{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "QUAL003", "name": "Magic number used as default arg", "shortDescription": {"text": "Magic number used as default arg"}, "fullDescription": {"text": "Using hardcoded default values for complex configuration objects makes the code brittle and difficult to manage. Consider using a dedicated factory or builder pattern.\n\nAuto-promoted from proposal 444 on 2026-05-12. Synth confidence: 0.85. FP estimate: 0.00."}, "properties": {"scanner": "repobility", "category": "quality", "severity": "medium", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "ERRH002", "name": "Bare except \u2014 overly broad", "shortDescription": {"text": "Bare except \u2014 overly broad"}, "fullDescription": {"text": "AST detector: bare-except-without-pass"}, "properties": {"scanner": "repobility", "category": "error_handling", "severity": "medium", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "CRYP001", "name": "Crypto \u2014 plaintext HTTP for sensitive endpoint", "shortDescription": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "fullDescription": {"text": "Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"scanner": "repobility", "category": "crypto", "severity": "medium", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "DKC013", "name": "Database service has no persistent data volume", "shortDescription": {"text": "Database service has no persistent data volume"}, "fullDescription": {"text": "Database containers store data in the writable container layer unless a volume or bind mount is attached to the image's data directory. Recreating the container can lose state."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "DKR001", "name": "Docker final stage has no non-root USER", "shortDescription": {"text": "Docker final stage has no non-root USER"}, "fullDescription": {"text": "Docker images run as root unless the image or Dockerfile switches to a non-root user."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "DKR003", "name": "Dockerfile base image uses the latest tag", "shortDescription": {"text": "Dockerfile base image uses the latest tag"}, "fullDescription": {"text": "The latest tag is mutable and can change without a code review, producing different images from the same source."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.94, "cwe": "", "owasp": ""}}, {"id": "DKR007", "name": "Docker build context has no .dockerignore", "shortDescription": {"text": "Docker build context has no .dockerignore"}, "fullDescription": {"text": "Without .dockerignore, build context can include source history, local env files, dependencies, and generated artifacts."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "DKR017", "name": "Dockerfile installs dependencies after copying the full source tree", "shortDescription": {"text": "Dockerfile installs dependencies after copying the full source tree"}, "fullDescription": {"text": "When dependency installation comes after COPY ., any source change invalidates the dependency layer and makes Docker rebuild much more slowly."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR002", "name": "[ERR002] Empty Catch Block: Empty catch blocks hide errors.", "shortDescription": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "fullDescription": {"text": "Log the error or rethrow it. Use console.error() at minimum."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "QUAL005", "name": "Cluster of TODOs in one file", "shortDescription": {"text": "Cluster of TODOs in one file"}, "fullDescription": {"text": "Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolved."}, "properties": {"scanner": "repobility", "category": "quality", "severity": "low", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "QUAL004", "name": "Placeholder default username (admin/admin)", "shortDescription": {"text": "Placeholder default username (admin/admin)"}, "fullDescription": {"text": "foo@bar.com / john.doe@example.com / admin/admin / changeme \u2014 typical AI placeholder credentials."}, "properties": {"scanner": "repobility", "category": "quality", "severity": "low", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "DKC010", "name": "Compose service lacks no-new-privileges hardening", "shortDescription": {"text": "Compose service lacks no-new-privileges hardening"}, "fullDescription": {"text": "no-new-privileges prevents processes from gaining additional privileges through setuid binaries or file capabilities."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "DKC006", "name": "Compose service does not declare a runtime user", "shortDescription": {"text": "Compose service does not declare a runtime user"}, "fullDescription": {"text": "If the image does not define USER internally, this service may run as root."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.56, "cwe": "", "owasp": ""}}, {"id": "DKC015", "name": "Database service has no healthcheck", "shortDescription": {"text": "Database service has no healthcheck"}, "fullDescription": {"text": "Compose starts dependent containers in dependency order, but it does not wait for a database to be ready unless a healthcheck is defined and dependents use service_healthy."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "DKC016", "name": "App service does not wait for database health", "shortDescription": {"text": "App service does not wait for database health"}, "fullDescription": {"text": "depends_on controls startup order, but without condition: service_healthy an app can start while the database is still initializing and fail intermittently."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.68, "cwe": "", "owasp": ""}}, {"id": "DKR011", "name": "Dockerfile installs recommended OS packages", "shortDescription": {"text": "Dockerfile installs recommended OS packages"}, "fullDescription": {"text": "Installing recommended packages often pulls in unnecessary runtime surface area."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "DKR002", "name": "Dockerfile base image is selected through a build variable", "shortDescription": {"text": "Dockerfile base image is selected through a build variable"}, "fullDescription": {"text": "Variable-selected base images can be safe, but Repobility cannot verify that the resolved image is pinned."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "info", "confidence": 0.48, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[SEC020] Secret Printed to Logs (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC015", "name": "[SEC015] Insecure Randomness for Security (and 7 more): Same pattern found in 7 additional files. Review if needed.", "shortDescription": {"text": "[SEC015] Insecure Randomness for Security (and 7 more): Same pattern found in 7 additional files. Review if needed."}, "fullDescription": {"text": "Use secrets module (Python) or crypto.getRandomValues() (JS) for security-sensitive randomness."}, "properties": {"scanner": "repobility-threat-engine", "category": "crypto", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "QUAL007", "name": "Imported but never used", "shortDescription": {"text": "Imported but never used"}, "fullDescription": {"text": "AST detector: dead-imports"}, "properties": {"scanner": "repobility", "category": "quality", "severity": "high", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "TEST001", "name": "Phantom test coverage \u2014 test files without real assertions", "shortDescription": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "fullDescription": {"text": "Test function that runs code but contains no assert/expect/should \u2014 passes regardless of behaviour."}, "properties": {"scanner": "repobility", "category": "test_quality", "severity": "high", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "ERRH001", "name": "Bare except: pass \u2014 silent failure", "shortDescription": {"text": "Bare except: pass \u2014 silent failure"}, "fullDescription": {"text": "except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"scanner": "repobility", "category": "error_handling", "severity": "high", "confidence": 0.45, "cwe": "", "owasp": ""}}, {"id": "SUPC001", "name": "Supply chain \u2014 curl | bash anti-pattern", "shortDescription": {"text": "Supply chain \u2014 curl | bash anti-pattern"}, "fullDescription": {"text": "curl ... | sh / bash \u2014 runs unverified network code."}, "properties": {"scanner": "repobility", "category": "supply_chain", "severity": "high", "confidence": 0.85, "cwe": "", "owasp": ""}}, {"id": "DKR014", "name": "Dockerfile copies the entire context without .dockerignore", "shortDescription": {"text": "Dockerfile copies the entire context without .dockerignore"}, "fullDescription": {"text": "COPY . or ADD . sends the full build context to Docker. Without .dockerignore this can include secrets, git history, and local artifacts."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "high", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "DKR006", "name": "Dockerfile pipes a remote script into a shell", "shortDescription": {"text": "Dockerfile pipes a remote script into a shell"}, "fullDescription": {"text": "Piping downloaded code directly into a shell bypasses checksum verification and makes builds dependent on mutable remote content."