{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED109", "name": "[MINED109] Mutable default argument in `run_concurrently` (dict): `def run_concurrently(... = []/{}/set())` \u2014 Python's d", "shortDescription": {"text": "[MINED109] Mutable default argument in `run_concurrently` (dict): `def run_concurrently(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutate"}, "fullDescription": {"text": "Use None as the default and create the collection inside the function: `def run_concurrently(x=None): x = x or []`"}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC127", "name": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedEr", "shortDescription": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or "}, "fullDescription": {"text": "Either implement the body, or fail closed at module-load time so the deploy can't ship a half-built route. A CI gate that fails build on `raise NotImplementedError` in non-abstract code catches this cleanly."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC089", "name": "[SEC089] Go: bind to all interfaces (0.0.0.0): Server binds to all network interfaces \u2014 exposes service beyond intended ", "shortDescription": {"text": "[SEC089] Go: bind to all interfaces (0.0.0.0): Server binds to all network interfaces \u2014 exposes service beyond intended scope. Ported from gosec G102 (Apache-2.0)."}, "fullDescription": {"text": "Bind to `127.0.0.1:PORT` and front with a reverse proxy."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC007", "name": "Generated build artifact directory is present at repository root", "shortDescription": {"text": "Generated build artifact directory is present at repository root"}, "fullDescription": {"text": "Remove generated output from version control, add it to .gitignore and .dockerignore where relevant, and regenerate it in CI or release jobs."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 14 (SonarSource scale). Cognitive complexi", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 14 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weig"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 14."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "ERR003", "name": "[ERR003] Ignored Error (Go): Ignoring error return values.", "shortDescription": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "fullDescription": {"text": "Handle the error or use errcheck linter."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC132", "name": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the la", "shortDescription": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on it"}, "fullDescription": {"text": "Python: `f\"prefix {var} suffix\"`. JS/TS: `` `prefix ${var} suffix` ``. Add a lint rule (pyupgrade UP032, eslint prefer-template) so future PRs catch this automatically."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED059", "name": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message.", "shortDescription": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED060", "name": "[MINED060] Go Context No Cancel: context.Background() at request handler boundary leaks goroutines.", "shortDescription": {"text": "[MINED060] Go Context No Cancel: context.Background() at request handler boundary leaks goroutines."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED080", "name": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace.", "shortDescription": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED057", "name": "[MINED057] Todo Bomb: Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolve", "shortDescription": {"text": "[MINED057] Todo Bomb: Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolved."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete (and 6 more): Same pattern found in 6 additional files. Review if needed.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-r", "shortDescription": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025"}, "fullDescription": {"text": "Replace with: `uses: actions/cache/save@<40-char-sha>  # v4` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED110", "name": "[MINED110] Blocking call `time.sleep` inside async function `badSleep`: `time.sleep` is a synchronous (blocking) call. W", "shortDescription": {"text": "[MINED110] Blocking call `time.sleep` inside async function `badSleep`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making "}, "fullDescription": {"text": "Use the async equivalent: `aiohttp` instead of `requests`, `asyncio.sleep` instead of `time.sleep`, `aiofiles` instead of `open`."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_cpp2_namespace: Test function `test_cpp2_namespace` runs code but contains no ass", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_cpp2_namespace: Test function `test_cpp2_namespace` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_basic_replace` of class `RelativeInclude", "shortDescription": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_basic_replace` of class `RelativeIncludeTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises At"}, "fullDescription": {"text": "Initialize `self.assertEqual = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED004", "name": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).", "shortDescription": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `stru", "shortDescription": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import struct` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1392"}, "properties": {"repository": "facebook/fbthrift", "repoUrl": "https://github.com/facebook/fbthrift", "branch": "main"}, "results": [{"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `run_concurrently` (dict): `def run_concurrently(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 142769, "scanner": "repobility-ast-engine", "fingerprint": "5866c82c3abdbf25407357077f2a2cdc60366802f60dae79df997eafac543d32", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5866c82c3abdbf25407357077f2a2cdc60366802f60dae79df997eafac543d32"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/test/testing_utils.