{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "DKR007", "name": "Docker build context has no .dockerignore", "shortDescription": {"text": "Docker build context has no .dockerignore"}, "fullDescription": {"text": "Without .dockerignore, build context can include source history, local env files, dependencies, and generated artifacts."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "DKR003", "name": "Dockerfile base image uses the latest tag", "shortDescription": {"text": "Dockerfile base image uses the latest tag"}, "fullDescription": {"text": "The latest tag is mutable and can change without a code review, producing different images from the same source."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.94, "cwe": "", "owasp": ""}}, {"id": "ERR003", "name": "[ERR003] Ignored Error (Go): Ignoring error return values.", "shortDescription": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "fullDescription": {"text": "Handle the error or use errcheck linter."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED049", "name": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.", "shortDescription": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED011", "name": "[MINED011] Scala Get On Option (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED011] Scala Get On Option (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED059", "name": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message.", "shortDescription": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 30 more): Same pattern found in 30 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 30 more): Same pattern found in 30 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED051", "name": "[MINED051] Csharp Null Forgive (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED051] Csharp Null Forgive (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED002", "name": "[MINED002] Dart Null Bang (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED002] Dart Null Bang (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED045", "name": "[MINED045] Ts Non Null Assertion (and 29 more): Same pattern found in 29 additional files. Review if needed.", "shortDescription": {"text": "[MINED045] Ts Non Null Assertion (and 29 more): Same pattern found in 29 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED071", "name": "[MINED071] Go Panic Call (and 8 more): Same pattern found in 8 additional files. Review if needed.", "shortDescription": {"text": "[MINED071] Go Panic Call (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED070", "name": "[MINED070] Zig Undefined Init (and 52 more): Same pattern found in 52 additional files. Review if needed.", "shortDescription": {"text": "[MINED070] Zig Undefined Init (and 52 more): Same pattern found in 52 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED048", "name": "[MINED048] Php Error Suppress (and 113 more): Same pattern found in 113 additional files. Review if needed.", "shortDescription": {"text": "[MINED048] Php Error Suppress (and 113 more): Same pattern found in 113 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_CI", "name": "No CI/CD configuration found", "shortDescription": {"text": "No CI/CD configuration found"}, "fullDescription": {"text": "Add a CI/CD pipeline: create .github/workflows/ci.yml for GitHub Actions with steps to lint, test, and build on every push and pull request."}, "properties": {"scanner": "repobility-core", "category": "practices", "severity": "info", "confidence": 0.35, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found in a documentation, catalog, or template-heavy repository", "shortDescription": {"text": "No test files found in a documentation, catalog, or template-heavy repository"}, "fullDescription": {"text": "If this repository ships runnable code, add focused tests for those examples or templates. If it is documentation/catalog content only, mark the finding as accepted or add a .repobilityignore note."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "info", "confidence": 0.35, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "Dockerfile FROM `archlinux:latest` not pinned by digest", "shortDescription": {"text": "Dockerfile FROM `archlinux:latest` not pinned by digest"}, "fullDescription": {"text": "`FROM archlinux:latest` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED005", "name": "[MINED005] Lua Loadstring: loadstring/load executes Lua code. Code injection.", "shortDescription": {"text": "[MINED005] Lua Loadstring: loadstring/load executes Lua code. Code injection."