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "high", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "DKC007", "name": "Compose service contains a literal secret environment value", "shortDescription": {"text": "Compose service contains a literal secret environment value"}, "fullDescription": {"text": "Literal secrets in Compose files are committed to source and exposed through container inspection."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "critical", "confidence": 0.96, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/321"}, "properties": {"repository": "firecrawl/firecrawl", "repoUrl": "https://github.com/firecrawl/firecrawl", "branch": "main"}, "results": [{"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21824, "scanner": "repobility", "fingerprint": "573c98c9bc5e94fa1a678b70536f4a60", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 10", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/transformers/sendToSearchIndex.ts"}, "region": {"startLine": 58}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21823, "scanner": "repobility", "fingerprint": "bfe2e7ce478bbe1df7cb1dd0c34168b1", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 30", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/methods/aio/browser.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21822, "scanner": "repobility", "fingerprint": "7d7569f95b9270a62006170e68aec1bb", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 300", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/methods/aio/browser.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21821, "scanner": "repobility", "fingerprint": "0759b8dc8d532f3ce99c1300235e262e", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 30", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/methods/browser.py"}, "region": {"startLine": 118}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21820, "scanner": "repobility", "fingerprint": "beed78e30453cce3aa78dfb7e7a9637c", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 300", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/methods/browser.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21819, "scanner": "repobility", "fingerprint": "37e309905618db3cc6b6bb9a5993f4bb", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 30", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/client.py"}, "region": {"startLine": 1108}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21818, "scanner": "repobility", "fingerprint": "f3d73fbb636b4047b37f776efd346f6b", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 300", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/client.py"}, "region": {"startLine": 1077}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21817, "scanner": "repobility", "fingerprint": "7a53ba2089b505463cc1d92b5703fbae", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 30", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/client_async.py"}, "region": {"startLine": 561}}}]}, {"ruleId": "QUAL003", "level": "warning", "message": {"text": "Magic number used as default arg"}, "properties": {"repobilityId": 21816, "scanner": "repobility", "fingerprint": "695b2e161770973aac63625143074d05", "category": "quality", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "default 300", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "magic-number-default"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/client_async.py"}, "region": {"startLine": 530}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18431, "scanner": "repobility", "fingerprint": "80e91a5c84c4050a45f85cc011f7d64e", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/gemini-2.0-crawler/gemini-2.0-crawler.py"}, "region": {"startLine": 240}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18430, "scanner": "repobility", "fingerprint": "dfdcd5d80f4334ac92974a76f35ee498", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/gemini-2.0-crawler/gemini-2.0-crawler.py"}, "region": {"startLine": 345}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18429, "scanner": "repobility", "fingerprint": "1c9a692e26e0c507648bfbcffa88210a", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/gemini-2.0-crawler/gemini-2.0-crawler.py"}, "region": {"startLine": 247}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18428, "scanner": "repobility", "fingerprint": "078ec1147f52475a5747d7d7187b0eae", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/gemini-2.0-crawler/gemini-2.0-crawler.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18427, "scanner": "repobility", "fingerprint": "386b852746f0fe1b78745465e3dea317", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/gemini-2.0-crawler/gemini-2.0-crawler.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18420, "scanner": "repobility", "fingerprint": "f9c51a6e421365f7965f94000a264ac6", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/crm_lead_enrichment/crm_lead_enrichment.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18419, "scanner": "repobility", "fingerprint": "7b23bcc45c6d7377747102bd1c5a9982", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/crm_lead_enrichment/crm_lead_enrichment.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18418, "scanner": "repobility", "fingerprint": "f83dd70d70289226e89eff7e02f0cd80", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/crm_lead_enrichment/crm_lead_enrichment.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "ERRH002", "level": "warning", "message": {"text": "Bare except \u2014 overly broad"}, "properties": {"repobilityId": 18417, "scanner": "repobility", "fingerprint": "ec306cc80cf7b5b5598c6d7025936b18", "category": "error_handling", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "bare except handler (caught Exception)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-without-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/examples/crm_lead_enrichment/crm_lead_enrichment.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13596, "scanner": "repobility", "fingerprint": "8ee92589242f21a20cb562bd085a3968", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/native/src/html.rs"}, "region": {"startLine": 767}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13595, "scanner": "repobility", "fingerprint": "9e5c3ee2eee53ae3694eaf35a75c99aa", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/native/src/html.rs"}, "region": {"startLine": 86}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13594, "scanner": "repobility", "fingerprint": "7eebd8afb0b2818c3fedb68f32b74596", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/native/src/html.rs"}, "region": {"startLine": 85}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13593, "scanner": "repobility", "fingerprint": "23b4502bf0eba001d629d792f32a59cd", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/v0/scrape.test.ts"}, "region": {"startLine": 47}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13592, "scanner": "repobility", "fingerprint": "ee4623dd18bff1a4b483175098a39bed", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/mocks/mocking-works-properly.json"}, "region": {"startLine": 8}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13591, "scanner": "repobility", "fingerprint": "1d5742edc3afdb36b9f404a9fb208e6b", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/v2/scrape.test.ts"}, "region": {"startLine": 177}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13590, "scanner": "repobility", "fingerprint": "2d945bbac2e6182b8e7a3468571654b4", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/v2/types-validation.test.ts"}, "region": {"startLine": 998}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13589, "scanner": "repobility", "fingerprint": "bd462404a5a4b68b415a267fa357d3c8", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/v2/map.test.ts"}, "region": {"startLine": 133}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13588, "scanner": "repobility", "fingerprint": "ca539aaf8e2eb89fd53c3f0707dd4275", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/v1/scrape.test.ts"}, "region": {"startLine": 144}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13587, "scanner": "repobility", "fingerprint": "d038c61ec84aa6602a6438f1181f368b", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/v1/types-validation.test.ts"}, "region": {"startLine": 691}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13586, "scanner": "repobility", "fingerprint": "709f3583a512db5efcb67b464f06622b", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/snips/wikipedia-url-parser.test.ts"}, "region": {"startLine": 296}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13585, "scanner": "repobility", "fingerprint": "8192f0846ec6caf8df86dbb46d72604a", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/lib/search-query-builder.test.ts"}, "region": {"startLine": 131}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13584, "scanner": "repobility", "fingerprint": "41867fa8bb90cc197862146ec22b9b7a", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/e2e_v1_withAuth/index.test.ts"}, "region": {"startLine": 163}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13583, "scanner": "repobility", "fingerprint": "dbd05e5b3e377c99303c9ff9c4b21e5e", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/__tests__/e2e_v1_withAuth_all_params/index.test.ts"}, "region": {"startLine": 8}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13581, "scanner": "repobility", "fingerprint": "4483c5538136b0e627523a9737d2fbde", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 