{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "GHSA-4w7w-66w2-5vf9", "name": "vite: GHSA-4w7w-66w2-5vf9", "shortDescription": {"text": "vite: GHSA-4w7w-66w2-5vf9"}, "fullDescription": {"text": "Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-67mh-4wv8-2f99", "name": "esbuild: GHSA-67mh-4wv8-2f99", "shortDescription": {"text": "esbuild: GHSA-67mh-4wv8-2f99"}, "fullDescription": {"text": "esbuild enables any website to send any requests to the development server and read the response"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "SEC087", "name": "[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces", "shortDescription": {"text": "[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes concept (Apache-2.0)."}, "fullDescription": {"text": "Use `crypto.randomBytes(32).toString('hex')` (Node) or `crypto.getRandomValues()` (browser)."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT015", "name": "Remote install command pipes network code directly to a shell", "shortDescription": {"text": "Remote install command pipes network code directly to a shell"}, "fullDescription": {"text": "Agent helper projects often publish one-line installers. `curl | sh` style commands are convenient, but they bypass review unless the script is pinned, signed, or checksum-verified."}, "properties": {"scanner": "repobility-agent-runtime", "category": "dependency", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "WEB005", "name": "robots.txt does not advertise a sitemap", "shortDescription": {"text": "robots.txt does not advertise a sitemap"}, "fullDescription": {"text": "Sitemap directives in robots.txt help crawlers and AI agents find the canonical public URL inventory quickly."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED068", "name": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside.", "shortDescription": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-119 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED003", "name": "[MINED003] Rust Unwrap In Prod (and 17 more): Same pattern found in 17 additional files. Review if needed.", "shortDescription": {"text": "[MINED003] Rust Unwrap In Prod (and 17 more): Same pattern found in 17 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED059", "name": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message.", "shortDescription": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "generic-api-key", "name": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", "shortDescription": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "fullDescription": {"text": "Gitleaks detected a committed secret or credential pattern."}, "properties": {"scanner": "gitleaks", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "MINED116", "name": "Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger", "shortDescription": {"text": "Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger"}, "fullDescription": {"text": "This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.CODECOV_TOKEN }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "critical", "confidence": 0.9, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/897"}, "properties": {"repository": "starship/starship", "repoUrl": "https://github.com/starship/starship", "branch": "main"}, "results": [{"ruleId": "GHSA-4w7w-66w2-5vf9", "level": "warning", "message": {"text": "vite: GHSA-4w7w-66w2-5vf9"}, "properties": {"repobilityId": 83424, "scanner": "osv-scanner", "fingerprint": "3ef994f5da3508a6593be7bef0e43e7f1d3b712300aeee2244cf8243f951aa0a", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-39365"], "package": "vite", "rule_id": "GHSA-4w7w-66w2-5vf9", "scanner": "osv-scanner", "correlation_key": "vuln|vite|CVE-2026-39365|docs/package-lock.json"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-67mh-4wv8-2f99", "level": "warning", "message": {"text": "esbuild: GHSA-67mh-4wv8-2f99"}, "properties": {"repobilityId": 83423, "scanner": "osv-scanner", "fingerprint": "9593c379f2495994d7d5418ec6dfc6568f1ae81ad24ad34e8597cd5a3b660277", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "package": "esbuild", "rule_id": "GHSA-67mh-4wv8-2f99", "scanner": "osv-scanner", "correlation_key": "vuln|esbuild|GHSA-67MH-4WV8-2F99|docs/package-lock.json"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC087", "level": "warning", "message": {"text": "[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes concept (Apache-2.0)."}, "properties": {"repobilityId": 83419, "scanner": "repobility-threat-engine", "fingerprint": "e903a73d4e892f0237047bec26b697b5d4f10e64ce3916e4ec7bd98ba9b036be", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "key = \"\"\nmath.randomseed(os.time())\nfor i = 1, 16 do\n  local rand = math.random(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC087", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e903a73d4e892f0237047bec26b697b5d4f10e64ce3916e4ec7bd98ba9b036be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/init/starship.lua"}, "region": {"startLine": 65}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83411, "scanner": "repobility-agent-runtime", "fingerprint": "23527f2d3842716074e96193876dd8d9cb61790593c7a998dbac815d0175d4c8", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|23527f2d3842716074e96193876dd8d9cb61790593c7a998dbac815d0175d4c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/ckb-IR/guide/README.md"}, "region": {"startLine": 