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1285"}, "properties": {"repository": "neurocyte/flow", "repoUrl": "https://github.com/neurocyte/flow", "branch": "master"}, "results": [{"ruleId": "DKR007", "level": "warning", "message": {"text": "Docker build context has no .dockerignore"}, "properties": {"repobilityId": 130403, "scanner": "repobility-docker", "fingerprint": "c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Dockerfile exists but repository root has no .dockerignore.", "evidence": {"rule_id": "DKR007", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR003", "level": "warning", "message": {"text": "Dockerfile base image uses the latest tag"}, "properties": {"repobilityId": 130402, "scanner": "repobility-docker", "fingerprint": "4f66ba87d82db05b24532747fe804d6897ee1bf56e16e3b1092cfdb007bb22b3", "category": "docker", "severity": "medium", "confidence": 0.94, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Image tag is latest.", "evidence": {"image": "archlinux:latest", "rule_id": "DKR003", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|4f66ba87d82db05b24532747fe804d6897ee1bf56e16e3b1092cfdb007bb22b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/builder/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "properties": {"repobilityId": 130376, "scanner": "repobility-threat-engine", "fingerprint": "aae1d749440f3aa484d70dd0af0c8e412b51d95bd6460b5ed3610da94efda5ac", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "_ = root.egc_at(", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|aae1d749440f3aa484d70dd0af0c8e412b51d95bd6460b5ed3610da94efda5ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/buffer/Cursor.zig"}, "region": {"startLine": 75}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "properties": {"repobilityId": 130375, "scanner": "repobility-threat-engine", "fingerprint": "2bee89a0c624631d2acc855b261f92d96049997ece734fc36a41a0f43d246f5c", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "_ = dir.statFile(", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|2bee89a0c624631d2acc855b261f92d96049997ece734fc36a41a0f43d246f5c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/bin_path.zig"}, "region": {"startLine": 41}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "properties": {"repobilityId": 130374, "scanner": "repobility-threat-engine", "fingerprint": "5fa3fa30c9a5bb1a9a5bd9c355eb33b89372d38c08d167a8b23cb14ca9fce30c", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "_ = arg.next(", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5fa3fa30c9a5bb1a9a5bd9c355eb33b89372d38c08d167a8b23cb14ca9fce30c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/VcsBlame.zig"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 130401, "scanner": "repobility-threat-engine", "fingerprint": "bb6338b2de4332bc22b8c8e7fbb114cf05884b11bcf06afc41947fc1739e7985", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bb6338b2de4332bc22b8c8e7fbb114cf05884b11bcf06afc41947fc1739e7985"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/tui/inspector_view.zig"}, "region": {"startLine": 118}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 130400, "scanner": "repobility-threat-engine", "fingerprint": "4d2d1957751d4ad7569e9d4ead35c468301d2c9d978ae7ccb63fd31c7aa22f89", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4d2d1957751d4ad7569e9d4ead35c468301d2c9d978ae7ccb63fd31c7aa22f89"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/ripgrep.zig"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED011", "level": "none", "message": {"text": "[MINED011] Scala Get On Option (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 130399, "scanner": "repobility-threat-engine", "fingerprint": "26e3bc9d31062004f1edd8b097546841b4f39e3ab771faaaabe7ad61c20ec00a", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "scala-get-on-option", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["scala"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347923+00:00", "triaged_in_corpus": 15, "observations_count": 140164, "ai_coder_pattern_id": 159}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|26e3bc9d31062004f1edd8b097546841b4f39e3ab771faaaabe7ad61c20ec00a", "aggregated_count": 5}}}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 130394, "scanner": "repobility-threat-engine", "fingerprint": "11734266cc7bf460fddc97285904d3100c992d1c605e469d79fce2f79cd9f501", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|11734266cc7bf460fddc97285904d3100c992d1c605e469d79fce2f79cd9f501"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/gui/GlyphIndexCache.zig"}, "region": {"startLine": 146}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 30 more): Same pattern found in 30 additional files. Review if needed."