284}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13580, "scanner": "repobility", "fingerprint": "cef912ffef89186d4c78673a9667c950", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 249}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13579, "scanner": "repobility", "fingerprint": "2639279390b29d4c84353849a1df8efe", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 245}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13577, "scanner": "repobility", "fingerprint": "1692eaaa734ad3a9d86c39a06fed2550", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 222}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13576, "scanner": "repobility", "fingerprint": "392619ba087ecf74b0c226cf69c127df", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 183}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13575, "scanner": "repobility", "fingerprint": "92b30e4b8f131a503423c4f6a34b4312", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 175}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13574, "scanner": "repobility", "fingerprint": "82923fb90118feaf46571f735fb8a9ed", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 20}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13573, "scanner": "repobility", "fingerprint": "0e1510ed7c4f9b10fdd3f28b7a1c2f6b", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/helpers/__tests__/source-tracker.test.ts"}, "region": {"startLine": 16}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13572, "scanner": "repobility", "fingerprint": "937045b163ca6e4753d34ccf1acfb49f", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/extract/extraction-service.ts"}, "region": {"startLine": 1058}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13571, "scanner": "repobility", "fingerprint": "7e536c897c4410a46ad42d9f2006a836", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/branding/merge.ts"}, "region": {"startLine": 78}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13570, "scanner": "repobility", "fingerprint": "57959ceaa417e5440d4c1bf7874adbe3", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/__tests__/html-transformer.test.ts"}, "region": {"startLine": 481}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13569, "scanner": "repobility", "fingerprint": "7fa13c71424f5dd5d3042933906b1584", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/__tests__/html-transformer.test.ts"}, "region": {"startLine": 463}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13568, "scanner": "repobility", "fingerprint": "d9faa3747a258ba96535305881fcc96d", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.ts"}, "region": {"startLine": 200}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13567, "scanner": "repobility", "fingerprint": "a33da612bb96367658ec135d454af4da", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.ts"}, "region": {"startLine": 137}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13566, "scanner": "repobility", "fingerprint": "78f4b17d8e8050bb0bac2cdb07c03f21", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.ts"}, "region": {"startLine": 54}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13565, "scanner": "repobility", "fingerprint": "244149a2a3c8acb97449475b3a88e3e2", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.ts"}, "region": {"startLine": 24}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13564, "scanner": "repobility", "fingerprint": "51bbcbcf0815d0152fe6b0744ab5ee9e", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 114}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13563, "scanner": "repobility", "fingerprint": "eb8063f4450e31527f1138e1b7bbfdc3", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 108}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13562, "scanner": "repobility", "fingerprint": "e87e88ec8fbf0468f26bca844f86cf6b", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 102}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13561, "scanner": "repobility", "fingerprint": "99ea25f2d1e2a19b6a2a9e14f7b234b4", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 99}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13560, "scanner": "repobility", "fingerprint": "158201bca3a343047434c02375ca0ffe", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 96}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13559, "scanner": "repobility", "fingerprint": "b0109c2ad28002942c38df1cb6f3af5e", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 93}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13558, "scanner": "repobility", "fingerprint": "4717f0a01d63841b59dfe53c9f2487a0", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 90}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13557, "scanner": "repobility", "fingerprint": "04fcb78dae4521f6df8ff36fa7ebd858", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 85}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13556, "scanner": "repobility", "fingerprint": "de13257637431a5cd8cb4563840050ae", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 82}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13555, "scanner": "repobility", "fingerprint": "e9bb06dcfc06fc8b1629861a9abfab33", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/permu-refactor.test.ts"}, "region": {"startLine": 79}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13554, "scanner": "repobility", "fingerprint": "acc4d685834d821c068d4eafbe9dac60", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 78}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13553, "scanner": "repobility", "fingerprint": "3eb540cb01021ed4fb4af68784e6af30", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 72}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13552, "scanner": "repobility", "fingerprint": "3324889a0d32796e0e4db9eafa863f99", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 71}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13551, "scanner": "repobility", "fingerprint": "475441dccaebc65cfbc6742b8dd3811b", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 64}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13550, "scanner": "repobility", "fingerprint": "0b1300a5e60c044dcb2e7972230fe5d1", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 63}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13549, "scanner": "repobility", "fingerprint": "f95329bcd150f50560a7d629da2e6767", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 56}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13548, "scanner": "repobility", "fingerprint": "bda68c58a743f0cf254470ed0ffef165", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 45}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13547, "scanner": "repobility", "fingerprint": "78d56d536ba25854b9340b5f053aad22", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 37}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13546, "scanner": "repobility", "fingerprint": "363efcd54d09bdf66ee3e4cbb3ad0047", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 16}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13545, "scanner": "repobility", "fingerprint": "5ac11015df910440bce9ef207ca9674a", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/validateUrl.test.ts"}, "region": {"startLine": 6}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13544, "scanner": "repobility", "fingerprint": "88a37990b334e93429e0825ba608b6b3", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 42}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13543, "scanner": "repobility", "fingerprint": "51b5b41eb6312239ddc708f0655db135", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 41}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13542, "scanner": "repobility", "fingerprint": "2a416559f30aef35041e30a439cb2994", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 40}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13541, "scanner": "repobility", "fingerprint": "0247b5f3742b831559416dd42c50f5d8", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 28}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13540, "scanner": "repobility", "fingerprint": "3afc60fcf63510220413c5c2d397fe7a", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 26}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13539, "scanner": "repobility", "fingerprint": "0992a0ef2f1b74e5fd9fd149f5697595", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 23}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13538, "scanner": "repobility", "fingerprint": "b54ddd5411cf49b6116e517a0561637b", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 22}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13537, "scanner": "repobility", "fingerprint": "3ebaf1ffd126bb48ef5a049a6dffca7f", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 21}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13536, "scanner": "repobility", "fingerprint": "5b6032c58a3d567c92516adec6a844a1", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 20}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13535, "scanner": "repobility", "fingerprint": "1aa92be72fc631b5dc13457746583fbc", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/crawl-redis.test.ts"}, "region": {"startLine": 