215}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83410, "scanner": "repobility-agent-runtime", "fingerprint": "6cf3304952e6a0ae7d9888d3df16671880d1e13f2dacfc0f0b5920db049097ee", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|6cf3304952e6a0ae7d9888d3df16671880d1e13f2dacfc0f0b5920db049097ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/ckb-IR/faq/README.md"}, "region": {"startLine": 56}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83409, "scanner": "repobility-agent-runtime", "fingerprint": "69de3d0703d45e328575dabe98f8499c8996787cf2774505cf1acfd4d5eae9d2", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|69de3d0703d45e328575dabe98f8499c8996787cf2774505cf1acfd4d5eae9d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/ckb-IR/README.md"}, "region": {"startLine": 61}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83408, "scanner": "repobility-agent-runtime", "fingerprint": "8a56aa4f6ef361285ccf51def77da8cba052d4c2453eeccce8caafd74c331c52", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|8a56aa4f6ef361285ccf51def77da8cba052d4c2453eeccce8caafd74c331c52"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/bn-BD/guide/README.md"}, "region": {"startLine": 219}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83407, "scanner": "repobility-agent-runtime", "fingerprint": "f837c14c1c0157bd3a921bea083aeb46b62281c36b305352276ce80f5b8e01f5", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|f837c14c1c0157bd3a921bea083aeb46b62281c36b305352276ce80f5b8e01f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/bn-BD/faq/README.md"}, "region": {"startLine": 56}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83406, "scanner": "repobility-agent-runtime", "fingerprint": "cdf41afb0e42be73df7bae92e241fec719cd1961ed1137bf8d433c5060e54a1f", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|cdf41afb0e42be73df7bae92e241fec719cd1961ed1137bf8d433c5060e54a1f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/bn-BD/README.md"}, "region": {"startLine": 61}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83405, "scanner": "repobility-agent-runtime", "fingerprint": "c83fa7a4a6453df45b945072bf9cf065dd8abaa0c656ef57c9fdc4ce0524676c", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|c83fa7a4a6453df45b945072bf9cf065dd8abaa0c656ef57c9fdc4ce0524676c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/ar-SA/guide/README.md"}, "region": {"startLine": 219}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83404, "scanner": "repobility-agent-runtime", "fingerprint": "108418c8373bce2dd4952fb57ebb1fad2e638cc41d02a7a7af2b94b34b205346", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|108418c8373bce2dd4952fb57ebb1fad2e638cc41d02a7a7af2b94b34b205346"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/ar-SA/faq/README.md"}, "region": {"startLine": 56}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83403, "scanner": "repobility-agent-runtime", "fingerprint": "8320fe9a7d3124fb0153e4d14e886ab9578fabdc9b2f26ae78d3b75bb7255a9d", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|8320fe9a7d3124fb0153e4d14e886ab9578fabdc9b2f26ae78d3b75bb7255a9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/ar-SA/README.md"}, "region": {"startLine": 61}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83402, "scanner": "repobility-agent-runtime", "fingerprint": "19ec4b23e70c9aff20b98e19042e162ac084e9544b09b2999c0fa1bb50cc5992", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|19ec4b23e70c9aff20b98e19042e162ac084e9544b09b2999c0fa1bb50cc5992"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/README.md"}, "region": {"startLine": 57}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83401, "scanner": "repobility-agent-runtime", "fingerprint": "89dad88223dcec5372f09bda8352a74aee9aa9de768eeabd51ad3473563ef234", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|89dad88223dcec5372f09bda8352a74aee9aa9de768eeabd51ad3473563ef234"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "README.md"}, "region": {"startLine": 230}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 83400, "scanner": "repobility-agent-runtime", "fingerprint": "eccb9943567422c7fcd54f0391568324befe83ad5920c3ff10f51462cc40604c", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|eccb9943567422c7fcd54f0391568324befe83ad5920c3ff10f51462cc40604c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/install-script.yml"}, "region": {"startLine": 30}}}]}, {"ruleId": "WEB005", "level": "note", "message": {"text": "robots.txt does not advertise a sitemap"}, "properties": {"repobilityId": 83425, "scanner": "repobility-web-presence", "fingerprint": "2058a3f9d56354b1b9951fd5f15ca942cbb2439d7cb0a4efbc09b13a58d0034d", "category": "quality", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Discovered robots file or route lacks a Sitemap directive.", "evidence": {"rule_id": "WEB005", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9309", "https://www.sitemaps.org/protocol.html"], "correlation_key": "fp|2058a3f9d56354b1b9951fd5f15ca942cbb2439d7cb0a4efbc09b13a58d0034d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/public/robots.