}, "properties": {"repobilityId": 130393, "scanner": "repobility-threat-engine", "fingerprint": "d8a35cec63fa28f8c915a2e4c4e0454cde54c01c3ecaaf7c31d7311b709f88d5", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 30 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 30 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|d8a35cec63fa28f8c915a2e4c4e0454cde54c01c3ecaaf7c31d7311b709f88d5"}}}, {"ruleId": "MINED051", "level": "none", "message": {"text": "[MINED051] Csharp Null Forgive (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 130389, "scanner": "repobility-threat-engine", "fingerprint": "f9fc2a223db2834daab3006a3efb2fac31ea1f1326067fd7b257c3903e6b9c60", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "csharp-null-forgive", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["csharp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348020+00:00", "triaged_in_corpus": 12, "observations_count": 518114, "ai_coder_pattern_id": 173}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|f9fc2a223db2834daab3006a3efb2fac31ea1f1326067fd7b257c3903e6b9c60", "aggregated_count": 1}}}, {"ruleId": "MINED051", "level": "none", "message": {"text": "[MINED051] Csharp Null Forgive: x! tells compiler \"definitely not null\" \u2014 bypasses nullable check. NRE risk if wrong."}, "properties": {"repobilityId": 130388, "scanner": "repobility-threat-engine", "fingerprint": "357b59eb277d0d3a8ea9d1c92963063ab07bd7213c9d238bfd80d80b3f51e8a8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "csharp-null-forgive", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["csharp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348020+00:00", "triaged_in_corpus": 12, "observations_count": 518114, "ai_coder_pattern_id": 173}, "scanner": "repobility-threat-engine", "correlation_key": "fp|357b59eb277d0d3a8ea9d1c92963063ab07bd7213c9d238bfd80d80b3f51e8a8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/soft_root.zig"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED051", "level": "none", "message": {"text": "[MINED051] Csharp Null Forgive: x! tells compiler \"definitely not null\" \u2014 bypasses nullable check. NRE risk if wrong."}, "properties": {"repobilityId": 130387, "scanner": "repobility-threat-engine", "fingerprint": "b0e83e70f80938134650eef38bcb633298e947fe691182a99ad4d5553315651a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "csharp-null-forgive", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["csharp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348020+00:00", "triaged_in_corpus": 12, "observations_count": 518114, "ai_coder_pattern_id": 173}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b0e83e70f80938134650eef38bcb633298e947fe691182a99ad4d5553315651a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/keybind/parse_flow.zig"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED051", "level": "none", "message": {"text": "[MINED051] Csharp Null Forgive: x! tells compiler \"definitely not null\" \u2014 bypasses nullable check. NRE risk if wrong."}, "properties": {"repobilityId": 130386, "scanner": "repobility-threat-engine", "fingerprint": "2b73593dbaa7d1c347cb8593a7f2f30ce24432da2ea160e3e26f116b52ff9b57", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "csharp-null-forgive", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["csharp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348020+00:00", "triaged_in_corpus": 12, "observations_count": 518114, "ai_coder_pattern_id": 173}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2b73593dbaa7d1c347cb8593a7f2f30ce24432da2ea160e3e26f116b52ff9b57"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/buffer/unicode.zig"}, "region": {"startLine": 138}}}]}, {"ruleId": "MINED002", "level": "none", "message": {"text": "[MINED002] Dart Null Bang (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 130385, "scanner": "repobility-threat-engine", "fingerprint": "774a6e12fbd896f7609d087669e1afb8bb978bdc7fe630aa1d12772ea8f9d552", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "dart-null-bang", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347899+00:00", "triaged_in_corpus": 15, "observations_count": 1434931, "ai_coder_pattern_id": 167}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|774a6e12fbd896f7609d087669e1afb8bb978bdc7fe630aa1d12772ea8f9d552", "aggregated_count": 1}}}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion (and 29 more): Same pattern found in 29 additional files. Review if needed."