbcf446a27d77a03", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4237be6b9381ec6b7e5868da49183d2ab60b60e068de3185bbcf446a27d77a03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/volume_sync/test_file.py"}, "region": {"startLine": 218}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_create_existing_directory_without_force_raises"}, "properties": {"repobilityId": 46940, "scanner": "repobility-ast-engine", "fingerprint": "1f43c29915a330613b44a429fb4d16c0cabca5f93dd6fc8b02d3a00bf71924ca", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1f43c29915a330613b44a429fb4d16c0cabca5f93dd6fc8b02d3a00bf71924ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/volume_sync/test_file.py"}, "region": {"startLine": 167}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_update_metadata_nonexistent_raises"}, "properties": {"repobilityId": 46939, "scanner": "repobility-ast-engine", "fingerprint": "db504b01d21c33b150eaac5452c531ab86929ccce5badcffcb41b8b11e0a41a2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|db504b01d21c33b150eaac5452c531ab86929ccce5badcffcb41b8b11e0a41a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/volume_sync/test_file.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_write_existing_file_without_force_raises"}, "properties": {"repobilityId": 46938, "scanner": "repobility-ast-engine", "fingerprint": "abb9e2916eaa6012927b8a4e92026cfffbc7da582b9c573f9f07ab0ac7776334", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|abb9e2916eaa6012927b8a4e92026cfffbc7da582b9c573f9f07ab0ac7776334"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/volume_sync/test_file.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_get_info_nonexistent_volume"}, "properties": {"repobilityId": 46937, "scanner": "repobility-ast-engine", "fingerprint": "e810bdcd53e4dfe7cf1df966fc9bbc94a3b6860bf86e02e09232448ee17d65cd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e810bdcd53e4dfe7cf1df966fc9bbc94a3b6860bf86e02e09232448ee17d65cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/volume_sync/test_volume.py"}, "region": {"startLine": 131}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_shorten_then_lengthen_timeout"}, "properties": {"repobilityId": 46936, "scanner": "repobility-ast-engine", "fingerprint": "d5a51097cde87eadd1ae4349c8cea72a1f2a1a9503ca8fe40930a65a650c03ed", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d5a51097cde87eadd1ae4349c8cea72a1f2a1a9503ca8fe40930a65a650c03ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/sandbox_sync/test_timeout.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.commands` used but never assigned in __init__"}, "properties": {"repobilityId": 46935, "scanner": "repobility-ast-engine", "fingerprint": "b23a9444988108475b962ac80b4a12299f60ad94d92a6e8c0196610902f784f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b23a9444988108475b962ac80b4a12299f60ad94d92a6e8c0196610902f784f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/bugs/test_envelope_decode.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.files` used but never assigned in __init__"}, "properties": {"repobilityId": 46934, "scanner": "repobility-ast-engine", "fingerprint": "846f0ed3ec44fa5ade7a1a09d41b286a78e43aeb0bf9f188601950baaa59e627", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|846f0ed3ec44fa5ade7a1a09d41b286a78e43aeb0bf9f188601950baaa59e627"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/bugs/test_envelope_decode.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._wrap_pyautogui_code` used but never assigned in __init__"}, "properties": {"repobilityId": 46933, "scanner": "repobility-ast-engine", "fingerprint": "223df21a6b36bbba792710f7986df565227aba3c01c8efa331b5ead2308f54e9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|223df21a6b36bbba792710f7986df565227aba3c01c8efa331b5ead2308f54e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/bugs/test_envelope_decode.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_envelope_decode"}, "properties": {"repobilityId": 46932, "scanner": "repobility-ast-engine", "fingerprint": "e354b131128e807014115c1b52077de26c43974de95f5b72295edd35bec22d6e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e354b131128e807014115c1b52077de26c43974de95f5b72295edd35bec22d6e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/bugs/test_envelope_decode.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_rejects_trailing_newline"}, "properties": {"repobilityId": 46931, "scanner": "repobility-ast-engine", "fingerprint": "14f07e4309b5db1a57acd5cb9e11c06eac65e263b5257f19c6913a1d7b63a519", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|14f07e4309b5db1a57acd5cb9e11c06eac65e263b5257f19c6913a1d7b63a519"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/test_validate_api_key.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_rejects_non_hex_body"}, "properties": {"repobilityId": 46930, "scanner": "repobility-ast-engine", "fingerprint": "84850c0ddef742f4550237620b69b63732e3cc912df6803020036fb11e7344eb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|84850c0ddef742f4550237620b69b63732e3cc912df6803020036fb11e7344eb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/test_validate_api_key.