19}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13534, "scanner": "repobility", "fingerprint": "625838454429070ccbe608cc718df701", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/services/agentLivecastWS.ts"}, "region": {"startLine": 27}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13533, "scanner": "repobility", "fingerprint": "f8628e798ef719ba846c8ab430bb9d0d", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/services/redlock.ts"}, "region": {"startLine": 11}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13532, "scanner": "repobility", "fingerprint": "cfa0da5dd99c91a70873a3490ac1592f", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/services/ab-test.ts"}, "region": {"startLine": 46}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13531, "scanner": "repobility", "fingerprint": "a05b43532d94a54237f8e823d0530771", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/engines/fire-engine/branding-script/images.ts"}, "region": {"startLine": 787}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13530, "scanner": "repobility", "fingerprint": "402413084b9da4368f6bb7f906ae3038", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/engines/fire-engine/branding-script/images.ts"}, "region": {"startLine": 751}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13529, "scanner": "repobility", "fingerprint": "1eef40ec5f7aff92057940da41bd550f", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/engines/fire-engine/branding-script/images.ts"}, "region": {"startLine": 526}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13528, "scanner": "repobility", "fingerprint": "7d3059938efcf7502c2397bf693e290e", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/engines/fire-engine/branding-script/images.ts"}, "region": {"startLine": 199}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13527, "scanner": "repobility", "fingerprint": "5fc6bf2743fc126730e9a3fd8c4f7566", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/engines/fire-engine/branding-script/svg-utils.ts"}, "region": {"startLine": 44}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13526, "scanner": "repobility", "fingerprint": "7e0ce47d80d850947d042482bf34cdf2", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/engines/utils/safeFetch.ts"}, "region": {"startLine": 27}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13525, "scanner": "repobility", "fingerprint": "c5adc7c842cafe1183ce9fb7e360e991", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/__tests__/rewriteUrl.test.ts"}, "region": {"startLine": 35}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13524, "scanner": "repobility", "fingerprint": "a300abfbf5b94da54b550b658b0b3e5f", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/__tests__/rewriteUrl.test.ts"}, "region": {"startLine": 33}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13523, "scanner": "repobility", "fingerprint": "75f57756c8ec76f96355742bb6e5614b", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/rewriteUrl.ts"}, "region": {"startLine": 38}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13522, "scanner": "repobility", "fingerprint": "d6cf198f4e36839f6ca73e8fa60174d1", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/rewriteUrl.ts"}, "region": {"startLine": 30}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13521, "scanner": "repobility", "fingerprint": "bffaf07b414224a92ef6bda3fcec1dd2", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/rewriteUrl.ts"}, "region": {"startLine": 18}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13520, "scanner": "repobility", "fingerprint": "34e9040f5c99e9985f7a3419a87f8e55", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/rewriteUrl.ts"}, "region": {"startLine": 6}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13519, "scanner": "repobility", "fingerprint": "4297a1bcebf91422b004b085e5dcc467", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/extractImages.ts"}, "region": {"startLine": 32}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13518, "scanner": "repobility", "fingerprint": "4bb186ad77905ddc51bd10a4144069a7", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/lib/extractLinks.ts"}, "region": {"startLine": 30}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13517, "scanner": "repobility", "fingerprint": "1a824d65906765a149db0babdb494ee6", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/error.ts"}, "region": {"startLine": 77}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13516, "scanner": "repobility", "fingerprint": "b1b5db43a19a8a644be781837ac458a5", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 62}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13515, "scanner": "repobility", "fingerprint": "240e6ce8bc7a5dd9c0f4a8af784e82e9", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 57}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13514, "scanner": "repobility", "fingerprint": "0e1f8fb139566efc11155a8ce0e3c2a0", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 52}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13513, "scanner": "repobility", "fingerprint": "a31c435129e8d33289f810b074ba2663", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 51}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13512, "scanner": "repobility", "fingerprint": "9ce5191607a4cc593c554c4741b3a268", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 45}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13511, "scanner": "repobility", "fingerprint": "28d3b82859de4fe425f0ec7a0709082f", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 42}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13510, "scanner": "repobility", "fingerprint": "2c99028151e4ccfa004ab8bf9b58b851", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 41}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13509, "scanner": "repobility", "fingerprint": "c04c8c0b7015334556230af168b6d277", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 32}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13508, "scanner": "repobility", "fingerprint": "9fa7b48f20a6e494275dab57404be362", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 28}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13507, "scanner": "repobility", "fingerprint": "82897793c76a94cc702f84d158a8d32a", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/__tests__/urlValidation.test.ts"}, "region": {"startLine": 9}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13506, "scanner": "repobility", "fingerprint": "918fb2567cccf44c4b91222c9ba48cca", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/types.ts"}, "region": {"startLine": 37}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13505, "scanner": "repobility", "fingerprint": "e7f1caa0082129b1b0355f637ea105de", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v2/types.ts"}, "region": {"startLine": 34}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13504, "scanner": "repobility", "fingerprint": "a34180917a29fca64d1fe9afa9194909", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/aio/test_batch_request_preparation_async.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13503, "scanner": "repobility", "fingerprint": "c4940158167726efa7902ae94ea1bf10", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/aio/test_batch_request_preparation_async.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13502, "scanner": "repobility", "fingerprint": "42fbe7ac87d9cbd7781756e37023042a", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_batch_request_preparation.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13501, "scanner": "repobility", "fingerprint": "700d2d078472b435b151a0d9328a07e2", "category": "crypto", "severity": "medium", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_batch_request_preparation.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13500, "scanner": "repobility", "fingerprint": "d97689e1a54bdc6e4e0fc594a3672a62", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/methods/batch.py"}, "region": {"startLine": 410}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13499, "scanner": "repobility", "fingerprint": "5280528ee00e368407ceab298caeea74", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/methods/batch.py"}, "region": {"startLine": 409}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13498, "scanner": "repobility", "fingerprint": "1a0495aca1cef38a90b25a6c0b8f9b0f", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher_async.