}, "properties": {"repobilityId": 130381, "scanner": "repobility-threat-engine", "fingerprint": "0fed97dd8660e8c5e0eff6eb1a741e4fd953e819b03d0f56c14a88604f5ec0f9", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 29 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|0fed97dd8660e8c5e0eff6eb1a741e4fd953e819b03d0f56c14a88604f5ec0f9", "aggregated_count": 29}}}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 130380, "scanner": "repobility-threat-engine", "fingerprint": "bf40ce232306fc78b6b62fded30d7652177b83836329fb25032e5856349b8475", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bf40ce232306fc78b6b62fded30d7652177b83836329fb25032e5856349b8475"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/buffer/unicode.zig"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 130379, "scanner": "repobility-threat-engine", "fingerprint": "51c1daa6ba7256ec1b70d7336787422cb3d2d2522d5bc1622556e9f355d2bace", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|51c1daa6ba7256ec1b70d7336787422cb3d2d2522d5bc1622556e9f355d2bace"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/buffer/reflow.zig"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 130378, "scanner": "repobility-threat-engine", "fingerprint": "19e26e73526649fe06391ae79efcd064359c2173951a54664226e8868da97893", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|19e26e73526649fe06391ae79efcd064359c2173951a54664226e8868da97893"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/buffer/Manager.zig"}, "region": {"startLine": 121}}}]}, {"ruleId": "ERR003", "level": "none", "message": {"text": "[ERR003] Ignored Error (Go) (and 17 more): Same pattern found in 17 additional files. Review if needed."}, "properties": {"repobilityId": 130377, "scanner": "repobility-threat-engine", "fingerprint": "9040d9cac70c784e21f3424795b6a64becb39e142099331d000004fda57c8126", "category": "error_handling", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 17 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 17 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|9040d9cac70c784e21f3424795b6a64becb39e142099331d000004fda57c8126"}}}, {"ruleId": "MINED071", "level": "none", "message": {"text": "[MINED071] Go Panic Call (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 130373, "scanner": "repobility-threat-engine", "fingerprint": "b31c00d8dc95a84ada9ba2009cf9ddc0d9d673ed54b7947033cf3d8ed91e4d3c", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "go-panic-call", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348067+00:00", "triaged_in_corpus": 12, "observations_count": 29174, "ai_coder_pattern_id": 108}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|b31c00d8dc95a84ada9ba2009cf9ddc0d9d673ed54b7947033cf3d8ed91e4d3c", "aggregated_count": 8}}}, {"ruleId": "MINED071", "level": "none", "message": {"text": "[MINED071] Go Panic Call: panic() crashes the process. Should return error in most cases."}, "properties": {"repobilityId": 130372, "scanner": "repobility-threat-engine", "fingerprint": "cb800884eaf2235ed85e4aea630c815f95f33be3a502b4518c105d03af20956d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-panic-call", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348067+00:00", "triaged_in_corpus": 12, "observations_count": 29174, "ai_coder_pattern_id": 108}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cb800884eaf2235ed85e4aea630c815f95f33be3a502b4518c105d03af20956d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/dizzy.zig"}, "region": {"startLine": 246}}}]}, {"ruleId": "MINED071", "level": "none", "message": {"text": "[MINED071] Go Panic Call: panic() crashes the process. Should return error in most cases."}, "properties": {"repobilityId": 130371, "scanner": "repobility-threat-engine", "fingerprint": "0a0f19ed31c40bfe609a3cadf745a11e858fd4d6103a21cc39674328844f75b5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-panic-call", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348067+00:00", "triaged_in_corpus": 12, "observations_count": 29174, "ai_coder_pattern_id": 108}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0a0f19ed31c40bfe609a3cadf745a11e858fd4d6103a21cc39674328844f75b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/bin_path.zig"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED071", "level": "none", "message": {"text": "[MINED071] Go Panic Call: panic() crashes the process. Should return error in most cases."}, "properties": {"repobilityId": 130370, "scanner": "repobility-threat-engine", "fingerprint": "b19cdb5ffed49201d76886aff7ad9cad8dbad1fa8fb5e42c1bdfde61a8db790b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-panic-call", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348067+00:00", "triaged_in_corpus": 12, "observations_count": 29174, "ai_coder_pattern_id": 108}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b19cdb5ffed49201d76886aff7ad9cad8dbad1fa8fb5e42c1bdfde61a8db790b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/EventHandler.zig"}, "region": {"startLine": 112}}}]}, {"ruleId": "MINED070", "level": "none", "message": {"text": "[MINED070] Zig Undefined Init (and 52 more): Same pattern found in 52 additional files. Review if needed."