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142756, "scanner": "repobility-ast-engine", "fingerprint": "eb0efcda04a2dfbc6692464eb76afef02425480491d5d4147c4d5fe37199fa9b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eb0efcda04a2dfbc6692464eb76afef02425480491d5d4147c4d5fe37199fa9b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/interactions/out/py/gen-py/test/fixtures/interactions/MyService.py"}, "region": {"startLine": 884}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142755, "scanner": "repobility-ast-engine", "fingerprint": "00a7a59ea80736202707700ccf1242e72efb5b6731e6d44fb42b8608cedd555f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|00a7a59ea80736202707700ccf1242e72efb5b6731e6d44fb42b8608cedd555f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/service-fuzzer/out/py/gen-py/module/TestService.py"}, "region": {"startLine": 799}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142754, "scanner": "repobility-ast-engine", "fingerprint": "793459ba68d196cfbc7ad789b04506ee4b647040904df28716dbffb37e797a1a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|793459ba68d196cfbc7ad789b04506ee4b647040904df28716dbffb37e797a1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/service-fuzzer/out/py/gen-py/module/TestService.py"}, "region": {"startLine": 767}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142753, "scanner": "repobility-ast-engine", "fingerprint": "d1621f79cda1f773c76bfa801c2e2837019fef35fd3f9a3facfda1bc9c4ec059", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d1621f79cda1f773c76bfa801c2e2837019fef35fd3f9a3facfda1bc9c4ec059"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1205}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142752, "scanner": "repobility-ast-engine", "fingerprint": "1d57e4194f6b3e411d97acc00e4e60eb484f0b0c5ae76f8ac2f2650d1dc5b16a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1d57e4194f6b3e411d97acc00e4e60eb484f0b0c5ae76f8ac2f2650d1dc5b16a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1185}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142751, "scanner": "repobility-ast-engine", "fingerprint": "e2cbcb7729a295c803c3ac4a247117842a83d2f9c8f2d5ba4eeaabdf08730011", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e2cbcb7729a295c803c3ac4a247117842a83d2f9c8f2d5ba4eeaabdf08730011"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1174}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142750, "scanner": "repobility-ast-engine", "fingerprint": "9046febeb8739a771a36bebbea7a96ce1125e160dd40998ab12322ebd2f7c8ae", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9046febeb8739a771a36bebbea7a96ce1125e160dd40998ab12322ebd2f7c8ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1154}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142749, "scanner": "repobility-ast-engine", "fingerprint": "b72e32ff9d3b393a5708d894f12c6b46c7ebb72dd0ca072bc816ae1c6aa44a33", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b72e32ff9d3b393a5708d894f12c6b46c7ebb72dd0ca072bc816ae1c6aa44a33"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1116}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142748, "scanner": "repobility-ast-engine", "fingerprint": "6e530c8e05b96f8da76c817a4228ae451b6faed7e3ddbcca1861213a486f07b9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6e530c8e05b96f8da76c817a4228ae451b6faed7e3ddbcca1861213a486f07b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1096}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142747, "scanner": "repobility-ast-engine", "fingerprint": "5c833fbbd5ef06f45bbe36fc703697ae12fd55049083aa6798c6ca893e34f932", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5c833fbbd5ef06f45bbe36fc703697ae12fd55049083aa6798c6ca893e34f932"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1085}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142746, "scanner": "repobility-ast-engine", "fingerprint": "038480e45241b2da6a812693debc050b8c05342afd8c93afa6a60b17ea0ed2ca", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|038480e45241b2da6a812693debc050b8c05342afd8c93afa6a60b17ea0ed2ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/exceptions/out/py/gen-py/module/Raiser.py"}, "region": {"startLine": 1065}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142745, "scanner": "repobility-ast-engine", "fingerprint": "8115c69b933227a121da207461dfb2fa7b3b3d0534ace662838a371347da840d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8115c69b933227a121da207461dfb2fa7b3b3d0534ace662838a371347da840d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-reserved/out/py/gen-py/test/lambda_PY_RESERVED_KEYWORD.py"}, "region": {"startLine": 769}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142744, "scanner": "repobility-ast-engine", "fingerprint": "efe8c156cb038c02bf36053c8de9bbb3d958544ae75c6132a30d1742776856f0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|efe8c156cb038c02bf36053c8de9bbb3d958544ae75c6132a30d1742776856f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-reserved/out/py/gen-py/test/lambda_PY_RESERVED_KEYWORD.py"}, "region": {"startLine": 758}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142743, "scanner": "repobility-ast-engine", "fingerprint": "412af0d31265b598d8c022f8e01e24d5e6372ff2ab241fdaf088709ed986b0db", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|412af0d31265b598d8c022f8e01e24d5e6372ff2ab241fdaf088709ed986b0db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-reserved/out/py/gen-py/test/lambda_PY_RESERVED_KEYWORD.py"}, "region": {"startLine": 724}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142742, "scanner": "repobility-ast-engine", "fingerprint": "9e4985a7eb17daf563a394a31360a6ddaef79bd892a7896a5a3f903cd73d64af", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9e4985a7eb17daf563a394a31360a6ddaef79bd892a7896a5a3f903cd73d64af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-reserved/out/py/gen-py/test/lambda_PY_RESERVED_KEYWORD.py"}, "region": {"startLine": 713}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142741, "scanner": "repobility-ast-engine", "fingerprint": "55116019041b0474f9720e00af599b47a4d4b3796d30ad1c386eeec7c957195f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|55116019041b0474f9720e00af599b47a4d4b3796d30ad1c386eeec7c957195f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/namespace/out/py/gen-py/my/namespacing/test/module/TestService.py"}, "region": {"startLine": 454}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142740, "scanner": "repobility-ast-engine", "fingerprint": "62c97416a1ca5151401a71c5d16fc1b0f944f023f564d369c0c8ed90087ba320", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|62c97416a1ca5151401a71c5d16fc1b0f944f023f564d369c0c8ed90087ba320"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/namespace/out/py/gen-py/my/namespacing/test/module/TestService.py"}, "region": {"startLine": 422}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142739, "scanner": "repobility-ast-engine", "fingerprint": "8c9ed69ec0216921088326f7dfc7b1b3eae9da288caa7a40794c191eb5e1c8f3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8c9ed69ec0216921088326f7dfc7b1b3eae9da288caa7a40794c191eb5e1c8f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-cpp-transport/out/py/gen-py/test/fixtures/py_cpp_transport/MyService.py"}, "region": {"startLine": 645}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142738, "scanner": "repobility-ast-engine", "fingerprint": "ab97eba6d03050a017abb393ec915612afb22c7058215e72667963f29d9e2b29", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ab97eba6d03050a017abb393ec915612afb22c7058215e72667963f29d9e2b29"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-cpp-transport/out/py/gen-py/test/fixtures/py_cpp_transport/MyService.py"}, "region": {"startLine": 