{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED124", "name": "[MINED124] requirements.txt: `svgpathtools` has no version pin: Unpinned pip requirement means every fresh install may r", "shortDescription": {"text": "[MINED124] requirements.txt: `svgpathtools` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible "}, "fullDescription": {"text": "Replace `svgpathtools` with `svgpathtools==<version>` and manage upgrades through PRs / Dependabot."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "[MINED109] Mutable default argument in `args2html` (dict): `def args2html(... = []/{}/set())` \u2014 Python's default value i", "shortDescription": {"text": "[MINED109] Mutable default argument in `args2html` (dict): `def args2html(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every"}, "fullDescription": {"text": "Use None as the default and create the collection inside the function: `def args2html(x=None): x = x or []`"}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "DKR007", "name": "Docker build context has no .dockerignore", "shortDescription": {"text": "Docker build context has no .dockerignore"}, "fullDescription": {"text": "Add .dockerignore with at least .git, .env, private keys, dependency folders, build outputs, and local databases."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "DKR001", "name": "Docker final stage has no non-root USER", "shortDescription": {"text": "Docker final stage has no non-root USER"}, "fullDescription": {"text": "Add a non-root USER in the final runtime stage after files and permissions are prepared."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "DKR013", "name": "Dockerfile ADD downloads remote content", "shortDescription": {"text": "Dockerfile ADD downloads remote content"}, "fullDescription": {"text": "Use curl/wget with a pinned URL, verify checksum or signature, and prefer COPY for local files."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.84, "cwe": "", "owasp": ""}}, {"id": "SEC005", "name": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.", "shortDescription": {"text": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input."}, "fullDescription": {"text": "Use subprocess with shell=False and a list of args. Never eval user input."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 0.5, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `cb` has cognitive complexity 20 (SonarSource scale). Cognitive complexity", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `cb` has cognitive complexity 20 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 20."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "DKC010", "name": "Compose service lacks no-new-privileges hardening", "shortDescription": {"text": "Compose service lacks no-new-privileges hardening"}, "fullDescription": {"text": "Add `security_opt: [\"no-new-privileges:true\"]` unless the service has a documented need for privilege escalation."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "DKC006", "name": "Compose service does not declare a runtime user", "shortDescription": {"text": "Compose service does not declare a runtime user"}, "fullDescription": {"text": "Set a non-root `user:` in Compose or ensure the final image stage has a non-root USER directive."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.56, "cwe": "", "owasp": ""}}, {"id": "DKR010", "name": "Dockerfile leaves apt package indexes in the image layer", "shortDescription": {"text": "Dockerfile leaves apt package indexes in the image layer"}, "fullDescription": {"text": "End the apt install layer with `rm -rf /var/lib/apt/lists/*`."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "DKR012", "name": "Dockerfile keeps pip download cache", "shortDescription": {"text": "Dockerfile keeps pip download cache"}, "fullDescription": {"text": "Use `pip install --no-cache-dir ...` in container builds."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED079", "name": "[MINED079] Off By One Slice (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED079] Off By One Slice (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-193 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 14 more): Same pattern found in 14 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 14 more): Same pattern found in 14 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v5`: `uses: actions/deploy-pages@v5` resolves at workfl", "shortDescription": {"text": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v5`: `uses: actions/deploy-pages@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise ("}, "fullDescription": {"text": "Replace with: `uses: actions/deploy-pages@<40-char-sha>  # v5` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED119", "name": "[MINED119] Dockerfile `ADD https://github.com/florianfesti/boxes.git`: Dockerfile `ADD <url>` downloads a remote artifac", "shortDescription": {"text": "[MINED119] Dockerfile `ADD https://github.com/florianfesti/boxes.git`: Dockerfile `ADD <url>` downloads a remote artifact into the image with no integrity check. If the host or DNS is compromised between layers \u2014 or if the URL serves a diff"}, "fullDescription": {"text": "Download the file in CI with a known checksum, vendor it into the repo, and COPY it during the build. Or use `RUN curl -sSL URL | sha256sum -c <(echo '<expected> -')` to verify."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "[MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-slim` resolves the tag at build ti", "shortDescription": {"text": "[MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-slim` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production ima"}, "fullDescription": {"text": "Replace with: `FROM python:3.12-slim@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "[MINED131] pre-commit hook `https://github.com/codespell-project/codespell` pinned to mutable rev `v2.4.2`: `.pre-commit", "shortDescription": {"text": "[MINED131] pre-commit hook `https://github.com/codespell-project/codespell` pinned to mutable rev `v2.4.2`: `.pre-commit-config.yaml` references `https://github.com/codespell-project/codespell` at `rev: v2.4.2`. If `{rev}` is a branch or ve"}, "fullDescription": {"text": "Pin to a commit SHA: `rev: <40-char-sha>` and bump it through `pre-commit autoupdate` (which writes to PRs that are reviewed)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.set_source_color` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.set_s", "shortDescription": {"text": "[MINED108] `self.set_source_color` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.set_source_color`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the f"}, "fullDescription": {"text": "Initialize `self.set_source_color = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED036", "name": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping.", "shortDescription": {"text": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED034", "name": "[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command injection.", "shortDescription": {"text": "[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command injection."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(...)` but never imports `copy`. T", "shortDescription": {"text": "[MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(...)