}, "properties": {"repobilityId": 130369, "scanner": "repobility-threat-engine", "fingerprint": "8261db014ed98b4c0a16b2dd6940f9386d528f0c9df5084f0b2159fc3ac8c378", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 52 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "zig-undefined-init", "owasp": null, "cwe_ids": [], "languages": ["zig"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348065+00:00", "triaged_in_corpus": 12, "observations_count": 36548, "ai_coder_pattern_id": 171}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|8261db014ed98b4c0a16b2dd6940f9386d528f0c9df5084f0b2159fc3ac8c378", "aggregated_count": 52}}}, {"ruleId": "MINED070", "level": "none", "message": {"text": "[MINED070] Zig Undefined Init: var x: T = undefined leaves memory uninitialized. Often a foot-gun."}, "properties": {"repobilityId": 130368, "scanner": "repobility-threat-engine", "fingerprint": "3ac053f41cc6b9070efa89edd9a01c8d8bcc3dffb3afdc12fd7ec812c5c3219a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "zig-undefined-init", "owasp": null, "cwe_ids": [], "languages": ["zig"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348065+00:00", "triaged_in_corpus": 12, "observations_count": 36548, "ai_coder_pattern_id": 171}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3ac053f41cc6b9070efa89edd9a01c8d8bcc3dffb3afdc12fd7ec812c5c3219a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/file_type_config.zig"}, "region": {"startLine": 231}}}]}, {"ruleId": "MINED070", "level": "none", "message": {"text": "[MINED070] Zig Undefined Init: var x: T = undefined leaves memory uninitialized. Often a foot-gun."}, "properties": {"repobilityId": 130367, "scanner": "repobility-threat-engine", "fingerprint": "344d5179d5d6d989c8cc81ceefbae93b810f1c4a244eb23c7140d863536bfab7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "zig-undefined-init", "owasp": null, "cwe_ids": [], "languages": ["zig"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348065+00:00", "triaged_in_corpus": 12, "observations_count": 36548, "ai_coder_pattern_id": 171}, "scanner": "repobility-threat-engine", "correlation_key": "fp|344d5179d5d6d989c8cc81ceefbae93b810f1c4a244eb23c7140d863536bfab7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/buffer/unicode.zig"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED070", "level": "none", "message": {"text": "[MINED070] Zig Undefined Init: var x: T = undefined leaves memory uninitialized. Often a foot-gun."}, "properties": {"repobilityId": 130366, "scanner": "repobility-threat-engine", "fingerprint": "9ea02805e61433c19b5f369733e30c1269500adaf78b932459e54ef0d9e58b1a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "zig-undefined-init", "owasp": null, "cwe_ids": [], "languages": ["zig"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348065+00:00", "triaged_in_corpus": 12, "observations_count": 36548, "ai_coder_pattern_id": 171}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9ea02805e61433c19b5f369733e30c1269500adaf78b932459e54ef0d9e58b1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/EventHandler.zig"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress (and 113 more): Same pattern found in 113 additional files. Review if needed."}, "properties": {"repobilityId": 130365, "scanner": "repobility-threat-engine", "fingerprint": "27f23f34618ba8d4f24516d2b146ebfb0f98928c2a6a7755ea2666e525e3bb3b", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 113 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|27f23f34618ba8d4f24516d2b146ebfb0f98928c2a6a7755ea2666e525e3bb3b", "aggregated_count": 113}}}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 130364, "scanner": "repobility-threat-engine", "fingerprint": "fd37be2ee9cc61334cabdb8d63fe5c949f348942303399d0bb79ba4792d86c9f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fd37be2ee9cc61334cabdb8d63fe5c949f348942303399d0bb79ba4792d86c9f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/VcsBlame.zig"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 130363, "scanner": "repobility-threat-engine", "fingerprint": "dd23604b5bf8bdd34e031d08f7d5e8627b8d3bd892d200d3f4ef372a7776fbbf", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|dd23604b5bf8bdd34e031d08f7d5e8627b8d3bd892d200d3f4ef372a7776fbbf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/TypedInt.zig"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 