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83397, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6f343074d3321d6fbe31d2a22c7065a3ea4a453f74422188a56db55f2f005a48", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|6f343074d3321d6fbe31d2a22c7065a3ea4a453f74422188a56db55f2f005a48"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/opa.rs"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83396, "scanner": "repobility-ai-code-hygiene", "fingerprint": "41474dc6ce124bc83a325ac9e160315ee7505aa7cbd599b066e77d454d6e6f32", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/buf.rs", "duplicate_line": 15, "correlation_key": "fp|41474dc6ce124bc83a325ac9e160315ee7505aa7cbd599b066e77d454d6e6f32"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/odin.rs"}, "region": {"startLine": 14}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83395, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bd38aa30138d76925b6fae88fb94e61cc8e08302d6f1323ef5890c016e0f6947", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|bd38aa30138d76925b6fae88fb94e61cc8e08302d6f1323ef5890c016e0f6947"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/nim.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83394, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dea2d774cd8ab7b6ad038f8f9888a88f91c5f7e527373be78fe839d7b87d47b3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/direnv.rs", "duplicate_line": 57, "correlation_key": "fp|dea2d774cd8ab7b6ad038f8f9888a88f91c5f7e527373be78fe839d7b87d47b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/mise.rs"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83393, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4581b6bcac3d2ce756468a657a69bc6252508f5664ef3b84e003f5687d33304e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|4581b6bcac3d2ce756468a657a69bc6252508f5664ef3b84e003f5687d33304e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/memory_usage.rs"}, "region": {"startLine": 60}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83392, "scanner": "repobility-ai-code-hygiene", "fingerprint": "297dd0962de9ab40c04339f3dddc335da56d1acc042342f17edb83aa80540af2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|297dd0962de9ab40c04339f3dddc335da56d1acc042342f17edb83aa80540af2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/maven.rs"}, "region": {"startLine": 22}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83391, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fa6e8312885599ed9fddb4cc655e6088d2ae48658e66c28ea90ce337cf850341", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|fa6e8312885599ed9fddb4cc655e6088d2ae48658e66c28ea90ce337cf850341"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/lua.rs"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83390, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b7542a0b345c0f590bdf8d0a2a757b54ccc69ed41c9e4c0fe85c9d078a545c1c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|b7542a0b345c0f590bdf8d0a2a757b54ccc69ed41c9e4c0fe85c9d078a545c1c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/kotlin.rs"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83389, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e9a884540b56bd77c2800fbca037ed6388cb6c744e0419af2d062651f5d6ca39", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|e9a884540b56bd77c2800fbca037ed6388cb6c744e0419af2d062651f5d6ca39"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/julia.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83388, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8d19922a8c5d8d364b2f1df3cd85213562f1d3be44e3f657b0364c168e6d2a28", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|8d19922a8c5d8d364b2f1df3cd85213562f1d3be44e3f657b0364c168e6d2a28"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/java.rs"}, "region": {"startLine": 19}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83387, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b583d53c0782195f50de7729d0059568508d88dfcf51e7166a3448e112b48dde", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/hg_branch.rs", "duplicate_line": 156, "correlation_key": "fp|b583d53c0782195f50de7729d0059568508d88dfcf51e7166a3448e112b48dde"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/hg_state.rs"}, "region": {"startLine": 117}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83386, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ac104832d8c774c4e1361b1473b09055f571217f5d334b663f69961d3f021f36", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/fossil_branch.rs", "duplicate_line": 24, "correlation_key": "fp|ac104832d8c774c4e1361b1473b09055f571217f5d334b663f69961d3f021f36"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/hg_branch.rs"}, "region": {"startLine": 32}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83385, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9590c7ddb47403fa31656234e766c10e1a4d31abb0179a65273ee0a6c09e8609", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|9590c7ddb47403fa31656234e766c10e1a4d31abb0179a65273ee0a6c09e8609"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/helm.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83384, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1983e9fb9dfcfbb51ce84b4504d082d7d13493a2bb9d3d4f7342d29bd83cb5a6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|1983e9fb9dfcfbb51ce84b4504d082d7d13493a2bb9d3d4f7342d29bd83cb5a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/haxe.rs"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83383, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3084ed84f536f332af5f839a2d4cb7de9fc844cecb5bbd679b8179ce4fa807c3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|3084ed84f536f332af5f839a2d4cb7de9fc844cecb5bbd679b8179ce4fa807c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/haskell.rs"}, "region": {"startLine": 14}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83382, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c7e46f11038b1cc2fe8e859972724630943dbf1e130257df961b7b69e3fcee3d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/buf.rs", "duplicate_line": 