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13497, "scanner": "repobility", "fingerprint": "5c95acc7caf682225ceba2b26d61a681", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher.py"}, "region": {"startLine": 84}}}]}, {"ruleId": "CRYP001", "level": "warning", "message": {"text": "Crypto \u2014 plaintext HTTP for sensitive endpoint"}, "properties": {"repobilityId": 13496, "scanner": "repobility", "fingerprint": "cb61f354dc76d56f6dadde09d628bd26", "category": "crypto", "severity": "medium", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "http://", "aljefra_cwe": ["CWE-319"], "aljefra_owasp": "A02:2021", "aljefra_pattern_slug": "http-not-https"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 27}}}]}, {"ruleId": "DKC013", "level": "warning", "message": {"text": "Database service has no persistent data volume"}, "properties": {"repobilityId": 10144, "scanner": "repobility-docker", "fingerprint": "d285e6c9c6f0c1bafd5919cce7658d8c0e30ff628a49077d156af3cd8b7cb81c", "category": "docker", "severity": "medium", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Database-like service does not mount a known data directory.", "evidence": {"rule_id": "DKC013", "scanner": "repobility-docker", "service": "rabbitmq", "references": ["https://docs.docker.com/engine/storage/volumes/"], "correlation_key": "fp|d285e6c9c6f0c1bafd5919cce7658d8c0e30ff628a49077d156af3cd8b7cb81c", "expected_targets": ["/var/lib/rabbitmq"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 132}}}]}, {"ruleId": "DKC013", "level": "warning", "message": {"text": "Database service has no persistent data volume"}, "properties": {"repobilityId": 10142, "scanner": "repobility-docker", "fingerprint": "4de3235ae620404f183342dd175f5d84380fffd18c994eeaf96a9522e862a135", "category": "docker", "severity": "medium", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Database-like service does not mount a known data directory.", "evidence": {"rule_id": "DKC013", "scanner": "repobility-docker", "service": "redis", "references": ["https://docs.docker.com/engine/storage/volumes/"], "correlation_key": "fp|4de3235ae620404f183342dd175f5d84380fffd18c994eeaf96a9522e862a135", "expected_targets": ["/data"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 115}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 10133, "scanner": "repobility-docker", "fingerprint": "91be742b3828acea5bf43c908c17d5048354237b9f5fb98a3d5e95536af1bc3e", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "bitnami/redis:${REDIS_VERSION}", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|91be742b3828acea5bf43c908c17d5048354237b9f5fb98a3d5e95536af1bc3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/redis/Dockerfile"}, "region": {"startLine": 2}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 10131, "scanner": "repobility-docker", "fingerprint": "b8f3a19f48531934098ec8af2dde3e0f65d6fba8e5e148c555f30ca1989bc403", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "node:18-slim", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|b8f3a19f48531934098ec8af2dde3e0f65d6fba8e5e148c555f30ca1989bc403"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/playwright-service-ts/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 10129, "scanner": "repobility-docker", "fingerprint": "95df9f4dce8819cd780cc2c075387065712a9c58c1b3bfcc91917deb44dbd174", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "postgres:${PG_MAJOR}", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|95df9f4dce8819cd780cc2c075387065712a9c58c1b3bfcc91917deb44dbd174"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/nuq-postgres/Dockerfile"}, "region": {"startLine": 4}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 10127, "scanner": "repobility-docker", "fingerprint": "327428c36e39ace00ed4d9a003f458d87c15594a6245c2a14e4e3029617a63f1", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "alpine:latest", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|327428c36e39ace00ed4d9a003f458d87c15594a6245c2a14e4e3029617a63f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/go-html-to-md-service/Dockerfile"}, "region": {"startLine": 23}}}]}, {"ruleId": "DKR003", "level": "warning", "message": {"text": "Dockerfile base image uses the latest tag"}, "properties": {"repobilityId": 10126, "scanner": "repobility-docker", "fingerprint": "664e43a135cfac05c511c188550291c54d3d439c95f38e4625524471b6fb010b", "category": "docker", "severity": "medium", "confidence": 0.94, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Image tag is latest.", "evidence": {"image": "alpine:latest", "rule_id": "DKR003", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|664e43a135cfac05c511c188550291c54d3d439c95f38e4625524471b6fb010b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/go-html-to-md-service/Dockerfile"}, "region": {"startLine": 23}}}]}, {"ruleId": "DKR007", "level": "warning", "message": {"text": "Docker build context has no .dockerignore"}, "properties": {"repobilityId": 10124, "scanner": "repobility-docker", "fingerprint": "c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Dockerfile exists but repository root has no .dockerignore.", "evidence": {"rule_id": "DKR007", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 10123, "scanner": "repobility-docker", "fingerprint": "068172d2e3b638bc234642cf2f73ae86dee4d02b1187fad487207b26da3b14fb", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "base", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|068172d2e3b638bc234642cf2f73ae86dee4d02b1187fad487207b26da3b14fb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/Dockerfile"}, "region": {"startLine": 55}}}]}, {"ruleId": "DKR017", "level": "warning", "message": {"text": "Dockerfile installs dependencies after copying the full source tree"}, "properties": {"repobilityId": 10122, "scanner": "repobility-docker", "fingerprint": "60d78b213d5ac0e11ee23fe6e09f2907e0b0f77bff7c89933eb309c0bb21a42e", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Broad context copy at line 40 appears before dependency installation.", "evidence": {"rule_id": "DKR017", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "broad_copy_line": 40, "correlation_key": "fp|60d78b213d5ac0e11ee23fe6e09f2907e0b0f77bff7c89933eb309c0bb21a42e", "dependency_install_line": 43}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/Dockerfile"}, "region": {"startLine": 43}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 10116, "scanner": "repobility-threat-engine", "fingerprint": "c8a0113c0e5db4ad2d4f4ebd42e4821000360bfed0229c9ac18e334ad3b32a0e", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n                pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c8a0113c0e5db4ad2d4f4ebd42e4821000360bfed0229c9ac18e334ad3b32a0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 10115, "scanner": "repobility-threat-engine", "fingerprint": "e24064ce8a8b6eb9be1bb50c035ea6cddee6a81adafdb104264d05ff75ff5167", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n                    pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e24064ce8a8b6eb9be1bb50c035ea6cddee6a81adafdb104264d05ff75ff5167"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher_async.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 10114, "scanner": "repobility-threat-engine", "fingerprint": "ff71a39e1cf70f3a211e7fb23e61405de812414a309fabf0a719e51fa2b79221", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n                        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|ff71a39e1cf70f3a211e7fb23e61405de812414a309fabf0a719e51fa2b79221"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v1/client.py"}, "region": {"startLine": 3265}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 10108, "scanner": "repobility-threat-engine", "fingerprint": "6a5c33340f8b1ab134921f69b697e6b9d14db2162248c9711b1eb73f57eeb993", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "catch (_) {}", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|6a5c33340f8b1ab134921f69b697e6b9d14db2162248c9711b1eb73f57eeb993"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v1/map.ts"}, "region": {"startLine": 154}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 10107, "scanner": "repobility-threat-engine", "fingerprint": "b0122e24d31138fe707fbd5d4c3e8f9cbd9cb361ca73790fdd1a07cd5206d240", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "catch (_) {}", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b0122e24d31138fe707fbd5d4c3e8f9cbd9cb361ca73790fdd1a07cd5206d240"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/v0/crawl.ts"}, "region": {"startLine": 219}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 10106, "scanner": "repobility-threat-engine", "fingerprint": "c781061ceee1a233d281a3bc5c75127736e0797c292677a22ec7465b29549626", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "catch (error) {}", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c781061ceee1a233d281a3bc5c75127736e0797c292677a22ec7465b29549626"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/services/redis.ts"}, "region": {"startLine": 14}}}]}, {"ruleId": "QUAL005", "level": "note", "message": {"text": "Cluster of TODOs in one file"}, "properties": {"repobilityId": 22166, "scanner": "repobility", "fingerprint": "d4c6fefd7d397e13f7eea5989ace5e46", "category": "quality", "severity": "low", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "TODO: Implement", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "todo-bomb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/transformers/llmExtract.ts"}, "region": {"startLine": 1075}}}]}, {"ruleId": "QUAL004", "level": "note", "message": {"text": "Placeholder default username (admin/admin)"}, "properties": {"repobilityId": 22041, "scanner": "repobility", "fingerprint": "f5a7c843869515db17a66faa7be4b8a7", "category": "quality", "severity": "low", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "john.doe@", "aljefra_cwe": ["CWE-1392", "CWE-798"], "aljefra_owasp": null, "aljefra_pattern_slug": "placeholder-default-username"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/__tests__/merge-null-val-objs.test.ts"}, "region": {"startLine": 88}}}]}, {"ruleId": "QUAL004", "level": "note", "message": {"text": "Placeholder default username (admin/admin)"}, "properties": {"repobilityId": 