Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
145 of your 157 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 21.94s · analysis 31.47s · 153.4 MB · GitHub API rate-limit (preflight)

facebook/fbthrift

https://github.com/facebook/fbthrift · scanned 2026-06-06 00:13 UTC (4 days, 2 hours ago) · 10 languages

507 raw signals (155 security + 352 graph) 11/13 scanners ran 36th percentile · Java · huge (>500K LoC) System graph score 71 (higher by 6)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 4 days, 2 hours ago · v2 · 166 actionable findings from 2 signal sources. 140 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
71.5
/100
Security checks
72
52 findings
System graph
71
77.8% cov · 114 findings
Critical
1
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 40.0 0.15 6.00
security_score 100.0 0.25 25.00
testing_score 82.0 0.20 16.40
documentation_score 95.0 0.15 14.25
practices_score 65.0 0.15 9.75
code_quality 51.0 0.10 5.10
Overall 1.00 76.5
security_score may be inflated — optional security scanners were skipped on this fast scan
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 1 High 5 Medium 9 Low 94 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 52 System graph 114 Crowd 0 Layer: Quality 121 Cicd 3 Software 37 Api 1 Frontend 1 Security 3
Scan summary Quality grade B+ (76/100). Dimensions: security 100, maintainability 40. 155 findings (25 security). 3,919,404 lines analyzed.

Showing 107 of 166 actionable findings. 306 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

high Security checks quality Quality conf 1.00 ✓ Repobility 6 occurrences [MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes.
Add `import string` at the top of the file.
6 files, 6 locations
thrift/lib/py/protocol/TJSONProtocol.py:173
thrift/lib/py/protocol/TSimpleJSONProtocol.py:637
thrift/lib/py/server/TAsyncioServer.py:150
thrift/lib/py/util/Decorators.py:48
thrift/lib/py/util/__init__.py:44
thrift/lib/python/metadata.py:503
high Security checks quality Quality conf 1.00 ✓ Repobility [MINED110] Blocking call `input` inside async function `async_main`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress.
Use the async equivalent: `aiohttp` instead of `requests`, `asyncio.sleep` instead of `time.sleep`, `aiofiles` instead of `open`.
thrift/example/python/client/echo_client.py:37
high Security checks quality Quality conf 1.00 ✓ Repobility [MINED110] Blocking call `time.sleep` inside async function `badSleep`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress.
Use the async equivalent: `aiohttp` instead of `requests`, `asyncio.sleep` instead of `time.sleep`, `aiofiles` instead of `open`.
thrift/perf/py3/load_handler.py:74
low Security checks cicd CI/CD security conf 0.90 ✓ Repobility 63 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lo…
4 files, 63 locations
.github/workflows/getdeps_python_linux_container.yml:21, 128, 136, 144, 152, 160, 168, 176, +13 more (39 hits)
.github/workflows/getdeps_python_linux.yml:127, 135, 143, 151, 159, 167, 175, 183, +12 more (20 hits)
.github/workflows/getdeps_linux.yml:30, 157 (2 hits)
.github/workflows/getdeps_windows.yml:42, 143 (2 hits)
CI/CD securitySupply chainGitHub Actions
medium Security checks cicd CI/CD security conf 0.90 ✓ Repobility 5 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `mozilla-actions/sccache-action` pinned to mutable ref `@v0.0.9`: `uses: mozilla-actions/[email protected]` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K rep…
3 files, 5 locations
.github/workflows/getdeps_linux.yml:34 (2 hits)
.github/workflows/getdeps_windows.yml:46 (2 hits)
.github/workflows/getdeps_mac.yml:37
CI/CD securitySupply chainGitHub Actions
high System graph quality Integrity conf 1.00 Blocking `time.sleep(...)` inside `async def badSleep` — thrift/perf/py3/load_handler.py:74
Sync I/O inside an async function blocks the event loop. While `time.sleep(...)` is running, *all* other coroutines on this loop are paused — silent throughput collapse under concurrency. Use the async equivalent (`httpx.AsyncClient`, `asyncio.sleep`, `aiofiles`) or wrap with `await asyncio.to_thre…
thrift/perf/py3/load_handler.py:74 Sync io in asyncPerformance
high System graph security security conf 1.00 Insecure pattern 'eval_used' in thrift/lib/py/util/remote.py:208
Found a known-risky pattern (eval_used). Review and replace if possible.
thrift/lib/py/util/remote.py:208 Eval used
medium Security checks quality Quality conf 1.00 [SEC089] Go: bind to all interfaces (0.0.0.0): Server binds to all network interfaces — exposes service beyond intended scope. Ported from gosec G102 (Apache-2.0).