` but never imports `copy`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import copy` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1259"}, "properties": {"repository": "florianfesti/boxes", "repoUrl": "https://github.com/florianfesti/boxes", "branch": "master"}, "results": [{"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `svgpathtools` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127444, "scanner": "repobility-supply-chain", "fingerprint": "3c20aa3b602c2ee779e82db9187fc73b1b9ecc9a98b4a32347bcf5f031150dbe", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3c20aa3b602c2ee779e82db9187fc73b1b9ecc9a98b4a32347bcf5f031150dbe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `sphinx` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127443, "scanner": "repobility-supply-chain", "fingerprint": "9b07f3e6f0a15a9a8c45162c8fa57ecc356e8b6c98a9a43f2a4e8c16c58db987", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9b07f3e6f0a15a9a8c45162c8fa57ecc356e8b6c98a9a43f2a4e8c16c58db987"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `setuptools` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127442, "scanner": "repobility-supply-chain", "fingerprint": "28d37cc390a31e3308b2ff386b5c9986a7778a161fd5ff55f05a4a723aee8a43", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|28d37cc390a31e3308b2ff386b5c9986a7778a161fd5ff55f05a4a723aee8a43"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `rectpack` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127441, "scanner": "repobility-supply-chain", "fingerprint": "a0b2939d6aec793a9de363082795177c772981ec4353865a7a89f0f8b62b3fde", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a0b2939d6aec793a9de363082795177c772981ec4353865a7a89f0f8b62b3fde"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `PyYAML` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127440, "scanner": "repobility-supply-chain", "fingerprint": "c716f4cb777a7ebf1017eed0cacd8f07514530d0650e8e37e96b7d895dde1993", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c716f4cb777a7ebf1017eed0cacd8f07514530d0650e8e37e96b7d895dde1993"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `pillow` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127439, "scanner": "repobility-supply-chain", "fingerprint": "9b3d3e24cd03d73101585e4b03409ec5ce41e91feb176ee45ff75ba96e982e7a", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9b3d3e24cd03d73101585e4b03409ec5ce41e91feb176ee45ff75ba96e982e7a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 4}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `numpy` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127438, "scanner": "repobility-supply-chain", "fingerprint": "af120d8f867dd17ebd691d65d80fb93888eb194417febafc46e8d2b589f200d0", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|af120d8f867dd17ebd691d65d80fb93888eb194417febafc46e8d2b589f200d0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `markdown` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 127437, "scanner": "repobility-supply-chain", "fingerprint": "988645d73f4ade702bf23e831a8541ff24844039be525c62704a37332b6d6b87", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|988645d73f4ade702bf23e831a8541ff24844039be525c62704a37332b6d6b87"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "requirements.txt"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 127428, "scanner": "repobility-ast-engine", "fingerprint": "bf7a7fe5c3c03958c141c813c4036ef498a070362cd69d6d97cf9bf207f62b21", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bf7a7fe5c3c03958c141c813c4036ef498a070362cd69d6d97cf9bf207f62b21"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/scripts/boxes_generator.py"}, "region": {"startLine": 330}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 127427, "scanner": "repobility-ast-engine", "fingerprint": "b8559719a62e8d17e717580ebe855d9a68423edc0ad34bfd1ea4384ea142a604", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b8559719a62e8d17e717580ebe855d9a68423edc0ad34bfd1ea4384ea142a604"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/scripts/boxesserver.py"}, "region": {"startLine": 693}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `args2html` (dict): `def args2html(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127426, "scanner": "repobility-ast-engine", "fingerprint": "aa39b7de2a9879ad65f9886b4bbb9f351e7b55a55f7e9cbc59aefd7505e6ec90", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa39b7de2a9879ad65f9886b4bbb9f351e7b55a55f7e9cbc59aefd7505e6ec90"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/scripts/boxesserver.py"}, "region": {"startLine": 228}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `args2html_cached` (dict): `def args2html_cached(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127425, "scanner": "repobility-ast-engine", "fingerprint": "452adda786c5ea5794229bf49e4452356a2a94e8c270d7912864126c5583fb17", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|452adda786c5ea5794229bf49e4452356a2a94e8c270d7912864126c5583fb17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/scripts/boxesserver.py"}, "region": {"startLine": 219}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `arg2html` (dict): `def arg2html(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127424, "scanner": "repobility-ast-engine", "fingerprint": "2486c01b2893086020df3b335ce28a7618dd1461d42f5ec5aa99086ca5dde6fb", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2486c01b2893086020df3b335ce28a7618dd1461d42f5ec5aa99086ca5dde6fb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/scripts/boxesserver.py"}, "region": {"startLine": 189}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127423, "scanner": "repobility-ast-engine", "fingerprint": "fe262bb5210d4640d8205dc589d75c295eea482fa2e72d6c49464b3d3ed2adca", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fe262bb5210d4640d8205dc589d75c295eea482fa2e72d6c49464b3d3ed2adca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/scripts/boxesserver.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `drawLid` (list): `def drawLid(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127398, "scanner": "repobility-ast-engine", "fingerprint": "43a39fce34a6db4e7bf2478c7918aea9ff089140d97fc999af8212f326fd844e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|43a39fce34a6db4e7bf2478c7918aea9ff089140d97fc999af8212f326fd844e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/lids.py"}, "region": {"startLine": 314}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `addTopEdgeSettings` (dict): `def addTopEdgeSettings(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127397, "scanner": "repobility-ast-engine", "fingerprint": "9440c3ba8d0d255a96cc07a828408bc6bff48b1b969da3f473ee8a080e7349b0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9440c3ba8d0d255a96cc07a828408bc6bff48b1b969da3f473ee8a080e7349b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/lids.py"}, "region": {"startLine": 258}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 127396, "scanner": "repobility-ast-engine", "fingerprint": "d83c2f71f5cc8dc53aecb18465e04de2ea910450a831a09a2335b0be412e1837", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d83c2f71f5cc8dc53aecb18465e04de2ea910450a831a09a2335b0be412e1837"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/svgmerge.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `rectangularWall` (list): `def rectangularWall(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127394, "scanner": "repobility-ast-engine", "fingerprint": "6a80c13ddbcdae92e2dbc58bb56a53e9d51210621fcc56a2a0c1c0f3b0397636", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6a80c13ddbcdae92e2dbc58bb56a53e9d51210621fcc56a2a0c1c0f3b0397636"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 2475}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `text` (list): `def text(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 127393, "scanner": "repobility-ast-engine", "fingerprint": "23e8eec5994594435bd1c0215d411e944478a1377297ad13cacda90e9e60d0ca", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|23e8eec5994594435bd1c0215d411e944478a1377297ad13cacda90e9e60d0ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 1529}}}]}, {"ruleId": "DKR007", "level": "warning", "message": {"text": "Docker build context has no .dockerignore"}, "properties": {"repobilityId": 127365, "scanner": "repobility-docker", "fingerprint": "c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Dockerfile exists but repository root has no .dockerignore.", "evidence": {"rule_id": "DKR007", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 127364, "scanner": "repobility-docker", "fingerprint": "b8f9867a9c92eaf8431ae7c45057a1858829c9b959489bde4e3fdd19675082e1", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "python:3.12-slim", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|b8f9867a9c92eaf8431ae7c45057a1858829c9b959489bde4e3fdd19675082e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 14}}}]}, {"ruleId": "DKR013", "level": "warning", "message": {"text": "Dockerfile ADD downloads remote content"}, "properties": {"repobilityId": 127361, "scanner": "repobility-docker", "fingerprint": "cbc6b5ecd5663104c24126b9c17c038a44d5faed9b12954afc4faf666ffc0490", "category": "docker", "severity": "medium", "confidence": 0.84, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "ADD instruction references a remote URL.", "evidence": {"rule_id": "DKR013", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|cbc6b5ecd5663104c24126b9c17c038a44d5faed9b12954afc4faf666ffc0490"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 8}}}]}, {"ruleId": "SEC005", "level": "warning", "message": {"text": "[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input."