22040, "scanner": "repobility", "fingerprint": "e20fd8b048598d0e58310b47aadcba0f", "category": "quality", "severity": "low", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "john.doe@", "aljefra_cwe": ["CWE-1392", "CWE-798"], "aljefra_owasp": null, "aljefra_pattern_slug": "placeholder-default-username"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/lib/__tests__/merge-null-val-objs.test.ts"}, "region": {"startLine": 72}}}]}, {"ruleId": "DKC010", "level": "note", "message": {"text": "Compose service lacks no-new-privileges hardening"}, "properties": {"repobilityId": 10147, "scanner": "repobility-docker", "fingerprint": "85f0e74bdb3f1b9edd1c79cc032fe201c2fdce3bc9790c671739d3a811d8e3ee", "category": "docker", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "App-like service has no security_opt no-new-privileges setting.", "evidence": {"rule_id": "DKC010", "scanner": "repobility-docker", "service": "nuq-postgres", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|85f0e74bdb3f1b9edd1c79cc032fe201c2fdce3bc9790c671739d3a811d8e3ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 150}}}]}, {"ruleId": "DKC006", "level": "note", "message": {"text": "Compose service does not declare a runtime user"}, "properties": {"repobilityId": 10145, "scanner": "repobility-docker", "fingerprint": "1bdb751f22936df5214f48e4601e4cfdea4fa81e38c3a2f98374f3ec39001fdd", "category": "docker", "severity": "low", "confidence": 0.56, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Service has no user setting and Repobility could not prove the image runs non-root.", "evidence": {"rule_id": "DKC006", "scanner": "repobility-docker", "service": "nuq-postgres", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|1bdb751f22936df5214f48e4601e4cfdea4fa81e38c3a2f98374f3ec39001fdd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 150}}}]}, {"ruleId": "DKC015", "level": "note", "message": {"text": "Database service has no healthcheck"}, "properties": {"repobilityId": 10143, "scanner": "repobility-docker", "fingerprint": "c4f45757db2253e8366342822022d3fbaa4824e6c19e0b6acae90055a1a8dd5e", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Database-like service has no Compose healthcheck.", "evidence": {"rule_id": "DKC015", "scanner": "repobility-docker", "service": "redis", "references": ["https://docs.docker.com/compose/how-tos/startup-order/"], "correlation_key": "fp|c4f45757db2253e8366342822022d3fbaa4824e6c19e0b6acae90055a1a8dd5e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 115}}}]}, {"ruleId": "DKC016", "level": "note", "message": {"text": "App service does not wait for database health"}, "properties": {"repobilityId": 10141, "scanner": "repobility-docker", "fingerprint": "be1d3911f7d6597ea0b74efb1a64616ab1c7a3988420884339de13a5bb5a66cf", "category": "docker", "severity": "low", "confidence": 0.68, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "App depends on a database-like service without a health-gated dependency.", "evidence": {"rule_id": "DKC016", "scanner": "repobility-docker", "service": "api", "dependency": "redis", "references": ["https://docs.docker.com/compose/how-tos/startup-order/"], "correlation_key": "fp|be1d3911f7d6597ea0b74efb1a64616ab1c7a3988420884339de13a5bb5a66cf", "dependency_has_healthcheck": false}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 88}}}]}, {"ruleId": "DKC010", "level": "note", "message": {"text": "Compose service lacks no-new-privileges hardening"}, "properties": {"repobilityId": 10140, "scanner": "repobility-docker", "fingerprint": "c008900d9b3be8177d1fde85f8c10051345eba67dde51ddb2965cb4bf1b8f9d7", "category": "docker", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "App-like service has no security_opt no-new-privileges setting.", "evidence": {"rule_id": "DKC010", "scanner": "repobility-docker", "service": "api", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|c008900d9b3be8177d1fde85f8c10051345eba67dde51ddb2965cb4bf1b8f9d7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 88}}}]}, {"ruleId": "DKC006", "level": "note", "message": {"text": "Compose service does not declare a runtime user"}, "properties": {"repobilityId": 10138, "scanner": "repobility-docker", "fingerprint": "5d13ad20318231f5d1e61121b436dfbceafc01c0d325b2ff182b61f35f757e5c", "category": "docker", "severity": "low", "confidence": 0.56, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Service has no user setting and Repobility could not prove the image runs non-root.", "evidence": {"rule_id": "DKC006", "scanner": "repobility-docker", "service": "api", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|5d13ad20318231f5d1e61121b436dfbceafc01c0d325b2ff182b61f35f757e5c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 88}}}]}, {"ruleId": "DKC010", "level": "note", "message": {"text": "Compose service lacks no-new-privileges hardening"}, "properties": {"repobilityId": 10137, "scanner": "repobility-docker", "fingerprint": "82fa31b577dced4dcea54477fdac90390733e95bfba17ff393d4954cf33d5ab3", "category": "docker", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "App-like service has no security_opt no-new-privileges setting.", "evidence": {"rule_id": "DKC010", "scanner": "repobility-docker", "service": "playwright-service", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|82fa31b577dced4dcea54477fdac90390733e95bfba17ff393d4954cf33d5ab3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 59}}}]}, {"ruleId": "DKC006", "level": "note", "message": {"text": "Compose service does not declare a runtime user"}, "properties": {"repobilityId": 10136, "scanner": "repobility-docker", "fingerprint": "2845070387459ece67fed05a17c140c804a20ab8ecac509b130190d5a8808f92", "category": "docker", "severity": "low", "confidence": 0.56, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Service has no user setting and Repobility could not prove the image runs non-root.", "evidence": {"rule_id": "DKC006", "scanner": "repobility-docker", "service": "playwright-service", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|2845070387459ece67fed05a17c140c804a20ab8ecac509b130190d5a8808f92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 59}}}]}, {"ruleId": "DKC010", "level": "note", "message": {"text": "Compose service lacks no-new-privileges hardening"}, "properties": {"repobilityId": 10135, "scanner": "repobility-docker", "fingerprint": "fc4ee669ba61a16cacb9f13cb6785f8ac4fc44e9b986df146310151dd579fe45", "category": "docker", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "App-like service has no security_opt no-new-privileges setting.", "evidence": {"rule_id": "DKC010", "scanner": "repobility-docker", "service": "html-to-markdown", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|fc4ee669ba61a16cacb9f13cb6785f8ac4fc44e9b986df146310151dd579fe45"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/go-html-to-md-service/docker-compose.yml"}, "region": {"startLine": 3}}}]}, {"ruleId": "DKC006", "level": "note", "message": {"text": "Compose service does not declare a runtime user"}, "properties": {"repobilityId": 10134, "scanner": "repobility-docker", "fingerprint": "65b86af40a59656ee7cc49b760c3c7a1ef2bb3fb89eef329a145de726ecc9cd8", "category": "docker", "severity": "low", "confidence": 0.56, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Service has no user setting and Repobility could not prove the image runs non-root.", "evidence": {"rule_id": "DKC006", "scanner": "repobility-docker", "service": "html-to-markdown", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|65b86af40a59656ee7cc49b760c3c7a1ef2bb3fb89eef329a145de726ecc9cd8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/go-html-to-md-service/docker-compose.yml"}, "region": {"startLine": 3}}}]}, {"ruleId": "DKR011", "level": "note", "message": {"text": "Dockerfile installs recommended OS packages"}, "properties": {"repobilityId": 10121, "scanner": "repobility-docker", "fingerprint": "e2d7f1ca0dd7249b1bee6e0e7abca0591e4a899e754fb7a030cb50fd8be9838d", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "apt install appears without --no-install-recommends.", "evidence": {"rule_id": "DKR011", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|e2d7f1ca0dd7249b1bee6e0e7abca0591e4a899e754fb7a030cb50fd8be9838d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/Dockerfile"}, "region": {"startLine": 58}}}]}, {"ruleId": "DKR011", "level": "note", "message": {"text": "Dockerfile installs recommended OS packages"}, "properties": {"repobilityId": 10118, "scanner": "repobility-docker", "fingerprint": "74efc4d29e64f1797bbf933f95052d414e93c63dfb2a8fd50d180c05c22b5aad", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "apt install appears without --no-install-recommends.", "evidence": {"rule_id": "DKR011", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|74efc4d29e64f1797bbf933f95052d414e93c63dfb2a8fd50d180c05c22b5aad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/Dockerfile"}, "region": {"startLine": 23}}}]}, {"ruleId": "DKR002", "level": "none", "message": {"text": "Dockerfile base image is selected through a build variable"}, "properties": {"repobilityId": 10132, "scanner": "repobility-docker", "fingerprint": "53e58612dbb19b1ad8392da3077dadd494107278b8106194735e105678ac7078", "category": "docker", "severity": "info", "confidence": 0.48, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Base image contains a variable; manual review is needed to avoid false