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_rejects_empty_body"}, "properties": {"repobilityId": 46929, "scanner": "repobility-ast-engine", "fingerprint": "ac143b408582830eff1afef2bb46b29a3f7d45fe0de3e05be364b65881ff3de9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac143b408582830eff1afef2bb46b29a3f7d45fe0de3e05be364b65881ff3de9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/test_validate_api_key.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_accepts_non_default_body_length"}, "properties": {"repobilityId": 46928, "scanner": "repobility-ast-engine", "fingerprint": "4fdbe50f0539554266f843fa77c94ea82540d1c69b0238e82a73961d1bf86435", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4fdbe50f0539554266f843fa77c94ea82540d1c69b0238e82a73961d1bf86435"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/test_validate_api_key.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_rejects_missing_prefix"}, "properties": {"repobilityId": 46927, "scanner": "repobility-ast-engine", "fingerprint": "02c2982f441ca7e87025f4e9729f742b48cd2d85421f4c0bb167a00b91ed1aaf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|02c2982f441ca7e87025f4e9729f742b48cd2d85421f4c0bb167a00b91ed1aaf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/test_validate_api_key.py"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_accepts_well_formed_key"}, "properties": {"repobilityId": 46926, "scanner": "repobility-ast-engine", "fingerprint": "9d32f2ed26ede96f536cc70314cdd396b17cbae9413220f5b3ab6f9d3bd7ed76", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9d32f2ed26ede96f536cc70314cdd396b17cbae9413220f5b3ab6f9d3bd7ed76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/test_validate_api_key.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_api_key"}, "properties": {"repobilityId": 46925, "scanner": "repobility-ast-engine", "fingerprint": "c18df67d5a04ddf127f2156f0ecc034b9d50c0bfa6d01ab0a7284c33180600ae", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c18df67d5a04ddf127f2156f0ecc034b9d50c0bfa6d01ab0a7284c33180600ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/conftest.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.shift_buffer` used but never assigned in __init__"}, "properties": {"repobilityId": 46924, "scanner": "repobility-ast-engine", "fingerprint": "e0063941cb90a6d275f6b99973fbfc9892de5342fcd52c55110114a198bd5836", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e0063941cb90a6d275f6b99973fbfc9892de5342fcd52c55110114a198bd5836"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 488}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.header` used but never assigned in __init__"}, "properties": {"repobilityId": 46923, "scanner": "repobility-ast-engine", "fingerprint": "41ac9197dc5ab37f52032fdbd0a8336924b8015be95787a48d4b5f6fa3a2ceea", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|41ac9197dc5ab37f52032fdbd0a8336924b8015be95787a48d4b5f6fa3a2ceea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 499}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.header` used but never assigned in __init__"}, "properties": {"repobilityId": 46922, "scanner": "repobility-ast-engine", "fingerprint": "f50f6bf0baa872c55f4542174e04757b3901542ef7675f1028bb84ade07574be", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f50f6bf0baa872c55f4542174e04757b3901542ef7675f1028bb84ade07574be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 483}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.shift_buffer` used but never assigned in __init__"}, "properties": {"repobilityId": 46921, "scanner": "repobility-ast-engine", "fingerprint": "7312eaf452581a56e61ffaa8a034c22f84a45cf5c4c6f56b876bcda07ef1b166", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7312eaf452581a56e61ffaa8a034c22f84a45cf5c4c6f56b876bcda07ef1b166"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 470}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._prepare_server_stream_request` used but never assigned in __init__"}, "properties": {"repobilityId": 46920, "scanner": "repobility-ast-engine", "fingerprint": "aa282a93893124c74446efd224c807300da936dbd7cc7e469233bcaddde3d679", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa282a93893124c74446efd224c807300da936dbd7cc7e469233bcaddde3d679"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 410}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._prepare_server_stream_request` used but never assigned in __init__"}, "properties": {"repobilityId": 46919, "scanner": "repobility-ast-engine", "fingerprint": "5fe28d92e092e52916f5bac69e0a74390a9dc2a7dc143cc48f7a659544d93034", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5fe28d92e092e52916f5bac69e0a74390a9dc2a7dc143cc48f7a659544d93034"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 376}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._create_stream_timeout` used but never assigned in __init__"}, "properties": {"repobilityId": 46918, "scanner": "repobility-ast-engine", "fingerprint": "3063aca4853e7407c78d765ee40bedc4b0c1407164724456d027b09f3686cf9d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3063aca4853e7407c78d765ee40bedc4b0c1407164724456d027b09f3686cf9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 