634}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142737, "scanner": "repobility-ast-engine", "fingerprint": "ecbd40a88005c2e6c4eb456eab682463d7b6c3a4794da67970813e26c9717f66", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ecbd40a88005c2e6c4eb456eab682463d7b6c3a4794da67970813e26c9717f66"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-cpp-transport/out/py/gen-py/test/fixtures/py_cpp_transport/MyService.py"}, "region": {"startLine": 600}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142736, "scanner": "repobility-ast-engine", "fingerprint": "3f48f9f8421b816366d0f3dc65bb8d26169d73130143974fce908f07f254a09a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3f48f9f8421b816366d0f3dc65bb8d26169d73130143974fce908f07f254a09a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/py-cpp-transport/out/py/gen-py/test/fixtures/py_cpp_transport/MyService.py"}, "region": {"startLine": 589}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142735, "scanner": "repobility-ast-engine", "fingerprint": "97c9b4d217529cd981ec8cdbd22507cf5ef203d75a6bfaf4970f65d645ec7271", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|97c9b4d217529cd981ec8cdbd22507cf5ef203d75a6bfaf4970f65d645ec7271"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/types/out/py/gen-py/module/SomeService.py"}, "region": {"startLine": 790}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142734, "scanner": "repobility-ast-engine", "fingerprint": "1e8e0a732565ad624e602b439d52c4ec124b275bfd31e39c3dfed2478e77b3a1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1e8e0a732565ad624e602b439d52c4ec124b275bfd31e39c3dfed2478e77b3a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/types/out/py/gen-py/module/SomeService.py"}, "region": {"startLine": 779}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142733, "scanner": "repobility-ast-engine", "fingerprint": "5836618ead2be9c971fcb592ed62078da2ca7b75b5ff45f30c38f6bdb9244007", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5836618ead2be9c971fcb592ed62078da2ca7b75b5ff45f30c38f6bdb9244007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/types/out/py/gen-py/module/SomeService.py"}, "region": {"startLine": 745}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 142732, "scanner": "repobility-ast-engine", "fingerprint": "429f702aa4994a828636d35bd0bca22579710a84082837aaba1a9962c4f6b4e9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|429f702aa4994a828636d35bd0bca22579710a84082837aaba1a9962c4f6b4e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/fixtures/types/out/py/gen-py/module/SomeService.py"}, "region": {"startLine": 734}}}]}, {"ruleId": "SEC127", "level": "warning", "message": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident."}, "properties": {"repobilityId": 142662, "scanner": "repobility-threat-engine", "fingerprint": "35934fc30b00fd65a4cb6e3f5cbeaf3d14589c23c2a44f69c5fd35f4b0a52a55", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "def patch(self, request: PatchOpRequest) -> PatchOpResponse:\n        raise NotImplementedError", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC127", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|35934fc30b00fd65a4cb6e3f5cbeaf3d14589c23c2a44f69c5fd35f4b0a52a55"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/conformance/python/conformance_server.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "SEC089", "level": "warning", "message": {"text": "[SEC089] Go: bind to all interfaces (0.0.0.0): Server binds to all network interfaces \u2014 exposes service beyond intended scope. Ported from gosec G102 (Apache-2.0)."}, "properties": {"repobilityId": 142659, "scanner": "repobility-threat-engine", "fingerprint": "83f66c5ff3b880a07a1cf81433db253e0bb6dc03c57906f8b15045cfdd1fb489", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".Listen(\"tcp\", \"[::]:0\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC089", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|83f66c5ff3b880a07a1cf81433db253e0bb6dc03c57906f8b15045cfdd1fb489"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/conformance/go/conformance_server.go"}, "region": {"startLine": 64}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 142679, "scanner": "repobility-ai-code-hygiene", "fingerprint": "50dbb1b3b76802cd96ea242d9a3875ce2857a8cc4b2e0e3e0296b62d53c3781c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "thrift/lib/cpp2/async/processor/HandlerCallback.cpp", "duplicate_line": 28, "correlation_key": "fp|50dbb1b3b76802cd96ea242d9a3875ce2857a8cc4b2e0e3e0296b62d53c3781c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/cpp2/async/processor/HandlerCallback.h"}, "region": {"startLine": 82}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 142678, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9cf536374e24c496502eb95628c372cb7d603b8cdca2f868bf62ca83c80d2932", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "thrift/lib/cpp2/async/HTTPClientChannel.h", "duplicate_line": 61, "correlation_key": "fp|9cf536374e24c496502eb95628c372cb7d603b8cdca2f868bf62ca83c80d2932"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/cpp2/async/HibernatingRequestChannel.h"}, "region": {"startLine": 38}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 142677, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ff8536ef0998df665845e025ec1749790a100d943b5ef322ce03ff84ab9e3384", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "thrift/lib/cpp2/async/HTTPClientChannel.h", "duplicate_line": 43, "correlation_key": "fp|ff8536ef0998df665845e025ec1749790a100d943b5ef322ce03ff84ab9e3384"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/cpp2/async/HeaderClientChannel.h"}, "region": {"startLine": 82}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 142676, "scanner": "repobility-ai-code-hygiene", "fingerprint": "641fbc353636d8b4ca7751253236c33c1aea742ab3b67d282b71c3b901949ece", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "thrift/lib/cpp/transport/THttpTransport.cpp", "duplicate_line": 137, "correlation_key": "fp|641fbc353636d8b4ca7751253236c33c1aea742ab3b67d282b71c3b901949ece"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/cpp/util/THttpParser.cpp"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 142675, "scanner": "repobility-ai-code-hygiene", "fingerprint": "517c7bd1eb4ea02835d82498398cbdf54d6e7c1b73d140ee6306f3c751bb0b00", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "thrift/conformance/rust/conformance_server.rs", "duplicate_line": 70, "correlation_key": "fp|517c7bd1eb4ea02835d82498398cbdf54d6e7c1b73d140ee6306f3c751bb0b00"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/conformance/rust/rpc_server.rs"}, "region": {"startLine": 50}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 142674, "scanner": "repobility-ai-code-hygiene", "fingerprint": "92071e6d1558fa001a217a4a16c80a903c554d2c2cafcb42a4345edbc4fde69a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "thrift/conformance/GTestHarness.h", "duplicate_line": 