positives.", "evidence": {"image": "bitnami/redis:${REDIS_VERSION}", "rule_id": "DKR002", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/"], "correlation_key": "fp|53e58612dbb19b1ad8392da3077dadd494107278b8106194735e105678ac7078"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/redis/Dockerfile"}, "region": {"startLine": 2}}}]}, {"ruleId": "DKR002", "level": "none", "message": {"text": "Dockerfile base image is selected through a build variable"}, "properties": {"repobilityId": 10128, "scanner": "repobility-docker", "fingerprint": "71e58b9ddf36bc38cf015f0ebd6cf5beba38c82dda930f2fd178e3d99747d64f", "category": "docker", "severity": "info", "confidence": 0.48, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Base image contains a variable; manual review is needed to avoid false positives.", "evidence": {"image": "postgres:${PG_MAJOR}", "rule_id": "DKR002", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/"], "correlation_key": "fp|71e58b9ddf36bc38cf015f0ebd6cf5beba38c82dda930f2fd178e3d99747d64f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/nuq-postgres/Dockerfile"}, "region": {"startLine": 4}}}]}, {"ruleId": "ERR001", "level": "none", "message": {"text": "[ERR001] Silent Exception Swallowing (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 10117, "scanner": "repobility-threat-engine", "fingerprint": "93b9da83522ef7033c1689b56fc2639ef703f7cce5574751f2046196162761e3", "category": "error_handling", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|93b9da83522ef7033c1689b56fc2639ef703f7cce5574751f2046196162761e3"}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 10113, "scanner": "repobility-threat-engine", "fingerprint": "f78a027198e35a77dc3724085af14f3428895c5a442fbee6f443ad49b554c980", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|f78a027198e35a77dc3724085af14f3428895c5a442fbee6f443ad49b554c980"}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 10112, "scanner": "repobility-threat-engine", "fingerprint": "02262e66c5ab4aa51eb0601ba4e9c66166fd6d815b3c0e52d8fff9cd1662e1f1", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Environment variable or config lookup (credentials loaded safely)", "evidence": {"match": "print(f\"{Colors.RED}{Emojis.WARNING} Warning: FIRECRAWL_API_KEY not found in environment variables{C", "reason": "Environment variable or config lookup (credentials loaded safely)", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "secret|token|4|print f colors.red emojis.warning warning: firecrawl_api_key not found in environment variables c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/gemini-github-analyzer/gemini-github-analyzer.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 10111, "scanner": "repobility-threat-engine", "fingerprint": "32d2e7a720d9480827f566659e0f4200fbaf31ed1e86f75f19d7622b2c54d5a1", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Environment variable or config lookup (credentials loaded safely)", "evidence": {"match": "print(f\"{Colors.RED}Warning: FIRECRAWL_API_KEY not found in environment variables{Colors.RESET}\")", "reason": "Environment variable or config lookup (credentials loaded safely)", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "secret|token|2|print f colors.red warning: firecrawl_api_key not found in environment variables colors.reset"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/mistral-small-3.1-extractor/mistral-small-3.1-extractor.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 10110, "scanner": "repobility-threat-engine", "fingerprint": "ebf4c5c6f8f6953359800e746625e3a1723ac007939a5be3126cb886968af416", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "logger.warn(\"Failed to read Wikipedia token from Redis, will re-authenticate\", { error })", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|token|2|logger.warn failed to read wikipedia token from redis will re-authenticate error"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/engines/wikipedia/index.ts"}, "region": {"startLine": 28}}}]}, {"ruleId": "ERR002", "level": "none", "message": {"text": "[ERR002] Empty Catch Block (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "properties": {"repobilityId": 10109, "scanner": "repobility-threat-engine", "fingerprint": "9cc98ec684a3e6bc47534b8969a978472a77e62faf58b476f27031bff834dc54", "category": "error_handling", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|9cc98ec684a3e6bc47534b8969a978472a77e62faf58b476f27031bff834dc54"}}}, {"ruleId": "SEC015", "level": "none", "message": {"text": "[SEC015] Insecure Randomness for Security (and 7 more): Same pattern found in 7 additional files. Review if needed."}, "properties": {"repobilityId": 10105, "scanner": "repobility-threat-engine", "fingerprint": "f407cf9ba1ffb4a2b178d7b0e6f4250c72af6972010cbb60e415bb6be49ab416", "category": "crypto", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 7 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 7 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|f407cf9ba1ffb4a2b178d7b0e6f4250c72af6972010cbb60e415bb6be49ab416"}}}, {"ruleId": "SEC015", "level": "none", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 10104, "scanner": "repobility-threat-engine", "fingerprint": "aadc0cda2f6e5316212ddfb1fbf993885af5db497f75b23730867db186f8af9c", "category": "crypto", "severity": "info", "confidence": 0.25, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "evidence": {"match": "Math.random()", "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 0.25, "correlation_key": "code|crypto|token|185|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/scraper/scrapeURL/transformers/index.ts"}, "region": {"startLine": 185}}}]}, {"ruleId": "SEC015", "level": "none", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 10103, "scanner": "repobility-threat-engine", "fingerprint": "2599ef2896583def3d315328ae400dd19802168362aec53e5e2570c64bb1d204", "category": "crypto", "severity": "info", "confidence": 0.25, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "evidence": {"match": "Math.random()", "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 0.25, "correlation_key": "code|crypto|token|273|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/controllers/auth.ts"}, "region": {"startLine": 273}}}]}, {"ruleId": "SEC015", "level": "none", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 10102, "scanner": "repobility-threat-engine", "fingerprint": "1a619cd589a44e52e24a5bb6687533e4376374d109cc265fc51482e67e00d4cf", "category": "crypto", "severity": "info", "confidence": 0.25, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "evidence": {"match": "Math.random()", "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 0.25, "correlation_key": "code|crypto|token|25|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/src/services/ab-test.ts"}, "region": {"startLine": 25}}}]}, {"ruleId": "QUAL007", "level": "error", "message": {"text": "Imported but never used"}, "properties": {"repobilityId": 22320, "scanner": "repobility", "fingerprint": "d1d158f2739b96c61c0e9d49ae3a3bee", "category": "quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "unused import: firecrawl.v2.types.ScrapeFormats (as ScrapeFormats)", "aljefra_cwe": null, "aljefra_owasp": null, "aljefra_pattern_slug": "dead-imports"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "/tank0/claude-archive/opus47/firecrawl__firecrawl/apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_search_validation.py"}, "region": {"startLine": 2}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19060, "scanner": "repobility", "fingerprint": "d63613c64e76e5c3c06461d392ec3a73", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_scrape_with_screenshot_action_viewport", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/e2e/v2/test_scrape.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19059, "scanner": "repobility", "fingerprint": "03fb2d8c815fe33106a3a47b07b104b9", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_scrape_with_options_markdown", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/e2e/v2/test_scrape.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19058, "scanner": "repobility", "fingerprint": "4586a33f4ca3a5cf7baad89bbce53e0e", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_scrape_minimal", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/e2e/v2/test_scrape.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19057, "scanner": "repobility", "fingerprint": "42ede2d47f62d680aa736807d9fba489", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_validate_complex_options", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_crawl_validation.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19056, "scanner": "repobility", "fingerprint": "d2d509e0fa35a6a982f0c4c566d473bd", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_validate_none_options", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_crawl_validation.py"}, "region": {"startLine": 69}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19055, "scanner": "repobility", "fingerprint": "dceb97670b18043c8899f046fa2d7246", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_validate_with_prompt_and_options", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_crawl_validation.