Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo

ros/rosdistro

https://github.com/ros/rosdistro · scanned 2026-05-15 16:00 UTC (2 weeks, 6 days ago) · 10 languages

47 findings (5 legacy + 42 scanner) 70th percentile · Python · small (2-20K LoC) Scanner says 86 (lower by 8)

File as issue Image v2 schema
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 2 weeks, 6 days ago · v1 · 4 findings from 1 source. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.

JSON
Combined
80.8
/100
Repobility
76
4 legacy
9-layer
86
100.0% cov · 0 gaps
Critical
0
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-14-v3
Component Sub-score Weight Contribution
structure_score 55.0 0.15 8.25
security_score 94.2 0.25 23.55
testing_score 85.0 0.20 17.00
documentation_score 79.0 0.15 11.85
practices_score 65.0 0.15 9.75
code_quality 78.3 0.10 7.83
Overall 1.00 78.2
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 0 High 2 Medium 2 Low 0 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Legacy 4 9-layer 0 Crowd 0 Layer: Quality 3 Security 1

All 329 nodes from the latest scan, grouped by kind. Each node is a unit the engine identified (file, function, endpoint, table…). Most users won't need this view — it's primarily for debugging the engine's graph extraction or for AI agents that want to enumerate the project structure.

LabelLayerStatusPath
test_rosdep_duplicates software healthy test/rosdep_duplicates_test.py:10
test_rosdistro_urls software healthy test/rosdistro_check_urls_test.py:14
get_all_distribution_filenames software healthy test/test_url_validity.py:66
get_eol_distribution_filenames software healthy test/test_url_validity.py:78
detect_lines software healthy test/test_url_validity.py:91
check_git_remote_exists software healthy test/test_url_validity.py:108
check_source_repo_entry_for_errors software healthy test/test_url_validity.py:178
check_repo_for_errors software healthy test/test_url_validity.py:213
detect_post_eol_release software healthy test/test_url_validity.py:233
load_yaml_with_lines software healthy test/test_url_validity.py:263
compose_node software healthy test/test_url_validity.py:267
custom_construct_mapping software healthy test/test_url_validity.py:276
isolate_yaml_snippets_from_line_numbers software healthy test/test_url_validity.py:286
main software healthy test/test_url_validity.py:308
test_function software healthy test/test_url_validity.py:378
test_build_caches software healthy test/test_indexes_equal.py:40
__init__ software healthy test/fold_block.py:9
is_ci software healthy test/fold_block.py:37
get_message software healthy test/fold_block.py:40
_get_message_folded software healthy test/fold_block.py:19
get_block_name software healthy test/fold_block.py:25
__enter__ software healthy test/fold_block.py:43
__exit__ software healthy test/fold_block.py:47
_determine_ci_system software healthy test/fold_block.py:52
visitor software healthy test/fold_block.py:53
test software healthy test/rosdep_formatting_test.py:10
test_build_caches software healthy test/test_build_caches.py:16
detect_repo_hook software healthy test/hook_permissions.py:38
__init__ software healthy test/hook_permissions.py:46
get_repo software healthy test/hook_permissions.py:50
check_repo_for_access software healthy test/hook_permissions.py:62
check_hooks_on_repo software healthy test/hook_permissions.py:90
main software healthy test/hook_permissions.py:116
test_verify_files_identical software healthy test/rosdistro_verify_test.py:37
replace_tokens software healthy test/rosdep_repo_check/rpm.py:37
get_primary_name software healthy test/rosdep_repo_check/rpm.py:48
enumerate_base_urls software healthy test/rosdep_repo_check/rpm.py:75
enumerate_rpm_packages software healthy test/rosdep_repo_check/rpm.py:88
enumerate_rpm_packages_from_mirrorlist software healthy test/rosdep_repo_check/rpm.py:163
rpm_base_url software healthy test/rosdep_repo_check/rpm.py:197
rpm_mirrorlist_url software healthy test/rosdep_repo_check/rpm.py:210
__init__ software healthy test/rosdep_repo_check/__init__.py:216
fmt_os software healthy test/rosdep_repo_check/__init__.py:54
is_probably_gzip software healthy test/rosdep_repo_check/__init__.py:58
is_probably_lzma software healthy test/rosdep_repo_check/__init__.py:69
is_probably_zstd software healthy test/rosdep_repo_check/__init__.py:80
open_gz_url software healthy test/rosdep_repo_check/__init__.py:92
open_compressed_url software healthy test/rosdep_repo_check/__init__.py:96
__new__ software healthy test/rosdep_repo_check/__init__.py:142
__iter__ software healthy test/rosdep_repo_check/__init__.py:167

Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.

LabelLayerStatusPath
REVIEW_GUIDELINES.md software healthy REVIEW_GUIDELINES.md
README.md software healthy README.md
CONTRIBUTING.md software healthy CONTRIBUTING.md
index.yaml software healthy index.yaml
index-v4.yaml software healthy index-v4.yaml
distribution.yaml software healthy crystal/distribution.yaml
distribution.yaml software healthy rolling/distribution.yaml
doc-build.yaml software healthy indigo/doc-build.yaml
source-build.yaml software healthy indigo/source-build.yaml
distribution.yaml software healthy indigo/distribution.yaml
release-build.yaml software healthy indigo/release-build.yaml
fuerte-devel.yaml software healthy releases/fuerte-devel.yaml
backports.yaml software healthy releases/backports.yaml
fuerte.yaml software healthy releases/fuerte.yaml
targets.yaml software healthy releases/targets.yaml
distribution.yaml software healthy bouncy/distribution.yaml
distribution.yaml software healthy melodic/distribution.yaml
distribution.yaml software healthy lyrical/distribution.yaml
distribution.yaml software healthy eloquent/distribution.yaml
__init__.py software healthy test/__init__.py
rosdep_duplicates_test.py software healthy test/rosdep_duplicates_test.py
rosdistro_check_urls_test.py software healthy test/rosdistro_check_urls_test.py
test_url_validity.py software healthy test/test_url_validity.py
test_indexes_equal.py software healthy test/test_indexes_equal.py
fold_block.py software healthy test/fold_block.py
rosdep_formatting_test.py software healthy test/rosdep_formatting_test.py
test_build_caches.py software healthy test/test_build_caches.py
requirements.txt software healthy test/requirements.txt
hook_permissions.py software healthy test/hook_permissions.py
rosdistro_verify_test.py software healthy test/rosdistro_verify_test.py
config.yaml software healthy test/rosdep_repo_check/config.yaml
rpm.py software healthy test/rosdep_repo_check/rpm.py
__init__.py software healthy test/rosdep_repo_check/__init__.py
README.md software healthy test/rosdep_repo_check/README.md
config.py software healthy test/rosdep_repo_check/config.py
deb.py software healthy test/rosdep_repo_check/deb.py
test_rosdep_repo_check.py software healthy test/rosdep_repo_check/test_rosdep_repo_check.py
yaml.py software healthy test/rosdep_repo_check/yaml.py
apk.py software healthy test/rosdep_repo_check/apk.py
verify.py software healthy test/rosdep_repo_check/verify.py
suggest.py software healthy test/rosdep_repo_check/suggest.py
__main__.py software healthy test/rosdep_repo_check/__main__.py
pacman.py software healthy test/rosdep_repo_check/pacman.py
layer_index.py software healthy test/rosdep_repo_check/layer_index.py
clean_rosdep_yaml.py software healthy scripts/clean_rosdep_yaml.py
check_duplicates.py software healthy scripts/check_duplicates.py
__init__.py software healthy scripts/__init__.py
sort_yaml.py software healthy scripts/sort_yaml.py
add_release_repo.py software healthy scripts/add_release_repo.py
count_rosdistro_packages.py software healthy scripts/count_rosdistro_packages.py

Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.