}, "properties": {"repobilityId": 127345, "scanner": "repobility-threat-engine", "fingerprint": "f9324d35e141456aadfde8176cbd59ac85ff720abed58c93ce52b991a2831a76", "category": "injection", "severity": "medium", "confidence": 0.5, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "shell=True detected \u2014 verify command source is not user-controllable", "evidence": {"match": "subprocess.run([\"xgettext -L Python -j --from-code=utf-8 -o po/boxes.py.pot boxes/*.py scripts/boxes", "reason": "shell=True detected \u2014 verify command source is not user-controllable", "rule_id": "SEC005", "scanner": "repobility-threat-engine", "confidence": 0.5, "correlation_key": "code|injection|setup.py|28|sec005"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `cb` has cognitive complexity 20 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=3, for=4, if=6, nested_bonus=7."}, "properties": {"repobilityId": 127330, "scanner": "repobility-threat-engine", "fingerprint": "0ec492b841ae9ab5a890f54f63618ff8fc1e6ec56e99342712add6f85b27c30c", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 20 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "cb", "breakdown": {"if": 6, "for": 4, "else": 3, "nested_bonus": 7}, "complexity": 20, "correlation_key": "fp|0ec492b841ae9ab5a890f54f63618ff8fc1e6ec56e99342712add6f85b27c30c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/airpurifier.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "DKC010", "level": "note", "message": {"text": "Compose service lacks no-new-privileges hardening"}, "properties": {"repobilityId": 127367, "scanner": "repobility-docker", "fingerprint": "7f80983f54868d8bec198a3977b7dcbe8bfb5f2291356d590fb078148e91780d", "category": "docker", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "App-like service has no security_opt no-new-privileges setting.", "evidence": {"rule_id": "DKC010", "scanner": "repobility-docker", "service": "web", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|7f80983f54868d8bec198a3977b7dcbe8bfb5f2291356d590fb078148e91780d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yml"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKC006", "level": "note", "message": {"text": "Compose service does not declare a runtime user"}, "properties": {"repobilityId": 127366, "scanner": "repobility-docker", "fingerprint": "2ae03d2ca68f689d193058b7c353aabad57bc3d37942d6a7c1406762df909513", "category": "docker", "severity": "low", "confidence": 0.56, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Service has no user setting and Repobility could not prove the image runs non-root.", "evidence": {"rule_id": "DKC006", "scanner": "repobility-docker", "service": "web", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html"], "correlation_key": "fp|2ae03d2ca68f689d193058b7c353aabad57bc3d37942d6a7c1406762df909513"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docker-compose.yml"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR010", "level": "note", "message": {"text": "Dockerfile leaves apt package indexes in the image layer"}, "properties": {"repobilityId": 127363, "scanner": "repobility-docker", "fingerprint": "17895b1a2171685b84405e1c10f2323cf120c5fdba18e0a56fcca53a76a8e0a9", "category": "docker", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "apt update/install layer does not remove /var/lib/apt/lists.", "evidence": {"rule_id": "DKR010", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|17895b1a2171685b84405e1c10f2323cf120c5fdba18e0a56fcca53a76a8e0a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 16}}}]}, {"ruleId": "DKR012", "level": "note", "message": {"text": "Dockerfile keeps pip download cache"}, "properties": {"repobilityId": 127362, "scanner": "repobility-docker", "fingerprint": "f0edd15bcefe88ea3a5d40de2c635c398921ae305f62a077ce3b6b9106e30bdd", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "pip install appears without --no-cache-dir.", "evidence": {"rule_id": "DKR012", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|f0edd15bcefe88ea3a5d40de2c635c398921ae305f62a077ce3b6b9106e30bdd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 9}}}]}, {"ruleId": "DKR012", "level": "note", "message": {"text": "Dockerfile keeps pip download cache"}, "properties": {"repobilityId": 127360, "scanner": "repobility-docker", "fingerprint": "aca074b2107b91eb85e2ff20679d1c8c3ef47effcf163fe36369ee4a6727deba", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "pip install appears without --no-cache-dir.", "evidence": {"rule_id": "DKR012", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|aca074b2107b91eb85e2ff20679d1c8c3ef47effcf163fe36369ee4a6727deba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 6}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127359, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e70e84ff9e8365271f32edd409a4ce3fb15dafd175ed486f39d24134d2b33f02", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/scripts/boxes_proxy.py", "duplicate_line": 1, "correlation_key": "fp|e70e84ff9e8365271f32edd409a4ce3fb15dafd175ed486f39d24134d2b33f02"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/boxes_proxy.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127358, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3945883052a0e720a4dda3603899aa8f969eda4a7dc8b2126247f8d4d1f547de", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/scripts/boxes_generator.py", "duplicate_line": 76, "correlation_key": "fp|3945883052a0e720a4dda3603899aa8f969eda4a7dc8b2126247f8d4d1f547de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/svgmerge.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127357, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1d09d04b5a292980458c1a71c68f49201c06211ddd1f287e78bbdceb8b51ac07", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/typetray.py", "duplicate_line": 97, "correlation_key": "fp|1d09d04b5a292980458c1a71c68f49201c06211ddd1f287e78bbdceb8b51ac07"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/walltypetray.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127356, "scanner": "repobility-ai-code-hygiene", "fingerprint": "143fc7a0b7bf93a19076d32fdf8dc74a401483cb6b000dd77445c33dba044611", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/wallhopper.py", "duplicate_line": 35, "correlation_key": "fp|143fc7a0b7bf93a19076d32fdf8dc74a401483cb6b000dd77445c33dba044611"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/wallstackablebin.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127355, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6e92b930bdc31790116b431388824f9ade0939567e96a282cd821c56524e0a83", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/wallchiselholder.py", "duplicate_line": 30, "correlation_key": "fp|6e92b930bdc31790116b431388824f9ade0939567e96a282cd821c56524e0a83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/wallslottedholder.