130362, "scanner": "repobility-threat-engine", "fingerprint": "7538fcd52ce4f06cdcf9e1feb0f9b3fc32beddf80a9a7ff0fe9ccbedf0e074ca", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7538fcd52ce4f06cdcf9e1feb0f9b3fc32beddf80a9a7ff0fe9ccbedf0e074ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/EventHandler.zig"}, "region": {"startLine": 1}}}]}, {"ruleId": "CORE_NO_CI", "level": "none", "message": {"text": "No CI/CD configuration found"}, "properties": {"repobilityId": 130360, "scanner": "repobility-core", "fingerprint": "ca5da3551af97272c4f099fc472740148135a15816b81b90bd862e8f91ec66ce", "category": "practices", "severity": "info", "confidence": 0.35, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Repository shape is documentation, catalog, skill, or template-heavy.", "evidence": {"reason": "Repository shape is documentation, catalog, skill, or template-heavy.", "rule_id": "CORE_NO_CI", "scanner": "repobility-core", "confidence": 0.35, "correlation_key": "repo|practices|core_no_ci"}}}, {"ruleId": "CORE_NO_TESTS", "level": "none", "message": {"text": "No test files found in a documentation, catalog, or template-heavy repository"}, "properties": {"repobilityId": 130359, "scanner": "repobility-core", "fingerprint": "69cfb3536a8ccff500ccafcd681fc8d4bc9f4eda6689da02ddec81654bd9fd15", "category": "testing", "severity": "info", "confidence": 0.35, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Repository shape is documentation, catalog, skill, or template-heavy rather than a conventional runnable application.", "evidence": {"reason": "Repository shape is documentation, catalog, skill, or template-heavy rather than a conventional runnable application.", "rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "confidence": 0.35, "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "MINED011", "level": "error", "message": {"text": "[MINED011] Scala Get On Option: Option.get throws NoSuchElementException on None. Use getOrElse / fold / match."}, "properties": {"repobilityId": 130398, "scanner": "repobility-threat-engine", "fingerprint": "8f8dc5d9f5c62e20dafe491b80ca21d8077fb032da8d1a48e67487434d5d9055", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "scala-get-on-option", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["scala"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347923+00:00", "triaged_in_corpus": 15, "observations_count": 140164, "ai_coder_pattern_id": 159}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8f8dc5d9f5c62e20dafe491b80ca21d8077fb032da8d1a48e67487434d5d9055"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/tui/ModalBackground.zig"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED011", "level": "error", "message": {"text": "[MINED011] Scala Get On Option: Option.get throws NoSuchElementException on None. Use getOrElse / fold / match."}, "properties": {"repobilityId": 130397, "scanner": "repobility-threat-engine", "fingerprint": "a91b6b018067fa70484f72b81232a27cc7fb38e90da69cc89b815770f6fa9d13", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "scala-get-on-option", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["scala"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347923+00:00", "triaged_in_corpus": 15, "observations_count": 140164, "ai_coder_pattern_id": 159}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a91b6b018067fa70484f72b81232a27cc7fb38e90da69cc89b815770f6fa9d13"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/tui/MessageFilter.zig"}, "region": {"startLine": 135}}}]}, {"ruleId": "MINED011", "level": "error", "message": {"text": "[MINED011] Scala Get On Option: Option.get throws NoSuchElementException on None. Use getOrElse / fold / match."}, "properties": {"repobilityId": 130396, "scanner": "repobility-threat-engine", "fingerprint": "58a90eacc75cb9350c318b39e5cec8f361172a902417f444932594db868e746e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "scala-get-on-option", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["scala"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347923+00:00", "triaged_in_corpus": 15, "observations_count": 140164, "ai_coder_pattern_id": 159}, "scanner": "repobility-threat-engine", "correlation_key": "fp|58a90eacc75cb9350c318b39e5cec8f361172a902417f444932594db868e746e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/log.zig"}, "region": {"startLine": 217}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 130392, "scanner": "repobility-threat-engine", "fingerprint": "a26bf109ef27000ed77d20c442b4a012b3c85e9b03702a034b4918271fe6a7b2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "allocator.destroy(self);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a26bf109ef27000ed77d20c442b4a012b3c85e9b03702a034b4918271fe6a7b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/dizzy.zig"}, "region": {"startLine": 