197, "correlation_key": "fp|92071e6d1558fa001a217a4a16c80a903c554d2c2cafcb42a4345edbc4fde69a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/conformance/rpcclient/GTestHarnessRPCClient.cpp"}, "region": {"startLine": 597}}}]}, {"ruleId": "AIC007", "level": "note", "message": {"text": "Generated build artifact directory is present at repository root"}, "properties": {"repobilityId": 142673, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9ce25f11f897b8a8b2478fd0136724866f111b604484c20a5c690bce80d94da1", "category": "quality", "severity": "low", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository root contains a common generated artifact directory.", "evidence": {"rule_id": "AIC007", "scanner": "repobility-ai-code-hygiene", "directory": "build", "references": ["https://git-scm.com/docs/gitignore", "https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|9ce25f11f897b8a8b2478fd0136724866f111b604484c20a5c690bce80d94da1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 14 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=4, if=6, nested_bonus=4."}, "properties": {"repobilityId": 142672, "scanner": "repobility-threat-engine", "fingerprint": "b982b1f9670bff5417c4a20b7791f058682afd5a1e25f84251e3685ee008016a", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 14 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "main", "breakdown": {"if": 6, "else": 4, "nested_bonus": 4}, "complexity": 14, "correlation_key": "fp|b982b1f9670bff5417c4a20b7791f058682afd5a1e25f84251e3685ee008016a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/py/py3_test_server.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "[ERR003] Ignored Error (Go): Ignoring error return values."}, "properties": {"repobilityId": 142669, "scanner": "repobility-threat-engine", "fingerprint": "6436d5729efdafe03dccecbc0fb2d860b9d4b04afa6f121861d8c131d6bc95ba", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "_ = item.GetStringField(", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|6436d5729efdafe03dccecbc0fb2d860b9d4b04afa6f121861d8c131d6bc95ba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/go/server/server.go"}, "region": {"startLine": 168}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 142656, "scanner": "repobility-threat-engine", "fingerprint": "0aea51e72dcb9aca5ec81ee4cae87845022fe11762f7b41db7d2dd7881c299a9", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"  name = purpose_policy_names.TPurposePolicyName.DEFAULT_PURPOSES_OPERATIONAL,\\n\" +\n          inden", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|0aea51e72dcb9aca5ec81ee4cae87845022fe11762f7b41db7d2dd7881c299a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_operational_annotations.cc"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 142668, "scanner": "repobility-threat-engine", "fingerprint": "894d91835aa92009f8010edebe2f932e7bbbd031b07e6856cde134822c3e26cb", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|894d91835aa92009f8010edebe2f932e7bbbd031b07e6856cde134822c3e26cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/example/python/client/echo_client.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 142667, "scanner": "repobility-threat-engine", "fingerprint": "65197ff6641a6bb23b17f14041b5dc1881b2123dc940d63756463fe12a9eddcb", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|65197ff6641a6bb23b17f14041b5dc1881b2123dc940d63756463fe12a9eddcb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/conformance/rust/conformance_server.rs"}, "region": {"startLine": 126}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 142666, "scanner": "repobility-threat-engine", "fingerprint": "b39288e529a4ab712a2d60436a688220bb6b374d59b0f4dce7184c9dc7729483", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|b39288e529a4ab712a2d60436a688220bb6b374d59b0f4dce7184c9dc7729483", "aggregated_count": 2}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 142665, "scanner": "repobility-threat-engine", "fingerprint": "2d4c3e59376ff0c7778517c59fb1cd596aa4854cc9edb2a1a4a92965efcfd335", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2d4c3e59376ff0c7778517c59fb1cd596aa4854cc9edb2a1a4a92965efcfd335"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/py/asyncio_test_server.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 142664, "scanner": "repobility-threat-engine", "fingerprint": "e6ecdd1b87f1b8875d8c9c507e012f247000cd0e5d37d569870b774c61229e66", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e6ecdd1b87f1b8875d8c9c507e012f247000cd0e5d37d569870b774c61229e66"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/py/asyncio_load_handler.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 142663, "scanner": "repobility-threat-engine", "fingerprint": "4b4268d62ccea45b6c447dbff4be7dde8537a41d991c19cfae1b6c36af08118b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4b4268d62ccea45b6c447dbff4be7dde8537a41d991c19cfae1b6c36af08118b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/conformance/python/conformance_server.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED060", "level": "none", "message": {"text": "[MINED060] Go Context No Cancel: context.Background() at request handler boundary leaks goroutines."}, "properties": {"repobilityId": 142661, "scanner": "repobility-threat-engine", "fingerprint": "7df97653cf7857cf79d7e4abed2acf909c4ad9948c85bc19094d1f4a27d98d7e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-context-no-cancel", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348041+00:00", "triaged_in_corpus": 12, "observations_count": 132905, "ai_coder_pattern_id": 110}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7df97653cf7857cf79d7e4abed2acf909c4ad9948c85bc19094d1f4a27d98d7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/go/server/server.go"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED060", "level": "none", "message": {"text": "[MINED060] Go Context No Cancel: context.Background() at request handler boundary leaks goroutines."}, "properties": {"repobilityId": 142660, "scanner": "repobility-threat-engine", "fingerprint": "600f05a5840d74b76a0771694154af5076a88ddf177d782e04c91b973f4d8fef", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-context-no-cancel", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348041+00:00", "triaged_in_corpus": 12, "observations_count": 132905, "ai_coder_pattern_id": 110}, "scanner": "repobility-threat-engine", "correlation_key": "fp|600f05a5840d74b76a0771694154af5076a88ddf177d782e04c91b973f4d8fef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/conformance/go/conformance_server.go"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 142658, "scanner": "repobility-threat-engine", "fingerprint": "f6c85f029f3cbaff865ab34d7d660832754094628f62c7411636314d83f6df6d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f6c85f029f3cbaff865ab34d7d660832754094628f62c7411636314d83f6df6d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/generate/t_concat_generator.cc"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED057", "level": "none", "message": {"text": "[MINED057] Todo Bomb: Code path with a TODO/FIXME/HACK comment that gates correctness \u2014 left for later but never resolved."