341}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._process_unary_response` used but never assigned in __init__"}, "properties": {"repobilityId": 46917, "scanner": "repobility-ast-engine", "fingerprint": "8627552b9078e4538cd6ccde21e46f364934a756b46d59776ceda339746ff2f1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8627552b9078e4538cd6ccde21e46f364934a756b46d59776ceda339746ff2f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 306}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._prepare_unary_request` used but never assigned in __init__"}, "properties": {"repobilityId": 46916, "scanner": "repobility-ast-engine", "fingerprint": "276eaf606aec59ecd8798ee7a9aafea2f4513f3fa17728c59f5eaabf9672d5e1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|276eaf606aec59ecd8798ee7a9aafea2f4513f3fa17728c59f5eaabf9672d5e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 298}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._process_unary_response` used but never assigned in __init__"}, "properties": {"repobilityId": 46915, "scanner": "repobility-ast-engine", "fingerprint": "dec3284d521e16c12f57d2fb3f6d51dd9cb94d221382f7c772b2101994c534e8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dec3284d521e16c12f57d2fb3f6d51dd9cb94d221382f7c772b2101994c534e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 285}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._prepare_unary_request` used but never assigned in __init__"}, "properties": {"repobilityId": 46914, "scanner": "repobility-ast-engine", "fingerprint": "2a20430fffddcc955d75a466aae8685c3aaf699f0c12e3a7ecb3e93a4da154f2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a20430fffddcc955d75a466aae8685c3aaf699f0c12e3a7ecb3e93a4da154f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b_connect/client.py"}, "region": {"startLine": 277}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_request_timeout` used but never assigned in __init__"}, "properties": {"repobilityId": 46913, "scanner": "repobility-ast-engine", "fingerprint": "c44d7c3a863780c62d945f5d842995ca21b6b98d7707702ddd745ca26f476654", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c44d7c3a863780c62d945f5d842995ca21b6b98d7707702ddd745ca26f476654"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/connection_config.py"}, "region": {"startLine": 211}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_host` used but never assigned in __init__"}, "properties": {"repobilityId": 46912, "scanner": "repobility-ast-engine", "fingerprint": "00900259dd78126e6aee4f960253e4a097c9a34f1cf8fefc82719f96b55c27ed", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|00900259dd78126e6aee4f960253e4a097c9a34f1cf8fefc82719f96b55c27ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/connection_config.py"}, "region": {"startLine": 158}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_host` used but never assigned in __init__"}, "properties": {"repobilityId": 46911, "scanner": "repobility-ast-engine", "fingerprint": "02602f18a9dd38c4a88ce468a691f771959d4b52d6970a4e68f0564ecb6f24f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|02602f18a9dd38c4a88ce468a691f771959d4b52d6970a4e68f0564ecb6f24f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/connection_config.py"}, "region": {"startLine": 160}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_host` used but never assigned in __init__"}, "properties": {"repobilityId": 46910, "scanner": "repobility-ast-engine", "fingerprint": "056bc7fa41384a252fac3345d4a179c18ed8bb81206eec6dfa27e7080afd7a69", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|056bc7fa41384a252fac3345d4a179c18ed8bb81206eec6dfa27e7080afd7a69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/connection_config.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_host` used but never assigned in __init__"}, "properties": {"repobilityId": 46909, "scanner": "repobility-ast-engine", "fingerprint": "e55e87aa8c3163cd093ca3056efda16de6cf0b22779aeb8b51c2d70733ff5714", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e55e87aa8c3163cd093ca3056efda16de6cf0b22779aeb8b51c2d70733ff5714"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/connection_config.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._get_request_timeout` used but never assigned in __init__"}, "properties": {"repobilityId": 46908, "scanner": "repobility-ast-engine", "fingerprint": "ec8a5ffe557de0511003d0d23b32142678c227bfa447f515304a8ba370fab94b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ec8a5ffe557de0511003d0d23b32142678c227bfa447f515304a8ba370fab94b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/connection_config.py"}, "region": {"startLine": 138}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19051, "scanner": "repobility", "fingerprint": "f3fcba75f02b8b783a439554d58f14d5", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_watch_file_with_secured_envd", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/sandbox_sync/files/test_watch.