Bind to `127.0.0.1:PORT` and front with a reverse proxy.
thrift/conformance/go/conformance_server.go:64
medium System graph cicd CI/CD security conf 1.00 GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
.github/workflows/devcontainer.yml CI/CD securitySupply chainGithub actions
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — thrift/compiler/codemod/remove_duplicate_namespaces_test.py:150
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — thrift/compiler/test/ast_generator_test.py:76
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — thrift/test/py/JSONGenerateTest.py:64
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — thrift/test/py/thrift_py_deprecated_warning_e2e_test.py:120
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — thrift/test/py/thrift_py_deprecated_warning_reentrancy_e2e_test.py:41
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph security Coverage conf 1.00 No auth library detected
The scanner did not find any standard auth library (JWT, OAuth, NextAuth, Auth0, etc.). Either auth lives in custom code, in a separate service, or is missing.
auth
low Security checks quality Error handling conf 1.00 [ERR003] Ignored Error (Go): Ignoring error return values.
Handle the error or use errcheck linter.
thrift/perf/go/server/server.go:168
low Security checks quality Quality conf 0.60 6 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
6 files, 6 locations
thrift/conformance/rpcclient/GTestHarnessRPCClient.cpp:597
thrift/conformance/rust/rpc_server.rs:50
thrift/lib/cpp/util/THttpParser.cpp:29
thrift/lib/cpp2/async/HeaderClientChannel.h:82
thrift/lib/cpp2/async/HibernatingRequestChannel.h:38
thrift/lib/cpp2/async/processor/HandlerCallback.h:82
duplicationquality
low Security checks quality Quality conf 0.70 Generated build artifact directory is present at repository root
Remove generated output from version control, add it to .gitignore and .dockerignore where relevant, and regenerate it in CI or release jobs.
build:1
low System graph quality Maintenance conf 1.00 283 TODO/FIXME markers
High count of TODO/FIXME/HACK markers — track them as issues so they're not forgotten.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/py/client/common.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/py/reflection/limited/constants.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/py/util/async_common.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/py3/benchmark/enums.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/py3/common.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/py3/ssl.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/python/any/typestub.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/lib/setup.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/test/lazy_deserialization/benchmark.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: thrift/test/py/TestSyntax.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph quality Integrity conf 1.00 Near-duplicate function bodies in 11 places
Functions with the same first-5-line body hash: thrift/compiler/codemod/annotate_allow_unsafe_non_sealed_key_type_test.py:test_field_with_non_sealed_map_key, thrift/compiler/codemod/annotate_allow_unsafe_non_sealed_key_type_test.py:test_field_with_non_sealed_set_element, thrift/compiler/codemod/ann…
duplicatesduplication
low System graph quality Integrity conf 1.00 Near-duplicate function bodies in 18 places
Functions with the same first-5-line body hash: thrift/compiler/test/ast_generator_test.py:setUp, thrift/compiler/test/json_compiler_test.py:setUp, thrift/compiler/codemod/remove_duplicate_namespaces_test.py:setUp, thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py:setUp This …
duplicatesduplication
low System graph quality Integrity conf 1.00 16 occurrences Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: thrift/compiler/test/json_compiler_test.py:test_one_struct_one_field_dep_struct, thrift/compiler/test/json_compiler_test.py:test_one_struct_one_field_dep_coll_struct This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see h…
16 occurrences
repo-level (16 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash: thrift/compiler/test/ast_generator_test.py:test_struct, thrift/compiler/test/ast_generator_test.py:test_const_types, thrift/compiler/test/ast_generator_test.py:test_hash_mode This is *the* AI-coder failure mode (4× more duplication in vibe-coded repo…
duplicatesduplication
low System graph quality Integrity conf 1.00 Near-duplicate function bodies in 5 places
Functions with the same first-5-line body hash: thrift/compiler/codemod/remove_php_namespace_if_hack_present_test.py:test_both_present_removes_php, thrift/compiler/codemod/migrate_php_namespace_to_hack_name_prefix_test.py:test_adds_empty_package_for_non_mangled_services, thrift/compiler/codemod/mig…
duplicatesduplication
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `_to_py_deprecated` in thrift/lib/py/util/tests/test_converter.py:41
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `_to_py_deprecated` in thrift/lib/python/test/converter.py:681
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `_to_py_deprecated` in thrift/test/py/HiddenTest.py:77
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `_to_py_deprecated` in thrift/test/thrift-python/enum_test.py:248
