{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "CORE_NO_LICENSE", "name": "No LICENSE file", "shortDescription": {"text": "No LICENSE file"}, "fullDescription": {"text": "Add a LICENSE file to your repository. Use choosealicense.com to pick the right license (MIT for permissive, Apache 2.0 for patent protection, GPL for copyleft)."}, "properties": {"scanner": "repobility-core", "category": "documentation", "severity": "low", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workfl", "shortDescription": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise ("}, "fullDescription": {"text": "Replace with: `uses: actions/checkout@<40-char-sha>  # v6.0.3` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1306"}, "properties": {"repository": "KudoAI/chatgpt.js", "repoUrl": "https://github.com/KudoAI/chatgpt.js", "branch": "main"}, "results": [{"ruleId": "CORE_NO_LICENSE", "level": "note", "message": {"text": "No LICENSE file"}, "properties": {"repobilityId": 133585, "scanner": "repobility-core", "fingerprint": "9314e9238cd99885865b92490d1aaa96ca62b1390c9377878d5f3d99227e1c3c", "category": "documentation", "severity": "low", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_LICENSE", "scanner": "repobility-core", "correlation_key": "repo|documentation|core_no_license"}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 133587, "scanner": "repobility-threat-engine", "fingerprint": "02da7be1164e06c1d19de73fd672c73c2be54615d71b46798fa7de5aff494f8c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|02da7be1164e06c1d19de73fd672c73c2be54615d71b46798fa7de5aff494f8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/assets/js/src/copy-code-button.js"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 133586, "scanner": "repobility-threat-engine", "fingerprint": "f0896fae2c4fca86cb537e3296d458ec58799721ef4f6957b008c50d28045355", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f0896fae2c4fca86cb537e3296d458ec58799721ef4f6957b008c50d28045355"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/assets/js/src/back-to-top-button.js"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133601, "scanner": "repobility-supply-chain", "fingerprint": "ad465e77e22028a56820bcd06e4eb85bd64ed02e1f5d3ee90c37e5c88397f41c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ad465e77e22028a56820bcd06e4eb85bd64ed02e1f5d3ee90c37e5c88397f41c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/update-jsd-shields-weekly.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6.4.0`: `uses: actions/setup-node@v6.4.0` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133600, "scanner": "repobility-supply-chain", "fingerprint": "2d99bd47496ee3681d716842aefa44ca86312f34dc379752186a96c27d2462ac", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2d99bd47496ee3681d716842aefa44ca86312f34dc379752186a96c27d2462ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/lint-on-push-pr.yml"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133599, "scanner": "repobility-supply-chain", "fingerprint": "d4e736e7269bb10b3958235136e4e3842eeeb25127945ca1e00b36baa665a250", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d4e736e7269bb10b3958235136e4e3842eeeb25127945ca1e00b36baa665a250"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/lint-on-push-pr.yml"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133598, "scanner": "repobility-supply-chain", "fingerprint": "079a272ec7858263a148d87bff74dd9c8524659b82f928bf5b0d882afd0e8c8b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|079a272ec7858263a148d87bff74dd9c8524659b82f928bf5b0d882afd0e8c8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sync-changes-to-js-utils.yml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133597, "scanner": "repobility-supply-chain", "fingerprint": "37134f095ec7682fa2e94cb6fbf7ac156357110c1f11670e3191a20eb49d0f60", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|37134f095ec7682fa2e94cb6fbf7ac156357110c1f11670e3191a20eb49d0f60"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sync-changes-to-js-utils.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/create-github-app-token` pinned to mutable ref `@v3.2.0`: `uses: actions/create-github-app-token@v3.2.0` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133596, "scanner": "repobility-supply-chain", "fingerprint": "036283015c4a55893df344d92f7ed092728036f8913124d85954031d5107195c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|036283015c4a55893df344d92f7ed092728036f8913124d85954031d5107195c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sync-chatgpt.js-releases-to-js-utils.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `JustinBeckwith/linkinator-action` pinned to mutable ref `@v2.4.2`: `uses: JustinBeckwith/linkinator-action@v2.4.2` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133595, "scanner": "repobility-supply-chain", "fingerprint": "7c69aa71d3c38f3e645029e99054b4e0e115df212613872d656213ffb3b6fc7d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7c69aa71d3c38f3e645029e99054b4e0e115df212613872d656213ffb3b6fc7d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/validate-links-on-push-pr.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133594, "scanner": "repobility-supply-chain", "fingerprint": "6cc7fa17a55efbd8f5ac78ac6de6c9f611c71fe1938cdcc6723339e5c7ff6146", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6cc7fa17a55efbd8f5ac78ac6de6c9f611c71fe1938cdcc6723339e5c7ff6146"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/validate-links-on-push-pr.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133593, "scanner": "repobility-supply-chain", "fingerprint": "f04137bb8b868942ca0b5bf8d79a1ec2ef5ba65c7cba11f0010e5dd89b45f3ed", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f04137bb8b868942ca0b5bf8d79a1ec2ef5ba65c7cba11f0010e5dd89b45f3ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sync-chatgpt.js-changes-to-chrome-starter.yml"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133592, "scanner": "repobility-supply-chain", "fingerprint": "2558b62bd2708c63aeb5e1ae2886af71e9272801c2c4456c87b807c750011363", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2558b62bd2708c63aeb5e1ae2886af71e9272801c2c4456c87b807c750011363"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sync-chatgpt.js-changes-to-chrome-starter.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6.4.0`: `uses: actions/setup-node@v6.4.0` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133591, "scanner": "repobility-supply-chain", "fingerprint": "2df662cbf1bbd46f1972120e0828b5d965a0410323674043fce5aa14fcf7d05e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2df662cbf1bbd46f1972120e0828b5d965a0410323674043fce5aa14fcf7d05e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish-to-npm-on-new-tag.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133590, "scanner": "repobility-supply-chain", "fingerprint": "86695ddc694bcb9c1235011486df92307ab26b851aaca7d2baf4652ed6ee50ca", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|86695ddc694bcb9c1235011486df92307ab26b851aaca7d2baf4652ed6ee50ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/publish-to-npm-on-new-tag.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133589, "scanner": "repobility-supply-chain", "fingerprint": "7a7f5a4c9de0713096494aa18425dcf4ba3b439c3ff5c806af15490c9cebe250", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7a7f5a4c9de0713096494aa18425dcf4ba3b439c3ff5c806af15490c9cebe250"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sync-changes-to-gitlab.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6.0.3`: `uses: actions/checkout@v6.0.3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 133588, "scanner": "repobility-supply-chain", "fingerprint": "371cb873ce9c683a1402225686c0ace4a9788b6f19a2f7cd08b147b91ed4ff92", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|371cb873ce9c683a1402225686c0ace4a9788b6f19a2f7cd08b147b91ed4ff92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sync-en-readme-changes.yml"}, "region": {"startLine": 19}}}]}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 133584, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}]}]}