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127354, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4210ee6c6c56c15fcb0d19e88d9fca193f5f3095be6058fa8ff1e9fad99ba58c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/rollholder.py", "duplicate_line": 9, "correlation_key": "fp|4210ee6c6c56c15fcb0d19e88d9fca193f5f3095be6058fa8ff1e9fad99ba58c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/wallrollholder.py"}, "region": {"startLine": 9}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127353, "scanner": "repobility-ai-code-hygiene", "fingerprint": "68d1a513a6fc07a5cb5005ba40c3eb7072aa20e95da894ce807c3041ea4af4e5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/smallpartstray2.py", "duplicate_line": 76, "correlation_key": "fp|68d1a513a6fc07a5cb5005ba40c3eb7072aa20e95da894ce807c3041ea4af4e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/typetray.py"}, "region": {"startLine": 155}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127352, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a3f74887be73cebb0860b4cb39f3383eee838194c87c15f17dd9df1885d0c8b5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/rectangularWall.py", "duplicate_line": 3, "correlation_key": "fp|a3f74887be73cebb0860b4cb39f3383eee838194c87c15f17dd9df1885d0c8b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/triangularwall.py"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127351, "scanner": "repobility-ai-code-hygiene", "fingerprint": "670e626ab2a9d61dd53de9841e554eb8a01e6eed199f8e1f8cf06c453982f5ee", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/agricolainsert.py", "duplicate_line": 602, "correlation_key": "fp|670e626ab2a9d61dd53de9841e554eb8a01e6eed199f8e1f8cf06c453982f5ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/smallpartstray.py"}, "region": {"startLine": 109}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127350, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fa78a181b198ba1b93752e3fc2186d05073c5179912554234ca7dc5409fbf3ce", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/breadbox.py", "duplicate_line": 52, "correlation_key": "fp|fa78a181b198ba1b93752e3fc2186d05073c5179912554234ca7dc5409fbf3ce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/shutterbox.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 127349, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7699891765a6dccc912c305154eeb1d3668d33519fda8a84e3a07af8503da8b6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "boxes/generators/flexbox2.py", "duplicate_line": 4, "correlation_key": "fp|7699891765a6dccc912c305154eeb1d3668d33519fda8a84e3a07af8503da8b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/flexbox4.py"}, "region": {"startLine": 4}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `getAllBoxGenerators` has cognitive complexity 14 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=2, for=2, if=4, nested_bonus=6."}, "properties": {"repobilityId": 127329, "scanner": "repobility-threat-engine", "fingerprint": "e024562e2e0d13c6f5fb50d34a79e19f915ad6e2221f6d0edda5604acbaefe32", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 14 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "getAllBoxGenerators", "breakdown": {"if": 4, "for": 2, "continue": 2, "nested_bonus": 6}, "complexity": 14, "correlation_key": "fp|e024562e2e0d13c6f5fb50d34a79e19f915ad6e2221f6d0edda5604acbaefe32"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/__init__.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `__init__` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: break=2, for=2, if=2, nested_bonus=2."}, "properties": {"repobilityId": 127328, "scanner": "repobility-threat-engine", "fingerprint": "a20e8ef0a9d92d316b8c431f29f527c588b7614fcbf1bcb9a79a4c889736cbe6", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "__init__", "breakdown": {"if": 2, "for": 2, "break": 2, "nested_bonus": 2}, "complexity": 8, "correlation_key": "fp|a20e8ef0a9d92d316b8c431f29f527c588b7614fcbf1bcb9a79a4c889736cbe6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/formats.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 127344, "scanner": "repobility-threat-engine", "fingerprint": "ada2ece98424088dbbd774117497c1c85686ba21306a23e8ecb5a94dec885809", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ada2ece98424088dbbd774117497c1c85686ba21306a23e8ecb5a94dec885809"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/qrcode_factory.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED079", "level": "none", "message": {"text": "[MINED079] Off By One Slice (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 127343, "scanner": "repobility-threat-engine", "fingerprint": "e802111385f200dac6d63989d673d8b2f75ed4ae1989a42f1f16b9155e7e9371", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "off-by-one-slice", "owasp": null, "cwe_ids": ["CWE-193"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348121+00:00", "triaged_in_corpus": 12, "observations_count": 6443, "ai_coder_pattern_id": 19}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|e802111385f200dac6d63989d673d8b2f75ed4ae1989a42f1f16b9155e7e9371", "aggregated_count": 1}}}, {"ruleId": "MINED079", "level": "none", "message": {"text": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk."}, "properties": {"repobilityId": 127342, "scanner": "repobility-threat-engine", "fingerprint": "76fab47b8d5a83d79f43c7ad6f9f76dcb12a1e71a4834803be812be8536de1dd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "off-by-one-slice", "owasp": null, "cwe_ids": ["CWE-193"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348121+00:00", "triaged_in_corpus": 12, "observations_count": 6443, "ai_coder_pattern_id": 19}, "scanner": "repobility-threat-engine", "correlation_key": "fp|76fab47b8d5a83d79f43c7ad6f9f76dcb12a1e71a4834803be812be8536de1dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/wallpliersholder.py"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED079", "level": "none", "message": {"text": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk."}, "properties": {"repobilityId": 127341, "scanner": "repobility-threat-engine", "fingerprint": "e14f993ba16416c5d2b27c487c4b7a572857204c73eed6f657c7f89345aea3cf", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "off-by-one-slice", "owasp": null, "cwe_ids": ["CWE-193"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348121+00:00", "triaged_in_corpus": 12, "observations_count": 6443, "ai_coder_pattern_id": 19}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e14f993ba16416c5d2b27c487c4b7a572857204c73eed6f657c7f89345aea3cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/wallconsole.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED079", "level": "none", "message": {"text": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk."}, "properties": {"repobilityId": 127340, "scanner": "repobility-threat-engine", "fingerprint": "86d23e4d51796d7f6bd18123450b164f9792f232c8e79da3257cb36383cb7773", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "off-by-one-slice", "owasp": null, "cwe_ids": ["CWE-193"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348121+00:00", "triaged_in_corpus": 12, "observations_count": 6443, "ai_coder_pattern_id": 19}, "scanner": "repobility-threat-engine", "correlation_key": "fp|86d23e4d51796d7f6bd18123450b164f9792f232c8e79da3257cb36383cb7773"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/slantedtray.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 14 more): Same pattern found in 14 additional files. Review if needed."}, "properties": {"repobilityId": 127339, "scanner": "repobility-threat-engine", "fingerprint": "60d3535791d57daecb7571f76beae1cc0e0c1ff976eb68234272a7f7e7d25fca", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 14 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 14 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|60d3535791d57daecb7571f76beae1cc0e0c1ff976eb68234272a7f7e7d25fca"}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 127335, "scanner": "repobility-threat-engine", "fingerprint": "97e83b35d6d87ad95e23d12f8a95338efdb63b7f12c389b8e08fe5a80cf94e6e", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|97e83b35d6d87ad95e23d12f8a95338efdb63b7f12c389b8e08fe5a80cf94e6e", "aggregated_count": 3}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 127334, "scanner": "repobility-threat-engine", "fingerprint": "124df70ad55c2594668a1f008139edc14d642d71dd37c3dfebfcef2222ba9bd8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|124df70ad55c2594668a1f008139edc14d642d71dd37c3dfebfcef2222ba9bd8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/keyboard.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 127333, "scanner": "repobility-threat-engine", "fingerprint": "261f8d12d2e3ecdb7b0535483ea9fb551a4707f083a0e6f34b010c8e729f4197", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|261f8d12d2e3ecdb7b0535483ea9fb551a4707f083a0e6f34b010c8e729f4197"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/beequeencage.py"}, "region": {"startLine": 118}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 127332, "scanner": "repobility-threat-engine", "fingerprint": "ded3e1aa6a5f61481a1635056b61c20eb30dd0cdad2fa01c288f2e63f24a7325", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ded3e1aa6a5f61481a1635056b61c20eb30dd0cdad2fa01c288f2e63f24a7325"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/arcade.