15, "correlation_key": "fp|c7e46f11038b1cc2fe8e859972724630943dbf1e130257df961b7b69e3fcee3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/guix_shell.rs"}, "region": {"startLine": 9}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83381, "scanner": "repobility-ai-code-hygiene", "fingerprint": "34c4707429e320c7594f45486311a5d361a37ea53f05aeccdfc303b2355812ba", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|34c4707429e320c7594f45486311a5d361a37ea53f05aeccdfc303b2355812ba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/gradle.rs"}, "region": {"startLine": 20}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83380, "scanner": "repobility-ai-code-hygiene", "fingerprint": "50bfb33f54b53d720573146a4481a5c73a9121b2d748557663de648fb78939f4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|50bfb33f54b53d720573146a4481a5c73a9121b2d748557663de648fb78939f4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/gleam.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83379, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c185c2947b6392c9b2fe50f6139cedd6da58fcb8eb2d1a2063a955a1664f8bdc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/git_metrics.rs", "duplicate_line": 659, "correlation_key": "fp|c185c2947b6392c9b2fe50f6139cedd6da58fcb8eb2d1a2063a955a1664f8bdc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/git_state.rs"}, "region": {"startLine": 194}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83378, "scanner": "repobility-ai-code-hygiene", "fingerprint": "955db6dc94805ff2779eca05de7f31531b9c0fbeeee60e2e2293fe671081abe8", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|955db6dc94805ff2779eca05de7f31531b9c0fbeeee60e2e2293fe671081abe8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/fennel.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83377, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6dc577ca67f36fab85acee9ae2b7b393d00c533197fe2253de84129c9d340a79", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/buf.rs", "duplicate_line": 15, "correlation_key": "fp|6dc577ca67f36fab85acee9ae2b7b393d00c533197fe2253de84129c9d340a79"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/erlang.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83376, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9aa7012766e3eafc1004d16dc33859cfa606aa40cabef2085303175d3cf64114", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|9aa7012766e3eafc1004d16dc33859cfa606aa40cabef2085303175d3cf64114"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/elm.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83375, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dc6dc378847e12d8f00a48d3581af89bc0deb1194b548131a6f37fe8d543fada", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/buf.rs", "duplicate_line": 15, "correlation_key": "fp|dc6dc378847e12d8f00a48d3581af89bc0deb1194b548131a6f37fe8d543fada"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/docker_context.rs"}, "region": {"startLine": 40}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83374, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fa1294a920456a71ace0327b1b950f30c80b63be6711422d7c47a33f76a02cd8", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|fa1294a920456a71ace0327b1b950f30c80b63be6711422d7c47a33f76a02cd8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/deno.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83373, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d9eb652351c1fed4ba7fdd0c02b656bc113838461ff75c100cf2fed22e1eeb3d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|d9eb652351c1fed4ba7fdd0c02b656bc113838461ff75c100cf2fed22e1eeb3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/dart.rs"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83372, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fc28875ae4f53c816f279e7a0cf494cb97ea0ab6664e36bc5e83b212969998bc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|fc28875ae4f53c816f279e7a0cf494cb97ea0ab6664e36bc5e83b212969998bc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/daml.rs"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83371, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7e7ab0b75aa0d968902bacc1275172316780d5785effcff8512b6fafeedabd8f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/buf.rs", "duplicate_line": 15, "correlation_key": "fp|7e7ab0b75aa0d968902bacc1275172316780d5785effcff8512b6fafeedabd8f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/crystal.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83370, "scanner": "repobility-ai-code-hygiene", "fingerprint": "71d197f90e0f2c0350c128f19953eb628783488aa8df8d83c59af2c2ef4e7298", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/bun.rs", "duplicate_line": 16, "correlation_key": "fp|71d197f90e0f2c0350c128f19953eb628783488aa8df8d83c59af2c2ef4e7298"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/cobol.