74}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 130391, "scanner": "repobility-threat-engine", "fingerprint": "e10b9e59fdc4d37a870408989d4ec93b76eb17e4ec0db872a92dcf9f6e9d86b7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "allocator.destroy(self);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e10b9e59fdc4d37a870408989d4ec93b76eb17e4ec0db872a92dcf9f6e9d86b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/diffz.zig"}, "region": {"startLine": 70}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 130390, "scanner": "repobility-threat-engine", "fingerprint": "c9c3fcb0c97d0a67eef6cb78042bcb1ae490d0c6962ee79eb4ec850321a8e9af", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.a.destroy(self);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c9c3fcb0c97d0a67eef6cb78042bcb1ae490d0c6962ee79eb4ec850321a8e9af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/completion.zig"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED002", "level": "error", "message": {"text": "[MINED002] Dart Null Bang: value! throws on null. Use ?. or null check."}, "properties": {"repobilityId": 130384, "scanner": "repobility-threat-engine", "fingerprint": "2beb558183eb3fe0ffa2b1ea62204a2e8034c183312e901b209c6c8d7b7e00e2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-null-bang", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347899+00:00", "triaged_in_corpus": 15, "observations_count": 1434931, "ai_coder_pattern_id": 167}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2beb558183eb3fe0ffa2b1ea62204a2e8034c183312e901b209c6c8d7b7e00e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/soft_root.zig"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED002", "level": "error", "message": {"text": "[MINED002] Dart Null Bang: value! throws on null. Use ?. or null check."}, "properties": {"repobilityId": 130383, "scanner": "repobility-threat-engine", "fingerprint": "6207c661883d67bb1ac44a9a6fd4ed02ba3b34afa3c709b9422a57bf506861cb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-null-bang", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347899+00:00", "triaged_in_corpus": 15, "observations_count": 1434931, "ai_coder_pattern_id": 167}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6207c661883d67bb1ac44a9a6fd4ed02ba3b34afa3c709b9422a57bf506861cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/keybind/parse_flow.zig"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED002", "level": "error", "message": {"text": "[MINED002] Dart Null Bang: value! throws on null. Use ?. or null check."}, "properties": {"repobilityId": 130382, "scanner": "repobility-threat-engine", "fingerprint": "225c4746427c420cdf0da01b4b8ea0d41e089878884ab0d9e079bc740b9aaa86", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-null-bang", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347899+00:00", "triaged_in_corpus": 15, "observations_count": 1434931, "ai_coder_pattern_id": 167}, "scanner": "repobility-threat-engine", "correlation_key": "fp|225c4746427c420cdf0da01b4b8ea0d41e089878884ab0d9e079bc740b9aaa86"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/buffer/unicode.zig"}, "region": {"startLine": 138}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `archlinux:latest` not pinned by digest"}, "properties": {"repobilityId": 130361, "scanner": "repobility-supply-chain", "fingerprint": "429ff2381f238c77ab5f78432a415f10726133f7216cd90a4913d12dd70f63a6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|429ff2381f238c77ab5f78432a415f10726133f7216cd90a4913d12dd70f63a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "contrib/builder/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED005", "level": "error", "message": {"text": "[MINED005] Lua Loadstring: loadstring/load executes Lua code. Code injection."}, "properties": {"repobilityId": 130395, "scanner": "repobility-threat-engine", "fingerprint": "8428a6e50a020a211f277fd8b0d2cdba3e00e14549a88d57022cb3f0ef30e511", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "lua-loadstring", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["lua"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347908+00:00", "triaged_in_corpus": 20, "observations_count": 291730, "ai_coder_pattern_id": 169}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8428a6e50a020a211f277fd8b0d2cdba3e00e14549a88d57022cb3f0ef30e511"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/gui/rasterizer/truetype.zig"}, "region": {"startLine": 97}}}]}]}]}