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 57 more): Same pattern found in 57 additional files. Review if needed."}, "properties": {"repobilityId": 127331, "scanner": "repobility-threat-engine", "fingerprint": "18d68a6eee36bb39f2a40a071b4f688647f43b11c60f2adefda97496e56ac780", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 57 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "__init__", "breakdown": {"if": 2, "for": 2, "break": 2, "nested_bonus": 2}, "aggregated": true, "complexity": 8, "correlation_key": "fp|18d68a6eee36bb39f2a40a071b4f688647f43b11c60f2adefda97496e56ac780", "aggregated_count": 57}}}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v5`: `uses: actions/deploy-pages@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127456, "scanner": "repobility-supply-chain", "fingerprint": "2075c3e0373dd885950f92b5ccf481ba435c34b979bd650da102c5ad396e9b69", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2075c3e0373dd885950f92b5ccf481ba435c34b979bd650da102c5ad396e9b69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-pages-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-pages-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127455, "scanner": "repobility-supply-chain", "fingerprint": "67da4b5502c79a3ac3ef2849a99fd83e4308fab904a3c99cdf62d7c474a1f4f8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|67da4b5502c79a3ac3ef2849a99fd83e4308fab904a3c99cdf62d7c474a1f4f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setup-python@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127454, "scanner": "repobility-supply-chain", "fingerprint": "c90047ea5259464442cb324d40381f8a5d74df53d213cf9526057c1aba529481", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c90047ea5259464442cb324d40381f8a5d74df53d213cf9526057c1aba529481"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127453, "scanner": "repobility-supply-chain", "fingerprint": "c1d9b92d7f49bd4b6ff190abfe6b763a795632a7ff6defee9981fc0b936fd9cb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c1d9b92d7f49bd4b6ff190abfe6b763a795632a7ff6defee9981fc0b936fd9cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v7`: `uses: actions/upload-artifact@v7` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127452, "scanner": "repobility-supply-chain", "fingerprint": "6e162be8428eaf34c6b415f03e49f2b73ddaf28e60cc7e46f458ec1551478991", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6e162be8428eaf34c6b415f03e49f2b73ddaf28e60cc7e46f458ec1551478991"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/precommit.yml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `pre-commit/action` pinned to mutable ref `@v3.0.1`: `uses: pre-commit/action@v3.0.1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127451, "scanner": "repobility-supply-chain", "fingerprint": "0ec6dbfb973e7967fd419a8103739d0fd9ff13d7b2dd919d45dd12bece1f3fff", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0ec6dbfb973e7967fd419a8103739d0fd9ff13d7b2dd919d45dd12bece1f3fff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/precommit.yml"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v6`: `uses: actions/setup-python@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127450, "scanner": "repobility-supply-chain", "fingerprint": "a77ec913e9a650017a732f3448aac71dd6074c14e45bd8241f80530ef6d88b60", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a77ec913e9a650017a732f3448aac71dd6074c14e45bd8241f80530ef6d88b60"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/precommit.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127449, "scanner": "repobility-supply-chain", "fingerprint": "783940b89e598087bfb489634791de538ef813786815ad652758c47f4c99363a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|783940b89e598087bfb489634791de538ef813786815ad652758c47f4c99363a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/precommit.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 127448, "scanner": "repobility-supply-chain", "fingerprint": "ca645569da31e0eac1176154ebadaecbbb6e7b4e93ce04872b3a99fd6b7ec393", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ca645569da31e0eac1176154ebadaecbbb6e7b4e93ce04872b3a99fd6b7ec393"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docker-publish.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED119", "level": "error", "message": {"text": "[MINED119] Dockerfile `ADD https://github.com/florianfesti/boxes.git`: Dockerfile `ADD <url>` downloads a remote artifact into the image with no integrity check. If the host or DNS is compromised between layers \u2014 or if the URL serves a different file later \u2014 malicious content gets baked into the image."}, "properties": {"repobilityId": 127447, "scanner": "repobility-supply-chain", "fingerprint": "556a27b03b4baea6f6cde8c7fab9ee90d362f24a3e30970768c04fcda7e150f8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-add-remote-url", "owasp": "A08:2021", "cwe_ids": ["CWE-829", "CWE-494"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|556a27b03b4baea6f6cde8c7fab9ee90d362f24a3e30970768c04fcda7e150f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-slim` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 127446, "scanner": "repobility-supply-chain", "fingerprint": "5e8889d39400f1912a8ba6e61596d4d472d2c67b784dd38fa57bba9d6073e0de", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5e8889d39400f1912a8ba6e61596d4d472d2c67b784dd38fa57bba9d6073e0de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "[MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-slim` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"repobilityId": 127445, "scanner": "repobility-supply-chain", "fingerprint": "d050ca62b1978a3e6f756e56ffa6f3db2372b99b428b43221376c9509756e938", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d050ca62b1978a3e6f756e56ffa6f3db2372b99b428b43221376c9509756e938"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/codespell-project/codespell` pinned to mutable rev `v2.4.2`: `.pre-commit-config.yaml` references `https://github.com/codespell-project/codespell` at `rev: v2.4.2`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127436, "scanner": "repobility-supply-chain", "fingerprint": "1bb759be14337d3640736e66f7b8583516f1b668ed8d6b12078e65c702d18a1a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1bb759be14337d3640736e66f7b8583516f1b668ed8d6b12078e65c702d18a1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 76}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/shellcheck-py/shellcheck-py` pinned to mutable rev `v0.11.0.1`: `.pre-commit-config.yaml` references `https://github.com/shellcheck-py/shellcheck-py` at `rev: v0.11.0.1`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127435, "scanner": "repobility-supply-chain", "fingerprint": "e242fcc0e2cb108aee4761d5448c3f1d5079a375a7a8f7a55c91a3586d676731", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e242fcc0e2cb108aee4761d5448c3f1d5079a375a7a8f7a55c91a3586d676731"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/rstcheck/rstcheck` pinned to mutable rev `v6.2.5`: `.pre-commit-config.yaml` references `https://github.com/rstcheck/rstcheck` at `rev: v6.2.5`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127434, "scanner": "repobility-supply-chain", "fingerprint": "b87bb417f6e9ed3689a8d554692a14c2be80563dd9bf6619b6c39217f4ec96b6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b87bb417f6e9ed3689a8d554692a14c2be80563dd9bf6619b6c39217f4ec96b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/mirrors-mypy` pinned to mutable rev `v2.1.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/mirrors-mypy` at `rev: v2.1.