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19050, "scanner": "repobility", "fingerprint": "5b834f4f66152e4eb4dab086658b4c54", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_remove_non_existing_file", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/sandbox_sync/files/test_remove.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19049, "scanner": "repobility", "fingerprint": "83bd9a6a172b90cda023dd8541d995e7", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_shorten_then_lengthen_timeout", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/sandbox_sync/test_timeout.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19048, "scanner": "repobility", "fingerprint": "47372c8169c21effa97c2725aa8dfbae", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_run_command_as_different_user", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_run_cmd.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19047, "scanner": "repobility", "fingerprint": "70fa1ec37849e6bf61f913574fb68c24", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_run_command", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_run_cmd.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19046, "scanner": "repobility", "fingerprint": "f1b2b3137bbcd529d1c9155259285c61", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_apt_install_no_install_recommends", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_apt_install.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19045, "scanner": "repobility", "fingerprint": "9f6cedff0efef321d285e01db0e2231a", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_apt_install", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_apt_install.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19044, "scanner": "repobility", "fingerprint": "735ab0c9660b90e3e68b9b22418079de", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_pip_install_user", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_pip_install.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19043, "scanner": "repobility", "fingerprint": "57b118acac641cc3e5706b23e7507429", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_pip_install", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_pip_install.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19042, "scanner": "repobility", "fingerprint": "d55cba13bd801129a3f03dbc5e67e19d", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_npm_install_dev", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_npm_install.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19041, "scanner": "repobility", "fingerprint": "f1170e3984119f39541e07f8231b2234", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_npm_install_global", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_npm_install.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19040, "scanner": "repobility", "fingerprint": "e3d74c7ee7b34557677052098649e096", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_npm_install", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_npm_install.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19039, "scanner": "repobility", "fingerprint": "4f08955d8835bcce70f44968309844a4", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_make_symlink_force", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_make_symlink.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19038, "scanner": "repobility", "fingerprint": "00a2cdd2d70a2802858865c7d3447f33", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_make_symlink", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_make_symlink.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19037, "scanner": "repobility", "fingerprint": "a23133cb16792566a1c194e3b61dc572", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_bun_install_dev", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_bun_install.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19036, "scanner": "repobility", "fingerprint": "ead79163a627a93182dd18880baf640e", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_bun_install_global", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_bun_install.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19035, "scanner": "repobility", "fingerprint": "3ac1ca26998be60b16ad3562523dfa52", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_bun_install", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/methods/test_bun_install.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19034, "scanner": "repobility", "fingerprint": "dfeb650c22876fa951b7a144f314375e", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_copyItems_absolute_path", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 193}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19033, "scanner": "repobility", "fingerprint": "0d70809e0bc18bd960dde24538fbdb07", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_copy_absolute_path", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19032, "scanner": "repobility", "fingerprint": "cde68946aeb3f879d2fa42da18df8e73", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_copyItems", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 171}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19031, "scanner": "repobility", "fingerprint": "b36ec99e0c2d5f1a961d14c65a5df656", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_copy", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 