Scan timing: clone 2.3s · analysis 1.93s · 8.8 MB · GitHub API rate-limit (preflight)
https://github.com/carbon-design-system/carbon-components-svelte
· scanned 2026-05-31 01:26 UTC (5 days, 6 hours ago)
· 10 languages
464 findings (43 legacy + 421 scanner) 94th percentile · Typescript · large (100-500K LoC) Scanner says 94 (lower by 8)
Last scanned 5 days, 6 hours ago · v2 · 258 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.
| Component | Sub-score | Weight | Contribution |
|---|---|---|---|
structure_score |
85.0 | 0.15 | 12.75 |
security_score |
97.0 | 0.25 | 24.25 |
testing_score |
90.0 | 0.20 | 18.00 |
documentation_score |
88.8 | 0.15 | 13.32 |
practices_score |
83.0 | 0.15 | 12.45 |
code_quality |
60.7 | 0.10 | 6.07 |
| Overall | 1.00 | 86.8 |
Showing 244 of 258 findings. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.
scripts/release-changelog.ts:95
xsslegacy
.github/workflows/checks.yml:115
dependencylegacy
index.html
qualitylegacy
.well-known/security.txt
qualitylegacy
.github/workflows/release.yml
supply-chaingithub-actionsleast-privilege
src/icons/CircleDash.svelte:1
qualitylegacy
src/icons/ChevronRight.svelte:1
qualitylegacy
src/icons/ChevronDown.svelte:1
qualitylegacy
src/icons/CheckmarkOutline.svelte:1
qualitylegacy
src/icons/CheckmarkFilled.svelte:1
qualitylegacy
src/icons/Checkmark.svelte:1
qualitylegacy
src/icons/CaretRight.svelte:1
qualitylegacy
src/icons/CaretLeft.svelte:1
qualitylegacy
src/icons/CaretDown.svelte:1
qualitylegacy
src/icons/Calendar.svelte:1
qualitylegacy
src/icons/ArrowsVertical.svelte:1
qualitylegacy
src/icons/ArrowUp.svelte:1
qualitylegacy
src/TreeView/TreeViewNodeList.svelte:91
qualitylegacy
src/TimePicker/TimePicker.svelte:26
qualitylegacy
src/TextInput/TextInputSkeleton.svelte:1
qualitylegacy
src/Slider/Slider.svelte:3
qualitylegacy
src/Slider/RangeSliderSkeleton.svelte:1
qualitylegacy
src/SessionStorage/SessionStorage.svelte:34
qualitylegacy
src/RadioButtonGroup/RadioButtonGroup.svelte:69
qualitylegacy
src/MultiSelect/MultiSelect.svelte:376
qualitylegacy
src/MultiSelect/MultiSelect.svelte:315
qualitylegacy
src/Modal/Modal.svelte:248
qualitylegacy
src/ContextMenu/ContextMenuOption.svelte:231
qualitylegacy
src/TextArea/TextAreaSkeleton.svelte:1
qualitylegacy
src/Tag/Tag.svelte:36
qualitylegacy
src/Slider/SliderSkeleton.svelte:1
qualitylegacy
src/Select/SelectSkeleton.svelte:1
qualitylegacy
src/Modal/Modal.svelte:94
qualitylegacy
src/Grid/Row.svelte:16
qualitylegacy
src/Dropdown/Dropdown.svelte:93
qualitylegacy
humans.txt
qualitylegacy
package.json
supply-chainnpminstall-scripts
docs/scripts/format-component-api.ts:91
qualitylegacy
This page is publicly accessible at:
https://repobility.com/scan/64634730-a028-4945-825a-0ae00da4f842/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/64634730-a028-4945-825a-0ae00da4f842/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.