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127433, "scanner": "repobility-supply-chain", "fingerprint": "4926db2f94befb6b9261c66de1df660a19ea8035f729289780c6a4a4bb870102", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4926db2f94befb6b9261c66de1df660a19ea8035f729289780c6a4a4bb870102"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/PyCQA/autoflake` pinned to mutable rev `v2.3.3`: `.pre-commit-config.yaml` references `https://github.com/PyCQA/autoflake` at `rev: v2.3.3`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127432, "scanner": "repobility-supply-chain", "fingerprint": "4f05f788150e2ca51f10c285a40d5b395fa6d4fe77b9aaec4466e7638d056815", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4f05f788150e2ca51f10c285a40d5b395fa6d4fe77b9aaec4466e7638d056815"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/asottile/pyupgrade` pinned to mutable rev `v3.21.2`: `.pre-commit-config.yaml` references `https://github.com/asottile/pyupgrade` at `rev: v3.21.2`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127431, "scanner": "repobility-supply-chain", "fingerprint": "b26d3aacdc321ced7641b9eae4279d6314e704cb328fc4acf529dc782ed91b1d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b26d3aacdc321ced7641b9eae4279d6314e704cb328fc4acf529dc782ed91b1d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/pygrep-hooks` pinned to mutable rev `v1.10.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/pygrep-hooks` at `rev: v1.10.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127430, "scanner": "repobility-supply-chain", "fingerprint": "eadb3f421332292da296b0f186bb0d267ed087910ebefcd40456ca39fe45baaa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|eadb3f421332292da296b0f186bb0d267ed087910ebefcd40456ca39fe45baaa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v6.0.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/pre-commit-hooks` at `rev: v6.0.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 127429, "scanner": "repobility-supply-chain", "fingerprint": "e92f42c3eb7e9937021200b67f3bc1052a6f9946583950840425a9e6c4893c58", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e92f42c3eb7e9937021200b67f3bc1052a6f9946583950840425a9e6c4893c58"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.set_source_color` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.set_source_color`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127392, "scanner": "repobility-ast-engine", "fingerprint": "b32ef093133a02f8f0fdb95549478bd49405cd5ad91f437caa1fcefdcecbc4fd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b32ef093133a02f8f0fdb95549478bd49405cd5ad91f437caa1fcefdcecbc4fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 465}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.qr_code` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.qr_code`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127391, "scanner": "repobility-ast-engine", "fingerprint": "551ce5e393298bdbf9c6a12a1ff8014489ca106cd5591a3945a157d489e742e3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|551ce5e393298bdbf9c6a12a1ff8014489ca106cd5591a3945a157d489e742e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 483}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.reference` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.reference`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127390, "scanner": "repobility-ast-engine", "fingerprint": "a723ec365bb3a5aef4874f94c0ee3fb7b8603559320183f96a3904e6d2548e6c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a723ec365bb3a5aef4874f94c0ee3fb7b8603559320183f96a3904e6d2548e6c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 473}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._buildObjects` used but never assigned in __init__: Method `open` of class `Boxes` reads `self._buildObjects`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127389, "scanner": "repobility-ast-engine", "fingerprint": "157bdaee75d20b1104ca15d028c5ccb3a557614185da1dbe0efd6ab647afd8a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|157bdaee75d20b1104ca15d028c5ccb3a557614185da1dbe0efd6ab647afd8a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 472}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.set_font` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.set_font`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127388, "scanner": "repobility-ast-engine", "fingerprint": "68e38d0fd383acb92ead2f3d0741a53bb55bc1bf761e8c897fa202537bf13dd0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|68e38d0fd383acb92ead2f3d0741a53bb55bc1bf761e8c897fa202537bf13dd0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 471}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.format` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.format`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127387, "scanner": "repobility-ast-engine", "fingerprint": "8acd6c8a7b34a5ba8978c7292f146319657f63d79c9a56b14d175235f196ba88", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8acd6c8a7b34a5ba8978c7292f146319657f63d79c9a56b14d175235f196ba88"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 463}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.format` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.format`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127386, "scanner": "repobility-ast-engine", "fingerprint": "9e13ae9b71ee716527cfaa4f187b1e4f413d22e234d9a55789ae1b82b1b64c1c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9e13ae9b71ee716527cfaa4f187b1e4f413d22e234d9a55789ae1b82b1b64c1c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 461}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.surface` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.surface`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127385, "scanner": "repobility-ast-engine", "fingerprint": "a91259591fad2c44438ed4a6f7ffc16d2c9db8469e9fc57725a3542b301abf9c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a91259591fad2c44438ed4a6f7ffc16d2c9db8469e9fc57725a3542b301abf9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 461}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.spacing` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.spacing`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127384, "scanner": "repobility-ast-engine", "fingerprint": "692d8ba64a826a6d964d5ac44f3fc1867525de78b7303428884fc89ac3677e20", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|692d8ba64a826a6d964d5ac44f3fc1867525de78b7303428884fc89ac3677e20"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 470}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.bedBoltSettings` used but never assigned in __init__: Method `open` of class `Boxes` reads `self.bedBoltSettings`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127383, "scanner": "repobility-ast-engine", "fingerprint": "407f6f220bf4205150364168a886e25e70824365a04bb83e829d22caace2beca", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|407f6f220bf4205150364168a886e25e70824365a04bb83e829d22caace2beca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/__init__.py"}, "region": {"startLine": 460}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127382, "scanner": "repobility-ast-engine", "fingerprint": "cef98ccd8e080a6b18c24d6b8175e2c621d0ad81af1224b8670ca53a38e0545f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cef98ccd8e080a6b18c24d6b8175e2c621d0ad81af1224b8670ca53a38e0545f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127381, "scanner": "repobility-ast-engine", "fingerprint": "9a7a95e0e73ff6de5a8c8c628482d7126af2b780d523967dd5964d0badc14067", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9a7a95e0e73ff6de5a8c8c628482d7126af2b780d523967dd5964d0badc14067"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127380, "scanner": "repobility-ast-engine", "fingerprint": "24d8d5b3d52cef326eada0a2c677c441a3ba9186d7d903833cd17cad807c700c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|24d8d5b3d52cef326eada0a2c677c441a3ba9186d7d903833cd17cad807c700c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127379, "scanner": "repobility-ast-engine", "fingerprint": "5c32ab6451c3bb4ea21995e447666beda9970e7206453a08a29943452a5f2f0d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5c32ab6451c3bb4ea21995e447666beda9970e7206453a08a29943452a5f2f0d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127378, "scanner": "repobility-ast-engine", "fingerprint": "7c23095d0c7a299727c018a63a151c1a9502b5734666199eeb75a38f2d327dca", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7c23095d0c7a299727c018a63a151c1a9502b5734666199eeb75a38f2d327dca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127377, "scanner": "repobility-ast-engine", "fingerprint": "3dd10e3513dd32effb04987a60778dc6e099ff95949ae80eb258ef94cea7b24a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3dd10e3513dd32effb04987a60778dc6e099ff95949ae80eb258ef94cea7b24a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127376, "scanner": "repobility-ast-engine", "fingerprint": "9feb604abf44dc140966f5e99d48838f381f4d4afb8695d10aa3de21585960c8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9feb604abf44dc140966f5e99d48838f381f4d4afb8695d10aa3de21585960c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127375, "scanner": "repobility-ast-engine", "fingerprint": "9a7c2b2b0f1939d124319db4bfd8bb22d755641bcba4c8b28f861cd4a9e97027", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9a7c2b2b0f1939d124319db4bfd8bb22d755641bcba4c8b28f861cd4a9e97027"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.buildInkscapeExt` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.buildInkscapeExt`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127374, "scanner": "repobility-ast-engine", "fingerprint": "5dd9f541c2806b22f5fb72d5d55c7ad6702ce8b73989d1d52145c8449cb84de9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5dd9f541c2806b22f5fb72d5d55c7ad6702ce8b73989d1d52145c8449cb84de9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.execute` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.execute`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127373, "scanner": "repobility-ast-engine", "fingerprint": "dbe4e75bf491bacfd028faa796ee0d120d6a55344ffa74986a7d5e148becc466", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dbe4e75bf491bacfd028faa796ee0d120d6a55344ffa74986a7d5e148becc466"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.generate_mo_files` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.generate_mo_files`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127372, "scanner": "repobility-ast-engine", "fingerprint": "49d79a32e31f4e6c1b649f3f53eab25340bcf45dd620857ef8cb76918ed0be50", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|49d79a32e31f4e6c1b649f3f53eab25340bcf45dd620857ef8cb76918ed0be50"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.execute` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.execute`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127371, "scanner": "repobility-ast-engine", "fingerprint": "7831b357a6f723e17ad9bc186ca5133faf072e8145c686c7b00d59ad8ceb5648", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7831b357a6f723e17ad9bc186ca5133faf072e8145c686c7b00d59ad8ceb5648"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.updatePOT` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.updatePOT`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127370, "scanner": "repobility-ast-engine", "fingerprint": "cb540d40ef584c1dcf0957b34156d39e528f0c59d93bf424eb3afa9a6e56b54b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cb540d40ef584c1dcf0957b34156d39e528f0c59d93bf424eb3afa9a6e56b54b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.execute` used but never assigned in __init__: Method `run` of class `CustomBuildExtCommand` reads `self.execute`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127369, "scanner": "repobility-ast-engine", "fingerprint": "e27d845312476a41540ffafca1e1e8802ff2c84f10ef1eae29694c79db824e36", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e27d845312476a41540ffafca1e1e8802ff2c84f10ef1eae29694c79db824e36"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.distribution` used but never assigned in __init__: Method `generate_mo_files` of class `CustomBuildExtCommand` reads `self.distribution`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 127368, "scanner": "repobility-ast-engine", "fingerprint": "5d7fced1782eaa581b54455eaca93652ac74863347353bd0b310fee4111fb78b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5d7fced1782eaa581b54455eaca93652ac74863347353bd0b310fee4111fb78b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED036", "level": "error", "message": {"text": "[MINED036] Python Os System Call: os.system() invokes shell with no escaping."}, "properties": {"repobilityId": 127348, "scanner": "repobility-threat-engine", "fingerprint": "d60f18fec5d2fb9d58ad49fc9bb60838fe86a9c2f61653b4c794ff3aa710ecbe", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-os-system-call", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347982+00:00", "triaged_in_corpus": 15, "observations_count": 2221, "ai_coder_pattern_id": 117}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d60f18fec5d2fb9d58ad49fc9bb60838fe86a9c2f61653b4c794ff3aa710ecbe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED034", "level": "error", "message": {"text": "[MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command injection."}, "properties": {"repobilityId": 127347, "scanner": "repobility-threat-engine", "fingerprint": "bb37513fdf84a90cceef4cafb7f0a1eeaf9d90c5015f009b6787d17097c548c0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-subprocess-shell-true", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347977+00:00", "triaged_in_corpus": 15, "observations_count": 3478, "ai_coder_pattern_id": 118}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bb37513fdf84a90cceef4cafb7f0a1eeaf9d90c5015f009b6787d17097c548c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 127346, "scanner": "repobility-threat-engine", "fingerprint": "cd42dded13a47d6f67d8ad63fb9e77f5d1376a2cf37d3c96349238f5943873d7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cd42dded13a47d6f67d8ad63fb9e77f5d1376a2cf37d3c96349238f5943873d7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "setup.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 127338, "scanner": "repobility-threat-engine", "fingerprint": "fd93dbe14fa4b41780210973978af12fdc6b1165958ac9ab680f870b102d1170", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.ctx.save()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|fd93dbe14fa4b41780210973978af12fdc6b1165958ac9ab680f870b102d1170"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/dicebox.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 127337, "scanner": "repobility-threat-engine", "fingerprint": "ccc146dfb5be6ca1681b58d225e333e35f6088541c633a471e5f7e3cece0f798", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.ctx.save()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|ccc146dfb5be6ca1681b58d225e333e35f6088541c633a471e5f7e3cece0f798"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/compartmentbox.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 127336, "scanner": "repobility-threat-engine", "fingerprint": "a1e4ef254ece09af729aea8b4dfb51421acfe42a732b2eaf6c77f45d8e4c1344", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.ctx.save()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a1e4ef254ece09af729aea8b4dfb51421acfe42a732b2eaf6c77f45d8e4c1344"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/breadbox.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(...)` but never imports `copy`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127422, "scanner": "repobility-ast-engine", "fingerprint": "832fd2dcdb0aff7b6ba0840b5974c73496d2eab887837ea3eb26614d28c6e75f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|832fd2dcdb0aff7b6ba0840b5974c73496d2eab887837ea3eb26614d28c6e75f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/regularbox.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127421, "scanner": "repobility-ast-engine", "fingerprint": "50eabb76973dca6db22ecc33c117e8a28ca37c3d715f0ea263ce40e43d6ded66", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|50eabb76973dca6db22ecc33c117e8a28ca37c3d715f0ea263ce40e43d6ded66"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/cardholder.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127420, "scanner": "repobility-ast-engine", "fingerprint": "79b37647515b287eacea108225a3ced82ecc7f45f477944936a46d4ec8c81b6e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|79b37647515b287eacea108225a3ced82ecc7f45f477944936a46d4ec8c81b6e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/laserholdfast.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127419, "scanner": "repobility-ast-engine", "fingerprint": "952bc710939c3190d75b427b6f8bc1919725e1e69e18da1bff71b56f96847a89", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|952bc710939c3190d75b427b6f8bc1919725e1e69e18da1bff71b56f96847a89"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/pizzashovel.