161}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19030, "scanner": "repobility", "fingerprint": "1bf5cfddb7b3bac142faa64a303ec75c", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_from_gcp_registry", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 148}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19029, "scanner": "repobility", "fingerprint": "34ffa2cc68ddcb818a487e4ced3a3b43", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_from_aws_registry", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 135}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19028, "scanner": "repobility", "fingerprint": "45e22ab641b19c1607868186b5730528", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_from_image_registry", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19027, "scanner": "repobility", "fingerprint": "e7602931bd2422d7c1ee8a93fab6b67b", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_from_dockerfile", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 113}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19026, "scanner": "repobility", "fingerprint": "613c5c33fc6fd2c78b56b9d671023573", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_from_template", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19025, "scanner": "repobility", "fingerprint": "9cfe8c6d4a9d3d0719c111fa27adbb30", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_traces_on_from_image", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_stacktrace.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19024, "scanner": "repobility", "fingerprint": "de9210489a9720b60bde75efe65037ad", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_build_template_with_skip_cache", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_build.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19023, "scanner": "repobility", "fingerprint": "081c241442fb56cdd72a3b0ee0070c42", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_build_template_with_resolve_symlinks", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_build.py"}, "region": {"startLine": 77}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19022, "scanner": "repobility", "fingerprint": "20ed52ab2cda7c9ec8cd76e474b3f24d", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_build_template_with_symlinks", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_build.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19021, "scanner": "repobility", "fingerprint": "4bb1766f8191eed7e82bc34a30e9673f", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_build_template_from_base_template", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_build.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19020, "scanner": "repobility", "fingerprint": "dab99ead998ece13fb4aec3370544355", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_build_template", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/template_async/test_build.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19019, "scanner": "repobility", "fingerprint": "acfddfd146d109269b866788d7306024", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_watch_file_with_secured_envd", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_watch.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19018, "scanner": "repobility", "fingerprint": "0b8e3d1bdc9f9ee3a6a9ae12a63c7780", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_watch_recursive_directory_after_nested_folder_addition", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_watch.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19017, "scanner": "repobility", "fingerprint": "5bc358c76751d9ce9603ab912be01a26", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_watch_recursive_directory_changes", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_watch.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19016, "scanner": "repobility", "fingerprint": "2aa83c3e82005ee1e3f008ee1600c27d", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_watch_directory_changes", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_watch.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19015, "scanner": "repobility", "fingerprint": "73998597a02eaded8311258e2d2dc8cb", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_remove_non_existing_file", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_remove.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19014, "scanner": "repobility", "fingerprint": "02843851bb97feae6122b5504f0bf52d", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "test_* without asserts: test_shorten_then_lengthen_timeout", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/test_timeout.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17614, "scanner": "repobility", "fingerprint": "854f0d8066403c03e1bcee9de8115c72", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "fixed", "verdict": "likely_fp", "isResolved": true, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/sandbox_sync/test_create.