}, "properties": {"repobilityId": 142655, "scanner": "repobility-threat-engine", "fingerprint": "3a3b3f380a5a4592fafbc2ed879e514b4399eac92d015573e7dcd643d4ed1c88", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "todo-bomb", "owasp": null, "cwe_ids": [], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348035+00:00", "triaged_in_corpus": 10, "observations_count": 255662, "ai_coder_pattern_id": 4}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3a3b3f380a5a4592fafbc2ed879e514b4399eac92d015573e7dcd643d4ed1c88"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/ast/uri.h"}, "region": {"startLine": 227}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 142654, "scanner": "repobility-threat-engine", "fingerprint": "90c67a18124d7f5cc18e76dfe7eca04bcc77ac250587d6d1963de4a5eea3cee6", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|90c67a18124d7f5cc18e76dfe7eca04bcc77ac250587d6d1963de4a5eea3cee6", "aggregated_count": 6}}}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 142653, "scanner": "repobility-threat-engine", "fingerprint": "f9e383fcb8a3417dd8b77f85bb26f805d9ef0f08dfa85c112cb1f537f0ec4466", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f9e383fcb8a3417dd8b77f85bb26f805d9ef0f08dfa85c112cb1f537f0ec4466"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/detail/pluggable_functions.cc"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 142652, "scanner": "repobility-threat-engine", "fingerprint": "63d8d643ba3dc6acc7529b95d3fe6a4f77498ce1aa43dd6e23a859a331336ce6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|63d8d643ba3dc6acc7529b95d3fe6a4f77498ce1aa43dd6e23a859a331336ce6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/ast/t_structured.h"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 142651, "scanner": "repobility-threat-engine", "fingerprint": "8e55c83f6a7f2cd8ac37244e5b1799cffeb2ac3c0da7c8233acfa06ce5f7af9d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8e55c83f6a7f2cd8ac37244e5b1799cffeb2ac3c0da7c8233acfa06ce5f7af9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/ast/t_node.cc"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142807, "scanner": "repobility-supply-chain", "fingerprint": "ca06488d4348e9716fb7116273a568b40910c43de68a8141b86928f71d68fd5b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ca06488d4348e9716fb7116273a568b40910c43de68a8141b86928f71d68fd5b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 264}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142806, "scanner": "repobility-supply-chain", "fingerprint": "14c0b961a9a81ddd9249695de184e90ce2bb16ca6e45295e5870a5ae826c2c9f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|14c0b961a9a81ddd9249695de184e90ce2bb16ca6e45295e5870a5ae826c2c9f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 256}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142805, "scanner": "repobility-supply-chain", "fingerprint": "976b1d58d237ef81199709543d69ad84063a0b76a4fdfb829182d46fcfb1c359", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|976b1d58d237ef81199709543d69ad84063a0b76a4fdfb829182d46fcfb1c359"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 248}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142804, "scanner": "repobility-supply-chain", "fingerprint": "9506432d45db1cb40f48215dc99d33c55aa51d371a771f39e503daf53303a4f4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9506432d45db1cb40f48215dc99d33c55aa51d371a771f39e503daf53303a4f4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 240}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142803, "scanner": "repobility-supply-chain", "fingerprint": "49aea55e6015c508247e439c5e29be07e89c3168c8521c9506d26c58d3bab472", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|49aea55e6015c508247e439c5e29be07e89c3168c8521c9506d26c58d3bab472"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 232}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142802, "scanner": "repobility-supply-chain", "fingerprint": "1a4070429b94e45ac6e3cfc48cd87a83f7c8bba9ded527a93511f5686d099495", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1a4070429b94e45ac6e3cfc48cd87a83f7c8bba9ded527a93511f5686d099495"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 224}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142801, "scanner": "repobility-supply-chain", "fingerprint": "6a69c4769fa350fa23ecb8d2865357c06ae9eb5a61349960251221b221579d28", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6a69c4769fa350fa23ecb8d2865357c06ae9eb5a61349960251221b221579d28"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 216}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142800, "scanner": "repobility-supply-chain", "fingerprint": "cc4a3baa60dd35f0e08e611f3e40226dd9966103ea7697e88eaea2d7a0dbc525", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cc4a3baa60dd35f0e08e611f3e40226dd9966103ea7697e88eaea2d7a0dbc525"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 208}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142799, "scanner": "repobility-supply-chain", "fingerprint": "85bf3391fee7a2be0c7765305fa0cee4c2abb071f66f8437d2bd3b761875270e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|85bf3391fee7a2be0c7765305fa0cee4c2abb071f66f8437d2bd3b761875270e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 200}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142798, "scanner": "repobility-supply-chain", "fingerprint": "5ea245713dc00b5771e637cebb4b328dd4562a6948bb618720a3104f0eebac3c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5ea245713dc00b5771e637cebb4b328dd4562a6948bb618720a3104f0eebac3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 192}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142797, "scanner": "repobility-supply-chain", "fingerprint": "12de8d63cfa0b73d182dfc14123d31c503dde79ee785d82c7c234be85d83fef6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|12de8d63cfa0b73d182dfc14123d31c503dde79ee785d82c7c234be85d83fef6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 184}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142796, "scanner": "repobility-supply-chain", "fingerprint": "d25d715212f6cfa713ef6c97014d40a5ed1cc09fa892428b009be6b3c7027bb3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d25d715212f6cfa713ef6c97014d40a5ed1cc09fa892428b009be6b3c7027bb3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 176}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142795, "scanner": "repobility-supply-chain", "fingerprint": "70453fd8a80a7c3e1e618266ed919206487535164189db598eaeffbea05a39a0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|70453fd8a80a7c3e1e618266ed919206487535164189db598eaeffbea05a39a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 