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19054, "scanner": "repobility", "fingerprint": "841006a3aa098a783f5b2aac044fc4ab", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_validate_with_prompt", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_crawl_validation.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19053, "scanner": "repobility", "fingerprint": "28c047b29dd69dca61055d0a03f3dba8", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_validate_valid_limit", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_crawl_validation.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "TEST001", "level": "error", "message": {"text": "Phantom test coverage \u2014 test files without real assertions"}, "properties": {"repobilityId": 19052, "scanner": "repobility", "fingerprint": "248f6d06e9efef6128bc25b48d420a25", "category": "test_quality", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "test_* without asserts: test_validate_valid_url", "aljefra_cwe": ["CWE-1126"], "aljefra_owasp": null, "aljefra_pattern_slug": "phantom-test-coverage"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/unit/v2/methods/test_crawl_validation.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17625, "scanner": "repobility", "fingerprint": "fa27d0a0c7503067256cf4a01a26a96e", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/e2e/v2/conftest.py"}, "region": {"startLine": 71}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17624, "scanner": "repobility", "fingerprint": "2cac90bf122182e3e564e7add6b231da", "category": "error_handling", "severity": "high", "confidence": 0.45, "triageState": "open", "verdict": "likely_fp", "isResolved": false, "reason": " | [R34-retro auto-suppress: test/fixture path]", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/__tests__/e2e/v2/conftest.py"}, "region": {"startLine": 63}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17623, "scanner": "repobility", "fingerprint": "3cee795c543128f6387ab9f6e3c83496", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/utils/validation.py"}, "region": {"startLine": 426}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17622, "scanner": "repobility", "fingerprint": "566969e46183d225c7440a73c1d0157c", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/utils/validation.py"}, "region": {"startLine": 417}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17621, "scanner": "repobility", "fingerprint": "04c5fe78232f628a14e90ee3ce02d2aa", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/utils/validation.py"}, "region": {"startLine": 362}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17620, "scanner": "repobility", "fingerprint": "33fb310ff98ddc2d36bf9574eb967cc5", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher_async.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17619, "scanner": "repobility", "fingerprint": "c592b7279b240f2c5d9eaf9e4b31aadc", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17618, "scanner": "repobility", "fingerprint": "186bf838ad6e1afabc2e63b5d6addab9", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17617, "scanner": "repobility", "fingerprint": "8b0f25fed0fe6dc45873253d253052b3", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v2/watcher.py"}, "region": {"startLine": 257}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17616, "scanner": "repobility", "fingerprint": "8af1bc1770e71f4048051d5616631a8b", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v1/client.py"}, "region": {"startLine": 3201}}}]}, {"ruleId": "ERRH001", "level": "error", "message": {"text": "Bare except: pass \u2014 silent failure"}, "properties": {"repobilityId": 17615, "scanner": "repobility", "fingerprint": "9388eaee7e66dabc6fbe366ee6e92f95", "category": "error_handling", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "except: pass", "aljefra_cwe": ["CWE-755"], "aljefra_owasp": null, "aljefra_pattern_slug": "bare-except-pass"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/python-sdk/firecrawl/v1/client.py"}, "region": {"startLine": 3192}}}]}, {"ruleId": "SUPC001", "level": "error", "message": {"text": "Supply chain \u2014 curl | bash anti-pattern"}, "properties": {"repobilityId": 15521, "scanner": "repobility", "fingerprint": "0466b9c8afd796d27f687322eee5bc8f", "category": "supply_chain", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"snippet": "curl \\\n    build-essential \\\n    pkg-config \\\n    python3 \\\n    && rm -rf /var/lib/apt/lists/*\n\n# Install Rust\nENV RUSTUP_HOME=/usr/local/rustup \\\n    CARGO_HOME=/usr/local/cargo \\\n    PATH=/usr/local", "aljefra_cwe": ["CWE-494"], "aljefra_owasp": "A08:2021", "aljefra_pattern_slug": "curl-pipe-bash"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/Dockerfile"}, "region": {"startLine": 24}}}]}, {"ruleId": "DKR014", "level": "error", "message": {"text": "Dockerfile copies the entire context without .dockerignore"}, "properties": {"repobilityId": 10130, "scanner": "repobility-docker", "fingerprint": "3bf9d3f55bfc16b3e7ec77511f061cb00d407d5f070c1754f88cfc0c1942755c", "category": "docker", "severity": "high", "confidence": 0.92, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Broad context copy and missing .dockerignore were found together.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|3bf9d3f55bfc16b3e7ec77511f061cb00d407d5f070c1754f88cfc0c1942755c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/playwright-service-ts/Dockerfile"}, "region": {"startLine": 7}}}]}, {"ruleId": "DKR014", "level": "error", "message": {"text": "Dockerfile copies the entire context without .dockerignore"}, "properties": {"repobilityId": 10125, "scanner": "repobility-docker", "fingerprint": "80ae559b8c7a6ef608f0a913f139d57ceacc0aa6bbf914d3407bdf85ae562c65", "category": "docker", "severity": "high", "confidence": 0.92, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Broad context copy and missing .dockerignore were found together.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|80ae559b8c7a6ef608f0a913f139d57ceacc0aa6bbf914d3407bdf85ae562c65"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/go-html-to-md-service/Dockerfile"}, "region": {"startLine": 17}}}]}, {"ruleId": "DKR014", "level": "error", "message": {"text": "Dockerfile copies the entire context without .dockerignore"}, "properties": {"repobilityId": 10120, "scanner": "repobility-docker", "fingerprint": "80660873c0979637a5964c79e0b92fb691dd4304536ad93e261aae4be0ac13aa", "category": "docker", "severity": "high", "confidence": 0.92, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Broad context copy and missing .dockerignore were found together.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|80660873c0979637a5964c79e0b92fb691dd4304536ad93e261aae4be0ac13aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/Dockerfile"}, "region": {"startLine": 40}}}]}, {"ruleId": "DKR006", "level": "error", "message": {"text": "Dockerfile pipes a remote script into a shell"}, "properties": {"repobilityId": 10119, "scanner": "repobility-docker", "fingerprint": "8b5e8282a7bd354250240f58f7aca2c141d5e932ac8db687947a389766975787", "category": "docker", "severity": "high", "confidence": 0.92, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "RUN instruction contains curl/wget piped into a shell.", "evidence": {"rule_id": "DKR006", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|8b5e8282a7bd354250240f58f7aca2c141d5e932ac8db687947a389766975787"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "apps/api/Dockerfile"}, "region": {"startLine": 35}}}]}, {"ruleId": "DKC007", "level": "error", "message": {"text": "Compose service contains a literal secret environment value"}, "properties": {"repobilityId": 10146, "scanner": "repobility-docker", "fingerprint": "e38b8b42f6a7f9faee60bb098cad544f063e676e8f547dfdbdc5bb3bea7054c2", "category": "docker", "severity": "critical", "confidence": 0.96, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Environment variable name is secret-like and value is a committed literal.", "evidence": {"rule_id": "DKC007", "scanner": "repobility-docker", "service": "nuq-postgres", "variable": "POSTGRES_PASSWORD", "references": ["https://docs.docker.com/compose/how-tos/environment-variables/best-practices/", "https://docs.docker.com/reference/compose-file/secrets/"], "path_context": "runtime", "correlation_key": "fp|e38b8b42f6a7f9faee60bb098cad544f063e676e8f547dfdbdc5bb3bea7054c2", "compose_secrets_declared": false}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 150}}}]}, {"ruleId": "DKC007", "level": "error", "message": {"text": "Compose service contains a literal secret environment value"}, "properties": {"repobilityId": 10139, "scanner": "repobility-docker", "fingerprint": "01cc665ce2f7d5b05bfacb19296fabc9c70ee7b9abf2048dd0f827b0bf92b0b6", "category": "docker", "severity": "critical", "confidence": 0.96, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Environment variable name is secret-like and value is a committed literal.", "evidence": {"rule_id": "DKC007", "scanner": "repobility-docker", "service": "api", "variable": "POSTGRES_PASSWORD", "references": ["https://docs.docker.com/compose/how-tos/environment-variables/best-practices/", "https://docs.docker.com/reference/compose-file/secrets/"], "path_context": "runtime", "correlation_key": "fp|01cc665ce2f7d5b05bfacb19296fabc9c70ee7b9abf2048dd0f827b0bf92b0b6", "compose_secrets_declared": false}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yaml"}, "region": {"startLine": 88}}}]}]}]}