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `_warn_if_legacy` in thrift/lib/py/transport/TSSLSocket.py:73
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `BTreePyDeprecated` in thrift/lib/py/util/tests/test_fuzzer.py:21
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_copy` in thrift/lib/py3/test/auto_migrate/structs.py:73
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_copy` in thrift/lib/python/test/exceptions.py:310
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_copy` in thrift/lib/python/test/mutable_unions.py:79
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_copy` in thrift/lib/python/test/structs.py:392
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_framed_deprecated` in thrift/lib/py3/test/auto_migrate/client_server.py:225
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_terminate_unused` in thrift/lib/py3/test/interactions/interaction_test.py:106
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_terminate_unused` in thrift/lib/python/test/interactions/interaction_test.py:143
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_to_py_deprecated` in thrift/test/thrift-python/abstract_types_test.py:444
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `unqualified_old` in thrift/test/thrift-python/schema_evolution_test.py:85
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `warn_thrift_py_deprecated` in thrift/lib/py/Thrift.py:547
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `warn_thrift_py_deprecated` in thrift/test/py/thrift_py_deprecated_warning_test.py:50
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph software Dead code conf 1.00 Possibly dead Python function: build_extensions
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/setup.py:33
low System graph software Dead code conf 1.00 Possibly dead Python function: call_as_future
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/asyncio.py:111
low System graph software Dead code conf 1.00 Possibly dead Python function: connection_made
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/async_common.py:294
low System graph software Dead code conf 1.00 Possibly dead Python function: cstringio_refill
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/transport/TTransport.py:328
low System graph software Dead code conf 1.00 Possibly dead Python function: data_received
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/async_common.py:213
low System graph software Dead code conf 1.00 Possibly dead Python function: eof_received
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/async_common.py:237
low System graph software Dead code conf 1.00 Possibly dead Python function: expand_thrift_spec
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/Thrift.py:631
low System graph software Dead code conf 1.00 Possibly dead Python function: fix_spec
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Recursive.py:20
low System graph software Dead code conf 1.00 Possibly dead Python function: future_process_main
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Decorators.py:184
low System graph software Dead code conf 1.00 Possibly dead Python function: future_process_method
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Decorators.py:258
low System graph software Dead code conf 1.00 Possibly dead Python function: fuzz_service
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/fuzzer.py:1022
low System graph software Dead code conf 1.00 Possibly dead Python function: gen_cpp
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/TSCons.py:29
low System graph software Dead code conf 1.00 Possibly dead Python function: getEventHandler
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/Thrift.py:139
low System graph software Dead code conf 1.00 Possibly dead Python function: getTestResult
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/conformance/python/rpc_server.py:43
low System graph software Dead code conf 1.00 Possibly dead Python function: positive_int
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/fuzzer.py:54
low System graph software Dead code conf 1.00 Possibly dead Python function: prob_float
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/fuzzer.py:65
low System graph software Dead code conf 1.00 Possibly dead Python function: process_main
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Decorators.py:68
low System graph software Dead code conf 1.00 Possibly dead Python function: process_method
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Decorators.py:132
low System graph software Dead code conf 1.00 Possibly dead Python function: random_int_k_bits
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/randomizer.py:287
low System graph software Dead code conf 1.00 Possibly dead Python function: run_on_thread
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Decorators.py:346
low System graph software Dead code conf 1.00 Possibly dead Python function: sendTestCase
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/conformance/python/conformance_server.py:44
low System graph software Dead code conf 1.00 Possibly dead Python function: sendTestCase
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/conformance/python/rpc_server.py:40