LabelLayerStatusPath
crystal software healthy crystal
rolling software healthy rolling
indigo software healthy indigo
releases software healthy releases
bouncy software healthy bouncy
melodic software healthy melodic
lyrical software healthy lyrical
eloquent software healthy eloquent
test software healthy test
rosdep_repo_check software healthy test/rosdep_repo_check
scripts software healthy scripts
groovy software healthy groovy
rosdep software healthy rosdep
foxy software healthy foxy
jade software healthy jade
kinetic software healthy kinetic
iron software healthy iron
doc software healthy doc
scripts software healthy doc/scripts
noetic software healthy noetic
kilted software healthy kilted
dashing software healthy dashing
ardent software healthy ardent
jazzy software healthy jazzy
lunar software healthy lunar
humble software healthy humble
.github software healthy .github
workflows software healthy .github/workflows
hydro software healthy hydro
galactic software healthy galactic
migration-tools software healthy migration-tools

LabelLayerStatusPath
TestUrlValidity software healthy test/test_url_validity.py:376
BaseCiCfg software healthy test/fold_block.py:6
GithubActionsCiCfg software healthy test/fold_block.py:35
GHPRBHookDetector software healthy test/hook_permissions.py:45
SkipPlatform software healthy test/rosdep_repo_check/__init__.py:47
PackageEntry software healthy test/rosdep_repo_check/__init__.py:137
RepositoryCache software healthy test/rosdep_repo_check/__init__.py:152
RepositoryCacheCollection software healthy test/rosdep_repo_check/__init__.py:206
TestRosdepRepositoryCheck software healthy test/rosdep_repo_check/test_rosdep_repo_check.py:86
AnnotatedSafeLoader software healthy test/rosdep_repo_check/yaml.py:31
AnnotatedDict software healthy test/rosdep_repo_check/yaml.py:40
AnnotatedList software healthy test/rosdep_repo_check/yaml.py:47
AnnotatedStr software healthy test/rosdep_repo_check/yaml.py:54
Dependency software healthy test/rosdep_repo_check/apk.py:65

LabelLayerStatusPath
redis data healthy groovy/distribution.yaml
mongodb data healthy rosdep/base.yaml
mysql data healthy rosdep/base.yaml
mariadb data healthy rosdep/base.yaml
postgresql data healthy rosdep/base.yaml
sqlite data healthy rosdep/base.yaml
elasticsearch data healthy rosdep/python.yaml

LabelLayerStatusPath
checks cicd healthy .github/workflows/build_test.yaml
yamllint cicd healthy .github/workflows/build_test.yaml
automated_review cicd healthy .github/workflows/reviewer.yaml
triage cicd healthy .github/workflows/labeler.yaml
stale cicd healthy .github/workflows/stale_labeler.yaml

LabelLayerStatusPath
gha::build_test cicd healthy .github/workflows/build_test.yaml
gha::reviewer cicd healthy .github/workflows/reviewer.yaml
gha::labeler cicd healthy .github/workflows/labeler.yaml
gha::stale_labeler cicd healthy .github/workflows/stale_labeler.yaml

LabelLayerStatusPath
celery data healthy rosdep/python.yaml
pubsub data healthy rosdep/python.yaml

LabelLayerStatusPath
vps::aws hardware healthy rolling/distribution.yaml
vps::azure hardware healthy rolling/distribution.yaml

LabelLayerStatusPath
auth::test/hook_permissions.py security healthy test/hook_permissions.py
auth::rosdep/python.yaml security healthy rosdep/python.yaml

LabelLayerStatusPath
repobility-clone-0ux1n3ht software healthy /tmp/repobility-clone-0ux1n3ht

LabelLayerStatusPath
migrate-rosdistro.py data healthy migration-tools/migrate-rosdistro.py

LabelLayerStatusPath
haproxy network healthy rosdep/base.yaml

LabelLayerStatusPath
gpu (detected) hardware healthy rolling/distribution.yaml

LabelLayerStatusPath
GITHUB_TOKEN cicd healthy
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/426fecd2-3115-406b-a69e-ea1e3bfadd3e/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/426fecd2-3115-406b-a69e-ea1e3bfadd3e/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.