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127418, "scanner": "repobility-ast-engine", "fingerprint": "7767ccda543e1d164768b08e5437fadd8e2757e0e790396b9794cb5cb9b478ae", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7767ccda543e1d164768b08e5437fadd8e2757e0e790396b9794cb5cb9b478ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/carbonfilter.py"}, "region": {"startLine": 97}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127417, "scanner": "repobility-ast-engine", "fingerprint": "f0eb20469514ab1146d476dca50d815a707c7a827c58b78f21710ab282074761", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f0eb20469514ab1146d476dca50d815a707c7a827c58b78f21710ab282074761"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/bintray.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(...)` but never imports `copy`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127416, "scanner": "repobility-ast-engine", "fingerprint": "4d5e6c7425784d29e486f728036263ef349d947827127401f2d3d400940beb5e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4d5e6c7425784d29e486f728036263ef349d947827127401f2d3d400940beb5e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/bintray.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127415, "scanner": "repobility-ast-engine", "fingerprint": "a3f328eafef3af6b18c778a290141703043c0261351712763e377e237a847fb2", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a3f328eafef3af6b18c778a290141703043c0261351712763e377e237a847fb2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/drillstand.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `argparse` used but not imported: The file uses `argparse.something(...)` but never imports `argparse`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127414, "scanner": "repobility-ast-engine", "fingerprint": "c9f794f004efec3a1fa67bd8cec31b63133bd56616d01a069ca92a7b6cb06579", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c9f794f004efec3a1fa67bd8cec31b63133bd56616d01a069ca92a7b6cb06579"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/typetray.py"}, "region": {"startLine": 119}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127413, "scanner": "repobility-ast-engine", "fingerprint": "83675ab0dcd4b82004e6263451134344bf6e9296aff9bf050de904b815684218", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|83675ab0dcd4b82004e6263451134344bf6e9296aff9bf050de904b815684218"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/regularstarbox.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `copy` used but not imported: The file uses `copy.something(...)` but never imports `copy`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127412, "scanner": "repobility-ast-engine", "fingerprint": "6ebc4d828489c5fb44f12dd8181ec333115f24353ee4346d4f43f496cb3707af", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6ebc4d828489c5fb44f12dd8181ec333115f24353ee4346d4f43f496cb3707af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/regularstarbox.py"}, "region": {"startLine": 76}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127411, "scanner": "repobility-ast-engine", "fingerprint": "83986b16ec7c661b96c48d3af85b5a11559896f6b0a511d06d19b64a93ac1bbf", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|83986b16ec7c661b96c48d3af85b5a11559896f6b0a511d06d19b64a93ac1bbf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/planetary2.py"}, "region": {"startLine": 94}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127410, "scanner": "repobility-ast-engine", "fingerprint": "94fef27cc536b93afd33b672608beb01381aaaa1fa11b6d66c69a87c8f5da02a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|94fef27cc536b93afd33b672608beb01381aaaa1fa11b6d66c69a87c8f5da02a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/skadisstand.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127409, "scanner": "repobility-ast-engine", "fingerprint": "0d8272cbb36774033d70fa3995475e6ba16ebfb2d0a7dc3b354f2cb082d49eca", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0d8272cbb36774033d70fa3995475e6ba16ebfb2d0a7dc3b354f2cb082d49eca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/shadowbox.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127408, "scanner": "repobility-ast-engine", "fingerprint": "cb9fdfd9f3f6a8a0980ccfd979fd24c8ff7fafae8a8f1c74d1131ac0e666e0b1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cb9fdfd9f3f6a8a0980ccfd979fd24c8ff7fafae8a8f1c74d1131ac0e666e0b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/walldrillbox.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127407, "scanner": "repobility-ast-engine", "fingerprint": "48f95236bfce32da631eeb717cd42d059fc18e12cbbef9cbf6af21d3551dba1b", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|48f95236bfce32da631eeb717cd42d059fc18e12cbbef9cbf6af21d3551dba1b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/smallpartstray.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127406, "scanner": "repobility-ast-engine", "fingerprint": "2a4eee6c10be4045cb1646dd50f8457efe86fe575e413454c297ab1c15d6b10a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a4eee6c10be4045cb1646dd50f8457efe86fe575e413454c297ab1c15d6b10a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/breadbox.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127405, "scanner": "repobility-ast-engine", "fingerprint": "ba4e7ed201904c2355941059e0452f6b21b2a25db0d9a026887eab649680b185", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ba4e7ed201904c2355941059e0452f6b21b2a25db0d9a026887eab649680b185"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/displayshelf.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127404, "scanner": "repobility-ast-engine", "fingerprint": "1a8be5903780677f025f3d5de81b6e3cba6dffef0f065a1222cd0bc87351d727", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1a8be5903780677f025f3d5de81b6e3cba6dffef0f065a1222cd0bc87351d727"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/desksign.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127403, "scanner": "repobility-ast-engine", "fingerprint": "aa39af07049d2e0b55696dd4a68b91b3a7db4c3c3650771c6dcd4cd1f569fac7", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa39af07049d2e0b55696dd4a68b91b3a7db4c3c3650771c6dcd4cd1f569fac7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/ramp.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127402, "scanner": "repobility-ast-engine", "fingerprint": "044674b97f6b3f92c86d183156648f6f9de10ce6148b8bd2d6fedd46d116052c", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|044674b97f6b3f92c86d183156648f6f9de10ce6148b8bd2d6fedd46d116052c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/planetary.py"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127401, "scanner": "repobility-ast-engine", "fingerprint": "de9c70d8b198523e08990043811d1a2c6c962fc220ff23d17f43f9612f3a3152", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|de9c70d8b198523e08990043811d1a2c6c962fc220ff23d17f43f9612f3a3152"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/coindisplay.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127400, "scanner": "repobility-ast-engine", "fingerprint": "58585af2c33bb888365edf433d1e4c6bda5703fbc91401466c00dae402b9e6b4", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|58585af2c33bb888365edf433d1e4c6bda5703fbc91401466c00dae402b9e6b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/angledcutjig.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `math` used but not imported: The file uses `math.something(...)` but never imports `math`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127399, "scanner": "repobility-ast-engine", "fingerprint": "5098d0e8abe168aab65f518c6763d54276adc57c1ff474e87e8d2b8bbfc71d66", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5098d0e8abe168aab65f518c6763d54276adc57c1ff474e87e8d2b8bbfc71d66"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/generators/laptopstand.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `warnings` used but not imported: The file uses `warnings.something(...)` but never imports `warnings`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 127395, "scanner": "repobility-ast-engine", "fingerprint": "525eaae3b690063662dd9f7fde58aa168a90ffcf84ed52a2528870f43a758295", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|525eaae3b690063662dd9f7fde58aa168a90ffcf84ed52a2528870f43a758295"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boxes/gears.py"}, "region": {"startLine": 638}}}]}]}]}