168}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142794, "scanner": "repobility-supply-chain", "fingerprint": "730d91bccbe77368f75a5359e0ecaad7d56fd2c981652e293d48c9e5fc5741e2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|730d91bccbe77368f75a5359e0ecaad7d56fd2c981652e293d48c9e5fc5741e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 160}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142793, "scanner": "repobility-supply-chain", "fingerprint": "3b2fec0e624dbf7986cf89a0d1fc3b1f0a1ad5b9d15256ddfa9c47c45e93a269", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3b2fec0e624dbf7986cf89a0d1fc3b1f0a1ad5b9d15256ddfa9c47c45e93a269"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 152}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142792, "scanner": "repobility-supply-chain", "fingerprint": "0ff97f1e5453ff5a269dbe728c492fa9fae2436704c97467946cb30ab0ad8445", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0ff97f1e5453ff5a269dbe728c492fa9fae2436704c97467946cb30ab0ad8445"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/save` pinned to mutable ref `@v4`: `uses: actions/cache/save@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142791, "scanner": "repobility-supply-chain", "fingerprint": "f31a31de04daeac9854156dfa1885d94849db2490f71fed2e0a93d2d15ab804b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f31a31de04daeac9854156dfa1885d94849db2490f71fed2e0a93d2d15ab804b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache/restore` pinned to mutable ref `@v4`: `uses: actions/cache/restore@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142790, "scanner": "repobility-supply-chain", "fingerprint": "bc6099f554e7d734c6de27834b0b8ab215c3f49e059740a3ed9e5af5f3e986a0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bc6099f554e7d734c6de27834b0b8ab215c3f49e059740a3ed9e5af5f3e986a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 128}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142789, "scanner": "repobility-supply-chain", "fingerprint": "0bd2365456a66a3f40ed310467398ea5b832b1da45fa19fb7aa3c7a086b6a9c4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0bd2365456a66a3f40ed310467398ea5b832b1da45fa19fb7aa3c7a086b6a9c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_python_linux_container.yml"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v6`: `uses: actions/upload-artifact@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142788, "scanner": "repobility-supply-chain", "fingerprint": "9e7526c36a757b636132e03f822c295fdf9bf6110dbb8becb584787bd47a83de", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9e7526c36a757b636132e03f822c295fdf9bf6110dbb8becb584787bd47a83de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_linux.yml"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `mozilla-actions/sccache-action` pinned to mutable ref `@v0.0.9`: `uses: mozilla-actions/sccache-action@v0.0.9` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142787, "scanner": "repobility-supply-chain", "fingerprint": "5e57861b06404a88e6398f96f06cdf39fcf7d4344708ed21f48fa0571e8f1f17", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5e57861b06404a88e6398f96f06cdf39fcf7d4344708ed21f48fa0571e8f1f17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_linux.yml"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142786, "scanner": "repobility-supply-chain", "fingerprint": "01c47083d33ee43fbbf6704e40a6cedd1603cd0429682d87ecb3f2dfcc1b770b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|01c47083d33ee43fbbf6704e40a6cedd1603cd0429682d87ecb3f2dfcc1b770b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_linux.yml"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v6`: `uses: actions/upload-artifact@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142785, "scanner": "repobility-supply-chain", "fingerprint": "6c08056dc871dc8bc8bffe8d6bb81d8cc150f00317a7e824d6b4399718b48fd6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6c08056dc871dc8bc8bffe8d6bb81d8cc150f00317a7e824d6b4399718b48fd6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_windows.yml"}, "region": {"startLine": 143}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `mozilla-actions/sccache-action` pinned to mutable ref `@v0.0.9`: `uses: mozilla-actions/sccache-action@v0.0.9` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142784, "scanner": "repobility-supply-chain", "fingerprint": "ade495b9216716eb50e8a8197c4246f6dd28a2a1adc01bbc3d6872c0350360da", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ade495b9216716eb50e8a8197c4246f6dd28a2a1adc01bbc3d6872c0350360da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_windows.yml"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 142783, "scanner": "repobility-supply-chain", "fingerprint": "751bb61bfff2c97eca63f07d654cde49e950bf0d37dce34fab2261659aa34d39", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|751bb61bfff2c97eca63f07d654cde49e950bf0d37dce34fab2261659aa34d39"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/getdeps_windows.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `badSleep`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142782, "scanner": "repobility-ast-engine", "fingerprint": "d2b56752d6f0b2fec728c97f4d88f83e2ca0005a4f30bf14cd6ac26c5df176ff", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2b56752d6f0b2fec728c97f4d88f83e2ca0005a4f30bf14cd6ac26c5df176ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/py3/load_handler.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `async_main`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142781, "scanner": "repobility-ast-engine", "fingerprint": "0ee0e312a1c232887fc7025a36f7cb4a44e81d50d32fed8817813bcbb39a9e9c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0ee0e312a1c232887fc7025a36f7cb4a44e81d50d32fed8817813bcbb39a9e9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/example/python/client/echo_client.