← Back to scan
File as GitHub Issue repo: florianfesti/boxes

Push this scan report to florianfesti/boxes

Click the green button below to open GitHub’s new-issue form, pre-filled with the report title, summary table, top findings, and an embedded score-card image. No authentication needed — you review on GitHub before submitting. Repobility is credited as the scanner.

Embedded score card image

This image will render at the top of the issue body. Hosted on Repobility, refreshes automatically after re-scans.

Repobility score card

Issue title

Missing import: `math` used but not imported

Curate findings to include

Pick exactly which findings appear in the issue body. By default the top 5 are included. Uncheck noise, check what matters.

Top 5 (default)
Severity Rule Title File:line
CRIT MINED107 [MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(..… boxes/generators/regularbox.py:86
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/cardholder.py:41
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/laserholdfast.py:59
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/pizzashovel.py:80
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/carbonfilter.py:97
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/bintray.py:23
CRIT MINED107 [MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(..… boxes/generators/bintray.py:129
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/drillstand.py:122
CRIT MINED107 [MINED107] Missing import: `argparse` used but not imported: The file uses `argparse.some… boxes/generators/typetray.py:119
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/regularstarbox.py:26
CRIT MINED107 [MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(..… boxes/generators/regularstarbox.py:76
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/planetary2.py:94
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/skadisstand.py:74
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/shadowbox.py:86
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/walldrillbox.py:43
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/smallpartstray.py:50
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/breadbox.py:39
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/displayshelf.py:104
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/desksign.py:74
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/ramp.py:74
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/planetary.py:65
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/coindisplay.py:24
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/angledcutjig.py:48
CRIT MINED107 [MINED107] Missing import: `math` used but not imported: The file uses `math.something(..… boxes/generators/laptopstand.py:72
CRIT MINED107 [MINED107] Missing import: `warnings` used but not imported: The file uses `warnings.some… boxes/gears.py:638
HIGH MINED108 [MINED108] `self.set_source_color` used but never assigned in __init__: Method `open` of … boxes/__init__.py:465
HIGH MINED108 [MINED108] `self.qr_code` used but never assigned in __init__: Method `open` of class `Bo… boxes/__init__.py:483
HIGH MINED108 [MINED108] `self.reference` used but never assigned in __init__: Method `open` of class `… boxes/__init__.py:473
HIGH MINED108 [MINED108] `self._buildObjects` used but never assigned in __init__: Method `open` of cla… boxes/__init__.py:472
HIGH MINED108 [MINED108] `self.set_font` used but never assigned in __init__: Method `open` of class `B… boxes/__init__.py:471
HIGH MINED108 [MINED108] `self.format` used but never assigned in __init__: Method `open` of class `Box… boxes/__init__.py:463
HIGH MINED108 [MINED108] `self.format` used but never assigned in __init__: Method `open` of class `Box… boxes/__init__.py:461
HIGH MINED108 [MINED108] `self.surface` used but never assigned in __init__: Method `open` of class `Bo… boxes/__init__.py:461
HIGH MINED108 [MINED108] `self.spacing` used but never assigned in __init__: Method `open` of class `Bo… boxes/__init__.py:470
HIGH MINED108 [MINED108] `self.bedBoltSettings` used but never assigned in __init__: Method `open` of c… boxes/__init__.py:460
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:72
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:71
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:70
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:60
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:59
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:58
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:49
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class… setup.py:48
HIGH MINED108 [MINED108] `self.buildInkscapeExt` used but never assigned in __init__: Method `run` of c… setup.py:52
HIGH MINED108 [MINED108] `self.execute` used but never assigned in __init__: Method `run` of class `Cus… setup.py:52
HIGH MINED108 [MINED108] `self.generate_mo_files` used but never assigned in __init__: Method `run` of … setup.py:51
HIGH MINED108 [MINED108] `self.execute` used but never assigned in __init__: Method `run` of class `Cus… setup.py:51
HIGH MINED108 [MINED108] `self.updatePOT` used but never assigned in __init__: Method `run` of class `C… setup.py:50
HIGH MINED108 [MINED108] `self.execute` used but never assigned in __init__: Method `run` of class `Cus… setup.py:50
HIGH MINED108 [MINED108] `self.distribution` used but never assigned in __init__: Method `generate_mo_f… setup.py:43
HIGH MINED036 [MINED036] Python Os System Call: os.system() invokes shell with no escaping. setup.py:42
HIGH MINED034 [MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command inje… setup.py:28
HIGH MINED001 [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e… setup.py:40
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … boxes/generators/dicebox.py:105
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … boxes/generators/compartmentbox.py:92
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … boxes/generators/breadbox.py:34
HIGH MINED115 [MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v5`: `uses: actions/depl… .github/workflows/pages.yml:66
HIGH MINED115 [MINED115] Action `actions/upload-pages-artifact` pinned to mutable ref `@v4`: `uses: act… .github/workflows/pages.yml:42
HIGH MINED115 [MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setu… .github/workflows/pages.yml:22
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout… .github/workflows/pages.yml:20
HIGH MINED115 [MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v7`: `uses: actions/u… .github/workflows/precommit.yml:24
HIGH MINED115 [MINED115] Action `pre-commit/action` pinned to mutable ref `@v3.0.1`: `uses: pre-commit/… .github/workflows/precommit.yml:23