low System graph software Dead code conf 1.00 Possibly dead Python function: setCustomHeader
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/transport/THttpClient.py:98
low System graph software Dead code conf 1.00 Possibly dead Python function: setCustomHeaders
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/transport/THttpClient.py:95
low System graph software Dead code conf 1.00 Possibly dead Python function: should_run_on_thread
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Decorators.py:351
low System graph software Dead code conf 1.00 Possibly dead Python function: ssl_parsed_bool
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/remote.py:463
low System graph software Dead code conf 1.00 Possibly dead Python function: write_results_after_future
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
thrift/lib/py/util/Decorators.py:306
low System graph quality Integrity conf 1.00 Stub function `_init_subelements` (body is just `pass`/`return`) — thrift/lib/py/util/type_inspect.py:121
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `_preprocess_constraints` (body is just `pass`/`return`) — thrift/lib/py/util/randomizer.py:117
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `_warn_if_insecure_version_specified` (body is just `pass`/`return`) — thrift/lib/py/transport/TSSLSocket.py:83
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `cli` (body is just `pass`/`return`) — thrift/lib/python/benchmark/benchmark_struct.py:542
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `cli` (body is just `pass`/`return`) — thrift/lib/python/benchmark/struct_memory.py:142
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `doIO` (body is just `pass`/`return`) — thrift/lib/py/protocol/TJSONProtocol.py:69
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `flush` (body is just `pass`/`return`) — thrift/lib/py/transport/TSocket.py:354
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `isOpen` (body is just `pass`/`return`) — thrift/lib/py/transport/TTransport.py:45
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `noop` (body is just `pass`/`return`) — thrift/perf/py/asyncio_load_handler.py:51
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `noop` (body is just `pass`/`return`) — thrift/perf/py/py3_load_handler.py:32
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `noop` (body is just `pass`/`return`) — thrift/perf/py3/load_handler.py:46
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `process` (body is just `pass`/`return`) — thrift/lib/py/Thrift.py:142
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `sendTestCase` (body is just `pass`/`return`) — thrift/conformance/python/conformance_server.py:44
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `serve` (body is just `pass`/`return`) — thrift/lib/py/server/TServer.py:213
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `shutdown` (body is just `pass`/`return`) — thrift/lib/py3/test/auto_migrate/client_server.py:81
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `shutdown` (body is just `pass`/`return`) — thrift/lib/py3/test/auto_migrate/server.py:57
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `shutdown` (body is just `pass`/`return`) — thrift/lib/python/test/client_server.py:72
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `shutdown` (body is just `pass`/`return`) — thrift/lib/python/test/metadata_response/metadata_response_test.py:62
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `shutdown` (body is just `pass`/`return`) — thrift/lib/python/test/server.py:81
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `test_header_priorities` (body is just `pass`/`return`) — thrift/lib/py/util/TCppServerTestManagerTest.py:227
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `throwUserException` (body is just `pass`/`return`) — thrift/lib/py/server/test/ServiceMetadataTest.py:26
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `write` (body is just `pass`/`return`) — thrift/lib/py/protocol/TSimpleJSONProtocol.py:147
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `writeMessageBegin` (body is just `pass`/`return`) — thrift/lib/py/protocol/TProtocol.py:44
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Integrity conf 1.00 Stub function `writeMessageEnd` (body is just `pass`/`return`) — thrift/lib/py/protocol/TBinaryProtocol.py:59
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph quality Complexity conf 1.00 Very large file: thrift/lib/java/runtime/src/test/java/com/facebook/thrift/transport/unified/UnifiedServerTransportTest.java (1445 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: thrift/lib/java/runtime/src/test/java/com/facebook/thrift/util/MonoTimeoutTransformerTest.java (1946 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: thrift/test/thrift-python/abstract_types_test.py (1421 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: thrift/test/thrift-python/struct_test.py (2517 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: thrift/test/thrift-python/union_test.py (1241 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/71d9ca5e-e7aa-41be-958a-2ca17c9b2ccd/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/71d9ca5e-e7aa-41be-958a-2ca17c9b2ccd/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.