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `assert_basic`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142780, "scanner": "repobility-ast-engine", "fingerprint": "8719bbd6be71c45319d248445019809927ff967e570fe5c14f5137ceb26017a2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8719bbd6be71c45319d248445019809927ff967e570fe5c14f5137ceb26017a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/server/interceptor/test/interceptor_test.py"}, "region": {"startLine": 440}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `assert_basic`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142779, "scanner": "repobility-ast-engine", "fingerprint": "bd29dbe05c72e30582e1a05e3c8e5037a45193aa5a8d2e3c3f773570e2cc5d95", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bd29dbe05c72e30582e1a05e3c8e5037a45193aa5a8d2e3c3f773570e2cc5d95"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/server/interceptor/test/interceptor_test.py"}, "region": {"startLine": 390}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `assert_basic`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142778, "scanner": "repobility-ast-engine", "fingerprint": "67edd69b07805b573033ec95904c83dc5b27d3f95a410ab06f96d641a73c6d7e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|67edd69b07805b573033ec95904c83dc5b27d3f95a410ab06f96d641a73c6d7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/server/interceptor/test/interceptor_test.py"}, "region": {"startLine": 332}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `test_interceptors_header`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142777, "scanner": "repobility-ast-engine", "fingerprint": "bd409457b08319f64343e892bb152f18489cf3f4e60f57d42e4d021751611661", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bd409457b08319f64343e892bb152f18489cf3f4e60f57d42e4d021751611661"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/server/interceptor/test/interceptor_test.py"}, "region": {"startLine": 440}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `test_interceptors_header`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142776, "scanner": "repobility-ast-engine", "fingerprint": "e4cadd93f53916e8bf29cb6b55c0637388c9923abf7a3126c304c92c2332957e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e4cadd93f53916e8bf29cb6b55c0637388c9923abf7a3126c304c92c2332957e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/server/interceptor/test/interceptor_test.py"}, "region": {"startLine": 390}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `test_interceptors_header`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142775, "scanner": "repobility-ast-engine", "fingerprint": "01d7b0e296e3133bf5aeeacfe723b201ad7d32862da4a405d31c1d9bd6af51aa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|01d7b0e296e3133bf5aeeacfe723b201ad7d32862da4a405d31c1d9bd6af51aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/server/interceptor/test/interceptor_test.py"}, "region": {"startLine": 332}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `assert_return`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142774, "scanner": "repobility-ast-engine", "fingerprint": "a50498cf1824e1c19a35208afd6048b07b6ece471482c3bfe14ae0da75195008", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a50498cf1824e1c19a35208afd6048b07b6ece471482c3bfe14ae0da75195008"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/server/interceptor/test/interceptor_test.py"}, "region": {"startLine": 195}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `slow_callback`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142768, "scanner": "repobility-ast-engine", "fingerprint": "55165849b7c25723ec7d5bb972f70db5d9555dea5db3c157bf48718500e06fb5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|55165849b7c25723ec7d5bb972f70db5d9555dea5db3c157bf48718500e06fb5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/test/sink.py"}, "region": {"startLine": 381}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `time.sleep` inside async function `rangeSlowFinalResponse`: `time.sleep` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 142767, "scanner": "repobility-ast-engine", "fingerprint": "610ce1133665d44154ac6c098b0f78b9cb55f0461b2985db9d85f1efb862d056", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|610ce1133665d44154ac6c098b0f78b9cb55f0461b2985db9d85f1efb862d056"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/test/sink.py"}, "region": {"startLine": 381}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_cpp2_namespace: Test function `test_cpp2_namespace` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142729, "scanner": "repobility-ast-engine", "fingerprint": "7ca1368b562620da1ee20d47822efa8120f1dce053cde325116289689582a245", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7ca1368b562620da1ee20d47822efa8120f1dce053cde325116289689582a245"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 243}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_with_longest_pkg: Test function `test_with_longest_pkg` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142728, "scanner": "repobility-ast-engine", "fingerprint": "eb004f14f33ef530faef3e6483ed85c127b1ee5b9025f5751b8cfd40dbf7fe07", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eb004f14f33ef530faef3e6483ed85c127b1ee5b9025f5751b8cfd40dbf7fe07"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 224}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_with_common_identifiers: Test function `test_with_common_identifiers` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142727, "scanner": "repobility-ast-engine", "fingerprint": "e507e918517627be3e1d99ad87d9a2698da6f7b2358ddd137644ba2d106a637e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e507e918517627be3e1d99ad87d9a2698da6f7b2358ddd137644ba2d106a637e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 206}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_with_common_namespace_after_modification: Test function `test_with_common_namespace_after_modification` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142726, "scanner": "repobility-ast-engine", "fingerprint": "42dfb2f0fb4f37ded2a077ad09e2ce925d8751e010987b72793a2cc3ba743405", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|42dfb2f0fb4f37ded2a077ad09e2ce925d8751e010987b72793a2cc3ba743405"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 171}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_with_common_namespace: Test function `test_with_common_namespace` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142725, "scanner": "repobility-ast-engine", "fingerprint": "a53dd42ec86f20e39b0f5df5e0591bfec421c73dc6dace0f42df08012417266f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a53dd42ec86f20e39b0f5df5e0591bfec421c73dc6dace0f42df08012417266f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 152}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_package_from_namespace: Test function `test_package_from_namespace` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142724, "scanner": "repobility-ast-engine", "fingerprint": "eee3cb48652f9ab4e872454dc374820aee9d3fe04180db78057d8ad75644a64f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eee3cb48652f9ab4e872454dc374820aee9d3fe04180db78057d8ad75644a64f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_package_from_file_path: Test function `test_package_from_file_path` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142723, "scanner": "repobility-ast-engine", "fingerprint": "b6ec71dc1c1e966ae2d290686904016ad785123a37c6733611e934e9ab669446", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b6ec71dc1c1e966ae2d290686904016ad785123a37c6733611e934e9ab669446"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_existing_package: Test function `test_existing_package` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142722, "scanner": "repobility-ast-engine", "fingerprint": "01f9b6a52f5fd73b8bbff8186a079f3ecd09a8ae04272ddc8ef5cdda1af30bc2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|01f9b6a52f5fd73b8bbff8186a079f3ecd09a8ae04272ddc8ef5cdda1af30bc2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_package_test.