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83369, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6246383aabec50c695c26708036e549fbb10ada5b1456c26c58ae2a088c0680f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/buf.rs", "duplicate_line": 15, "correlation_key": "fp|6246383aabec50c695c26708036e549fbb10ada5b1456c26c58ae2a088c0680f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/cmake.rs"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 83368, "scanner": "repobility-ai-code-hygiene", "fingerprint": "602aa242d445ddcd2935b13b71eec5402afae85c25aaddd9538c7a4b129a99c0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/modules/claude_context.rs", "duplicate_line": 19, "correlation_key": "fp|602aa242d445ddcd2935b13b71eec5402afae85c25aaddd9538c7a4b129a99c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/claude_cost.rs"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 83421, "scanner": "repobility-threat-engine", "fingerprint": "ab0122ba34bb2047e65cf299ee491a82973485836acd3fcc510a28a5fa9035ff", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ab0122ba34bb2047e65cf299ee491a82973485836acd3fcc510a28a5fa9035ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/utils/directory_win.rs"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 83420, "scanner": "repobility-threat-engine", "fingerprint": "98a1a96f50e31ff4e54cd52163553bea510849c9da10436d69137b4b20f6e19f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|98a1a96f50e31ff4e54cd52163553bea510849c9da10436d69137b4b20f6e19f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/lua.rs"}, "region": {"startLine": 155}}}]}, {"ruleId": "MINED003", "level": "none", "message": {"text": "[MINED003] Rust Unwrap In Prod (and 17 more): Same pattern found in 17 additional files. Review if needed."}, "properties": {"repobilityId": 83418, "scanner": "repobility-threat-engine", "fingerprint": "5d0486df74cb691e18f033eb13c4aaac8071df7aa9dc82cc51ae3fadbb9de323", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 17 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|5d0486df74cb691e18f033eb13c4aaac8071df7aa9dc82cc51ae3fadbb9de323", "aggregated_count": 17}}}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 83414, "scanner": "repobility-threat-engine", "fingerprint": "9f7826c56c3818c5e808f6b353b6201fd9e898214e3eae037ac002eccf88ec95", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9f7826c56c3818c5e808f6b353b6201fd9e898214e3eae037ac002eccf88ec95"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/modules/git_state.rs"}, "region": {"startLine": 195}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 83413, "scanner": "repobility-threat-engine", "fingerprint": "360768559be0487e83a3ac634a68c6c1a7a1260b513805497349e9f52a5137c5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|360768559be0487e83a3ac634a68c6c1a7a1260b513805497349e9f52a5137c5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/main.rs"}, "region": {"startLine": 222}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 83412, "scanner": "repobility-threat-engine", "fingerprint": "635f3bd0b6f516c18797b5bbea4cec46f8a4a775c1845363f7ab06ef6c41b275", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|635f3bd0b6f516c18797b5bbea4cec46f8a4a775c1845363f7ab06ef6c41b275"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build.rs"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 83417, "scanner": "repobility-threat-engine", "fingerprint": "e5e183fdfb29ba1ca444e8b2fbe1438b24111ab0b3361400875c90c46e790e3c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e5e183fdfb29ba1ca444e8b2fbe1438b24111ab0b3361400875c90c46e790e3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/formatter/parser.rs"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 83416, "scanner": "repobility-threat-engine", "fingerprint": "c5223e3be6d4601d18abb01ca5c1bdd5fc6e2e9c167de7a1d0f29ccf985581a5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c5223e3be6d4601d18abb01ca5c1bdd5fc6e2e9c167de7a1d0f29ccf985581a5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/configs/mod.rs"}, "region": {"startLine": 351}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 83415, "scanner": "repobility-threat-engine", "fingerprint": "64257604474f12a106bcffa56ff4bd14a230294c7b18211aeed2a90bf093c277", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|64257604474f12a106bcffa56ff4bd14a230294c7b18211aeed2a90bf093c277"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/bug_report.rs"}, "region": {"startLine": 171}}}]}, {"ruleId": "generic-api-key", "level": "error", "message": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "properties": {"repobilityId": 83422, "scanner": "gitleaks", "fingerprint": "0bb392de2d3979166c891dc5d41173014d26dd0253ade2f5e650e6d9551d068f", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "apiKey: \"<redacted>\"", "rule_id": "generic-api-key", "scanner": "gitleaks", "detector": "generic-api-key", "correlation_key": "secret|docs/.vitepress/config.mts|41|apikey: redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/.vitepress/config.mts"}, "region": {"startLine": 413}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger"}, "properties": {"repobilityId": 83399, "scanner": "repobility-supply-chain", "fingerprint": "4838e91541ccf39dc0781e05ac5106efce57d792acc7f98deadf662a501c0dcf", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4838e91541ccf39dc0781e05ac5106efce57d792acc7f98deadf662a501c0dcf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/workflow.yml"}, "region": {"startLine": 253}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.SIGNPATH_API_TOKEN` on a `pull_request` trigger"}, "properties": {"repobilityId": 83398, "scanner": "repobility-supply-chain", "fingerprint": "1690fde151ac698a08b0202a1143b796ed611b8f5a2dbdbae6cca373a9716b74", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1690fde151ac698a08b0202a1143b796ed611b8f5a2dbdbae6cca373a9716b74"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/workflow.yml"}, "region": {"startLine": 241}}}]}]}]}