HIGH MINED115 [MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setu… .github/workflows/precommit.yml:17
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout… .github/workflows/precommit.yml:16
HIGH MINED115 [MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout… .github/workflows/docker-publish.yml:38
HIGH MINED119 [MINED119] Dockerfile `ADD https://github.com/florianfesti/boxes.git`: Dockerfile `ADD <u… scripts/Dockerfile:7
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-sli… scripts/Dockerfile:13
HIGH MINED118 [MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-sli… scripts/Dockerfile:1
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/codespell-project/codespell` pinned to mut… .pre-commit-config.yaml:76
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/shellcheck-py/shellcheck-py` pinned to mut… .pre-commit-config.yaml:71
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/rstcheck/rstcheck` pinned to mutable rev `… .pre-commit-config.yaml:65
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/pre-commit/mirrors-mypy` pinned to mutable… .pre-commit-config.yaml:45
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/PyCQA/autoflake` pinned to mutable rev `v2… .pre-commit-config.yaml:39
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/asottile/pyupgrade` pinned to mutable rev … .pre-commit-config.yaml:33
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/pre-commit/pygrep-hooks` pinned to mutable… .pre-commit-config.yaml:22
HIGH MINED131 [MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mut… .pre-commit-config.yaml:8
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… boxes/scripts/boxes_generator.py:330
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… boxes/scripts/boxesserver.py:693
MED MINED109 [MINED109] Mutable default argument in `args2html` (dict): `def args2html(... = []/{}/set… boxes/scripts/boxesserver.py:228
MED MINED109 [MINED109] Mutable default argument in `args2html_cached` (dict): `def args2html_cached(.… boxes/scripts/boxesserver.py:219
MED MINED109 [MINED109] Mutable default argument in `arg2html` (dict): `def arg2html(... = []/{}/set()… boxes/scripts/boxesserver.py:189
MED MINED109 [MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set()… boxes/scripts/boxesserver.py:46
MED MINED109 [MINED109] Mutable default argument in `drawLid` (list): `def drawLid(... = []/{}/set())`… boxes/lids.py:314
MED MINED109 [MINED109] Mutable default argument in `addTopEdgeSettings` (dict): `def addTopEdgeSettin… boxes/lids.py:258
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… boxes/svgmerge.py:129
MED MINED109 [MINED109] Mutable default argument in `rectangularWall` (list): `def rectangularWall(...… boxes/__init__.py:2475
MED MINED109 [MINED109] Mutable default argument in `text` (list): `def text(... = []/{}/set())` — Pyt… boxes/__init__.py:1529
MED COMP001 [COMP001] High cognitive complexity: Function `cb` has cognitive complexity 20 (SonarSour… boxes/generators/airpurifier.py:82
MED MINED124 [MINED124] requirements.txt: `svgpathtools` has no version pin: Unpinned pip requirement … requirements.txt:11
MED MINED124 [MINED124] requirements.txt: `sphinx` has no version pin: Unpinned pip requirement means … requirements.txt:10
MED MINED124 [MINED124] requirements.txt: `setuptools` has no version pin: Unpinned pip requirement me… requirements.txt:8
MED MINED124 [MINED124] requirements.txt: `rectpack` has no version pin: Unpinned pip requirement mean… requirements.txt:7
MED MINED124 [MINED124] requirements.txt: `PyYAML` has no version pin: Unpinned pip requirement means … requirements.txt:5
MED MINED124 [MINED124] requirements.txt: `pillow` has no version pin: Unpinned pip requirement means … requirements.txt:4
MED MINED124 [MINED124] requirements.txt: `numpy` has no version pin: Unpinned pip requirement means e… requirements.txt:3
MED MINED124 [MINED124] requirements.txt: `markdown` has no version pin: Unpinned pip requirement mean… requirements.txt:2
MED DKR007 Docker build context has no .dockerignore .dockerignore
MED DKR013 Dockerfile ADD downloads remote content scripts/Dockerfile:8
MED DKR001 Docker final stage has no non-root USER scripts/Dockerfile:14
MED SEC005 [SEC005] Command Injection Risk: Unsafe shell execution or eval of user input. setup.py:28
LOW COMP001 [COMP001] High cognitive complexity: Function `getAllBoxGenerators` has cognitive complex… boxes/generators/__init__.py:52
LOW COMP001 [COMP001] High cognitive complexity: Function `__init__` has cognitive complexity 8 (Sona… boxes/formats.py:56
LOW AIC003 Duplicated implementation block across source files scripts/boxes_proxy.py:1
LOW AIC003 Duplicated implementation block across source files boxes/svgmerge.py:12
LOW AIC003 Duplicated implementation block across source files boxes/generators/walltypetray.py:19
LOW AIC003 Duplicated implementation block across source files boxes/generators/wallstackablebin.py:60
LOW AIC003 Duplicated implementation block across source files boxes/generators/wallslottedholder.py:38
LOW AIC003 Duplicated implementation block across source files boxes/generators/wallrollholder.py:9
LOW AIC003 Duplicated implementation block across source files boxes/generators/typetray.py:155
LOW AIC003 Duplicated implementation block across source files boxes/generators/triangularwall.py:3
LOW AIC003 Duplicated implementation block across source files boxes/generators/smallpartstray.py:109
LOW AIC003 Duplicated implementation block across source files boxes/generators/shutterbox.py:87
LOW AIC003 Duplicated implementation block across source files boxes/generators/flexbox4.py:4
LOW DKR010 Dockerfile leaves apt package indexes in the image layer scripts/Dockerfile:16
LOW DKR012 Dockerfile keeps pip download cache scripts/Dockerfile:9
LOW DKR012 Dockerfile keeps pip download cache scripts/Dockerfile:6
LOW DKC010 Compose service lacks no-new-privileges hardening docker-compose.yml:1
LOW DKC006 Compose service does not declare a runtime user docker-compose.yml:1
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… boxes/qrcode_factory.py:16
INFO MINED079 [MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) — off-… boxes/generators/wallpliersholder.py:87
INFO MINED079 [MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) — off-… boxes/generators/wallconsole.py:66
INFO MINED079 [MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) — off-… boxes/generators/slantedtray.py:86
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… boxes/generators/keyboard.py:37
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… boxes/generators/beequeencage.py:118
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… boxes/generators/arcade.py:72
Reset to top 5 125 findings available (after auto-suppression of test files + won't-fix)