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17613, "scanner": "repobility", "fingerprint": "01e281935d9f0711033b7c650f2f7b24", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "fixed", "verdict": "likely_fp", "isResolved": true, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/sync/sandbox_sync/test_network.py"}, "region": {"startLine": 202}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17612, "scanner": "repobility", "fingerprint": "0fe49dab4175fe6bf7acef82fcb1ca65", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "fixed", "verdict": "likely_fp", "isResolved": true, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/test_network.py"}, "region": {"startLine": 204}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17611, "scanner": "repobility", "fingerprint": "3d48f8e24718e9483507400891a6fca8", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "fixed", "verdict": "likely_fp", "isResolved": true, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/test_create.py"}, "region": {"startLine": 112}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17610, "scanner": "repobility", "fingerprint": "762a534b55e2c719693fdefa1fd5b8ae", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "fixed", "verdict": "likely_fp", "isResolved": true, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/conftest.py"}, "region": {"startLine": 279}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17609, "scanner": "repobility", "fingerprint": "467e5e42ff63ebdcf2c49a54b3a4a511", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "fixed", "verdict": "likely_fp", "isResolved": true, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/conftest.py"}, "region": {"startLine": 261}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17608, "scanner": "repobility", "fingerprint": "4600c3a3b86da6590a3c633791c190be", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/template/dockerfile_parser.py"}, "region": {"startLine": 275}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17607, "scanner": "repobility", "fingerprint": "8808cc0bd40e16c8da3fdc97f01d8118", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/created_team_api_key.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17606, "scanner": "repobility", "fingerprint": "5be982aff7879cfba67c6572845990dc", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/created_team_api_key.py"}, "region": {"startLine": 116}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17605, "scanner": "repobility", "fingerprint": "afac52e257da63a8ac6ce080f925658a", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/team_api_key.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17604, "scanner": "repobility", "fingerprint": "6f2c2f4c9d5488236e12acd9cf44ffd4", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/team_api_key.py"}, "region": {"startLine": 109}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17603, "scanner": "repobility", "fingerprint": "f169dd3fc7d49f9b2bba0c3136d8ab93", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_with_builds.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17602, "scanner": "repobility", "fingerprint": "ad42fa7eaa388409ef47eb257ffe4d74", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_legacy.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17601, "scanner": "repobility", "fingerprint": "eb0370ce52bd921b3693d14b09fbd290", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_legacy.py"}, "region": {"startLine": 138}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17600, "scanner": "repobility", "fingerprint": "4d262e791b02101decb208c92e408bf8", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/new_sandbox.py"}, "region": {"startLine": 154}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17599, "scanner": "repobility", "fingerprint": "8849fa1dfdc90a34518ef31ffade8bc4", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_build_start_v2.py"}, "region": {"startLine": 130}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17598, "scanner": "repobility", "fingerprint": "1511e818ab75aa74064715de236b28c8", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template_build_start_v2.py"}, "region": {"startLine": 120}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17597, "scanner": "repobility", "fingerprint": "f0409ccbbc93573c09df0e1228c67503", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template.py"}, "region": {"startLine": 171}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17596, "scanner": "repobility", "fingerprint": "ee6608afcef32d67bfe30874e5df10dd", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/api/client/models/template.py"}, "region": {"startLine": 152}}}]}, {"ruleId": "CONC001", "level": "error", "message": {"text": "Concurrency \u2014 blocking call inside asyncio coroutine"}, "properties": {"repobilityId": 15742, "scanner": "repobility", "fingerprint": "5cc7a9896405cb491ea8109bc39464e2", "category": "race_condition", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "blocking urllib.* in async test_download_url_with_expired_signing", "aljefra_cwe": ["CWE-833"], "aljefra_owasp": null, "aljefra_pattern_slug": "asyncio-blocking-call"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_secured.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "CONC001", "level": "error", "message": {"text": "Concurrency \u2014 blocking call inside asyncio coroutine"}, "properties": {"repobilityId": 15741, "scanner": "repobility", "fingerprint": "c79488d92f34df12bbd9a4f9e2b7a369", "category": "race_condition", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "blocking urllib.* in async test_download_url_with_signing_and_expiration", "aljefra_cwe": ["CWE-833"], "aljefra_owasp": null, "aljefra_pattern_slug": "asyncio-blocking-call"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_secured.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "CONC001", "level": "error", "message": {"text": "Concurrency \u2014 blocking call inside asyncio coroutine"}, "properties": {"repobilityId": 15740, "scanner": "repobility", "fingerprint": "0c0c0d34f3c9b8ba9bfcad69dd054345", "category": "race_condition", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "blocking urllib.* in async test_download_url_with_signing", "aljefra_cwe": ["CWE-833"], "aljefra_owasp": null, "aljefra_pattern_slug": "asyncio-blocking-call"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/tests/async/sandbox_async/files/test_secured.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "CONC001", "level": "error", "message": {"text": "Concurrency \u2014 blocking call inside asyncio coroutine"}, "properties": {"repobilityId": 15739, "scanner": "repobility", "fingerprint": "beb99e8dbc069fbb80d8179fe90b508a", "category": "race_condition", "severity": "high", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "blocking urllib.* in async next_items", "aljefra_cwe": ["CWE-833"], "aljefra_owasp": null, "aljefra_pattern_slug": "asyncio-blocking-call"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox_async/paginator.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "JRN004", "level": "error", "message": {"text": "Consent is collected in UI without visible backend audit persistence"}, "properties": {"repobilityId": 7034, "scanner": "repobility-journey-contract", "fingerprint": "683b4118f8e86a43fbcfb9b00a348d1170b3720c549986ec5895f7eeaac91fc3", "category": "auth", "severity": "high", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Frontend consent wording was found, but backend consent/audit metadata was not visible.", "evidence": {"rule_id": "JRN004", "scanner": "repobility-journey-contract", "references": ["https://repobility.com/library/authorization/"], "correlation_key": "code|auth|token|56|jrn004", "backend_consent_model": false, "backend_audit_signal_count": 3}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/envd/schema.gen.ts"}, "region": {"startLine": 56}}}]}, {"ruleId": "SEC084", "level": "error", "message": {"text": "[SEC084] JS: require() with non-literal: require(<variable>) loads arbitrary modules \u2014 equivalent to eval at module scope. Ported from eslint-plugin-security detect-non-literal-require (Apache-2.0)."}, "properties": {"repobilityId": 47098, "scanner": "repobility-threat-engine", "fingerprint": "7298f9a0e5d15a4e1e180052206e5a14091ca48a2a9edc0fc216a771b5e9bdad", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "require(module", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC084", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|7298f9a0e5d15a4e1e180052206e5a14091ca48a2a9edc0fc216a771b5e9bdad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/utils.ts"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED035", "level": "error", "message": {"text": "[MINED035] Js New Function: new Function(...) compiles strings to functions."}, "properties": {"repobilityId": 47095, "scanner": "repobility-threat-engine", "fingerprint": "b24411d72518ef95aca1c6ecb6b449491b8fa79fb8707e2c82870ba70aedffd5", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-new-function", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347980+00:00", "triaged_in_corpus": 20, "observations_count": 2547, "ai_coder_pattern_id": 104}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b24411d72518ef95aca1c6ecb6b449491b8fa79fb8707e2c82870ba70aedffd5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/undici.ts"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.E2B_API_KEY_STAGING` on a `pull_request` trigger"}, "properties": {"repobilityId": 47033, "scanner": "repobility-supply-chain", "fingerprint": "0616a8b892b03e317b9113a0119ff65689de294b186d605dfa12fc2f933e3e2a", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0616a8b892b03e317b9113a0119ff65689de294b186d605dfa12fc2f933e3e2a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sdk_tests.yml"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.E2B_API_KEY_STAGING` on a `pull_request` trigger"}, "properties": {"repobilityId": 47032, "scanner": "repobility-supply-chain", "fingerprint": "e4049cdb164b68c55d727c576cc05eb089e4494900d89344c5b3b65aced780e4", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e4049cdb164b68c55d727c576cc05eb089e4494900d89344c5b3b65aced780e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sdk_tests.yml"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.E2B_API_KEY_STAGING` on a `pull_request` trigger"}, "properties": {"repobilityId": 47031, "scanner": "repobility-supply-chain", "fingerprint": "0976579d2ddfac4ac2b7704fbd38731e826e5de96951c372d862774b4f27057d", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0976579d2ddfac4ac2b7704fbd38731e826e5de96951c372d862774b4f27057d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sdk_tests.yml"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.E2B_API_KEY` on a `pull_request` trigger"}, "properties": {"repobilityId": 47030, "scanner": "repobility-supply-chain", "fingerprint": "634741e69e7d0deac9188475a7402c870f97b723b810b3941e789b082d27bdf2", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|634741e69e7d0deac9188475a7402c870f97b723b810b3941e789b082d27bdf2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sdk_tests.yml"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.E2B_API_KEY` on a `pull_request` trigger"}, "properties": {"repobilityId": 47029, "scanner": "repobility-supply-chain", "fingerprint": "67a9e8dce2ca98acd7e6efabad7511df1736a2c8207bb71de472f9aff6ab31b0", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|67a9e8dce2ca98acd7e6efabad7511df1736a2c8207bb71de472f9aff6ab31b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sdk_tests.yml"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.E2B_API_KEY` on a `pull_request` trigger"}, "properties": {"repobilityId": 47028, "scanner": "repobility-supply-chain", "fingerprint": "a7eaba5cbd27690a2536ae76a179aa1419b9c3f8788524a11a7fc32cf0aefe3f", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a7eaba5cbd27690a2536ae76a179aa1419b9c3f8788524a11a7fc32cf0aefe3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sdk_tests.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "SECR004", "level": "error", "message": {"text": "Password embedded in URL"}, "properties": {"repobilityId": 16763, "scanner": "repobility", "fingerprint": "d3a3890e0a5b09d9c79d7851f4a30221", "category": "credential_exposure", "severity": "critical", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "mysql://user:password@", "aljefra_cwe": ["CWE-200"], "aljefra_owasp": "A07:2021", "aljefra_pattern_slug": "password-in-url"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/python-sdk/e2b/sandbox/mcp.py"}, "region": {"startLine": 240}}}]}, {"ruleId": "SECR004", "level": "error", "message": {"text": "Password embedded in URL"}, "properties": {"repobilityId": 16762, "scanner": "repobility", "fingerprint": "b2ff1897dcc9d3a3355a747922aef792", "category": "credential_exposure", "severity": "critical", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "mysql://user:password@", "aljefra_cwe": ["CWE-200"], "aljefra_owasp": "A07:2021", "aljefra_pattern_slug": "password-in-url"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/sandbox/mcp.d.ts"}, "region": {"startLine": 569}}}]}, {"ruleId": "SECR004", "level": "error", "message": {"text": "Password embedded in URL"}, "properties": {"repobilityId": 16761, "scanner": "repobility", "fingerprint": "f83e668bc38ecb02ff59ee8999305ee4", "category": "credential_exposure", "severity": "critical", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "mysql://user:password@", "aljefra_cwe": ["CWE-200"], "aljefra_owasp": "A07:2021", "aljefra_pattern_slug": "password-in-url"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "spec/mcp-server.json"}, "region": {"startLine": 796}}}]}, {"ruleId": "SSTI001", "level": "error", "message": {"text": "SSTI \u2014 Jinja2 Template from user string"}, "properties": {"repobilityId": 15874, "scanner": "repobility", "fingerprint": "03f4a6f8c4d45f66340f0a41753a3b98", "category": "injection", "severity": "critical", "confidence": 0.85, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"snippet": "Template(\n  args: e2b.paths['/templates']['post']['request", "aljefra_cwe": ["CWE-94"], "aljefra_owasp": "A03:2021", "aljefra_pattern_slug": "ssti-jinja-from-string"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/cli/src/commands/template/build.ts"}, "region": {"startLine": 644}}}]}, {"ruleId": "SEC010", "level": "error", "message": {"text": "[SEC010] Cloud Provider Token: Cloud provider or SaaS API token found in source code."}, "properties": {"repobilityId": 7029, "scanner": "repobility-threat-engine", "fingerprint": "6587a6c3a9507dab25a0303360d1a3d3b85be1c7592002bf9550c00da81d719e", "category": "credential_exposure", "severity": "critical", "confidence": 1.0, "triageState": "fixed", "verdict": "confirmed", "isResolved": true, "reason": "Pattern matched with no mitigating context found Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "AKIAQFCBgoEX3B0eUIGC", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC010", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "secret|token|2|akiaqfcbgoex3b0euigc", "duplicate_count": 1, "duplicate_rule_ids": ["SEC002", "SEC010"], "duplicate_scanners": ["repobility-threat-engine"], "duplicate_fingerprints": ["3666801d15427871399d0867fd2afeba1323db9df6f935c4a2f5df8cf04ac9f2", "6587a6c3a9507dab25a0303360d1a3d3b85be1c7592002bf9550c00da81d719e"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/js-sdk/src/envd/process/process_pb.ts"}, "region": {"startLine": 25}}}]}]}]}