Issue body (markdown)

## Code-quality scan: `florianfesti/boxes`

**Score: 81/100 (B)**  ·  125 findings  ·  scanned 2026-06-05 20:13 UTC  ·  41,978 LOC

| Severity | Count |
|---|---|
| CRITICAL | 25 |
| HIGH | 51 |
| MEDIUM | 24 |
| LOW | 18 |

📊 [Full filterable report](https://repobility.com/scan/57162b1e-634b-42c9-b6ff-6f3bc90ba2fd/)  ·  ![scorecard](https://repobility.com/scan/57162b1e-634b-42c9-b6ff-6f3bc90ba2fd/report.png?v=1780690434-s2)

### Top findings

1. **CRITICAL** `MINED107` — Missing import: `copy` used but not imported
   `boxes/generators/regularbox.py:86` · ✓ Repobility
2. **CRITICAL** `MINED107` — Missing import: `math` used but not imported
   `boxes/generators/cardholder.py:41` · ✓ Repobility
3. **CRITICAL** `MINED107` — Missing import: `math` used but not imported
   `boxes/generators/laserholdfast.py:59` · ✓ Repobility
4. **CRITICAL** `MINED107` — Missing import: `math` used but not imported
   `boxes/generators/pizzashovel.py:80` · ✓ Repobility
5. **CRITICAL** `MINED107` — Missing import: `math` used but not imported
   `boxes/generators/carbonfilter.py:97` · ✓ Repobility

---

_Filed automatically. Close this issue if not useful — we won't refile. Full report: https://repobility.com/scan/57162b1e-634b-42c9-b6ff-6f3bc90ba2fd/_
Megaproject â high spam risk
Could not determine 'florianfesti/boxes' star count (GitHub API rate-limited or unreachable). When in doubt about repo size, prefer opening a focused PR or a discussion rather than an issue.
Open in GitHub to file this issue Cancel

The button opens GitHubâs new-issue page in a new tab. You will see the title + body pre-filled â review, edit if you want, then click GitHubâs "Submit new issue" button. Repobility never posts anything on your behalf.

For real security findings on big repos: use the project's SECURITY.md or private advisory flow instead of a public issue.