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_commented_namespace_needs_include: Test function `test_commented_namespace_needs_include` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142721, "scanner": "repobility-ast-engine", "fingerprint": "8fafc04655d7e081b378fd30c716f4ce0876bcefdccbfa85600c403fb4f9a18d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8fafc04655d7e081b378fd30c716f4ce0876bcefdccbfa85600c403fb4f9a18d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 325}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_annotation_for_typedef: Test function `test_no_annotation_for_typedef` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142720, "scanner": "repobility-ast-engine", "fingerprint": "29ab785f818c9aa82b329f9f54a46f7dc5e0fd50c5d5e2c5bea6393690be89e8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|29ab785f818c9aa82b329f9f54a46f7dc5e0fd50c5d5e2c5bea6393690be89e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 312}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_change_when_types_have_explicit_uris: Test function `test_no_change_when_types_have_explicit_uris` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142719, "scanner": "repobility-ast-engine", "fingerprint": "a5f1e8924907e04e655e25f1bdd6f773165df830e4cb76bce9789d92d9c9f079", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a5f1e8924907e04e655e25f1bdd6f773165df830e4cb76bce9789d92d9c9f079"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 291}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_change_when_annotation_already_present: Test function `test_no_change_when_annotation_already_present` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142718, "scanner": "repobility-ast-engine", "fingerprint": "cd6032cceb8b3525ee5e99fabc2e26014c14a4f65241e272ad571e5aeee0287f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cd6032cceb8b3525ee5e99fabc2e26014c14a4f65241e272ad571e5aeee0287f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 266}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_change_when_package_has_uri: Test function `test_no_change_when_package_has_uri` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142717, "scanner": "repobility-ast-engine", "fingerprint": "193c1064e82cdaa048e1f1f9723f34c6f3151b196491a1b2feb06190344b2150", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|193c1064e82cdaa048e1f1f9723f34c6f3151b196491a1b2feb06190344b2150"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 247}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_with_namespaces_before_include: Test function `test_adds_annotation_with_namespaces_before_include` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142716, "scanner": "repobility-ast-engine", "fingerprint": "ee36f619bd06bddd62bad29870e182355a38ed9a41aa16a560c5ac105276bcd4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ee36f619bd06bddd62bad29870e182355a38ed9a41aa16a560c5ac105276bcd4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 223}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_with_namespaces_and_other_include_with_comment: Test function `test_adds_annotation_with_namespaces_and_other_include_with_comment` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142715, "scanner": "repobility-ast-engine", "fingerprint": "7dd68680cddf5453a97a42dbedb25a1bf9b2e72ea019067fbc1a2561f6036992", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7dd68680cddf5453a97a42dbedb25a1bf9b2e72ea019067fbc1a2561f6036992"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 200}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_with_namespaces_and_other_include: Test function `test_adds_annotation_with_namespaces_and_other_include` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142714, "scanner": "repobility-ast-engine", "fingerprint": "38ec320d9ca013af641f10aab5e4822648363b4636d4504732ee66c8dbd70163", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|38ec320d9ca013af641f10aab5e4822648363b4636d4504732ee66c8dbd70163"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 177}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_with_namespaces: Test function `test_adds_annotation_with_namespaces` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142713, "scanner": "repobility-ast-engine", "fingerprint": "a902eade89a0bfb5bd4dfe3e773be6784936df7c02a9c3e00559bfb8c057d1dd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a902eade89a0bfb5bd4dfe3e773be6784936df7c02a9c3e00559bfb8c057d1dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_existing_package_before_include: Test function `test_adds_annotation_existing_package_before_include` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142712, "scanner": "repobility-ast-engine", "fingerprint": "8609c710c0cbb6280eac93135c07c5e11daaa028f1410d16355bcc937d668bcd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8609c710c0cbb6280eac93135c07c5e11daaa028f1410d16355bcc937d668bcd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 137}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_existing_package_and_other_includes_with_commend: Test function `test_adds_annotation_existing_package_and_other_includes_with_commend` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142711, "scanner": "repobility-ast-engine", "fingerprint": "759a936b3a253baa7dd33c402800ad47714cdce2095c73812a53ddf29a9fe70c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|759a936b3a253baa7dd33c402800ad47714cdce2095c73812a53ddf29a9fe70c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_existing_package_and_other_includes: Test function `test_adds_annotation_existing_package_and_other_includes` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142710, "scanner": "repobility-ast-engine", "fingerprint": "14ccafc02293c17f3cb178b499eacda0905ba2214b9bf255fafe2b8f318b126d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|14ccafc02293c17f3cb178b499eacda0905ba2214b9bf255fafe2b8f318b126d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 97}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_existing_package_no_include: Test function `test_adds_annotation_existing_package_no_include` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142709, "scanner": "repobility-ast-engine", "fingerprint": "faa3e3e352367112126b27f99d2c6ac0c4a07835fd2c8e950c15186a5c00dd63", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|faa3e3e352367112126b27f99d2c6ac0c4a07835fd2c8e950c15186a5c00dd63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adds_annotation_package_and_include: Test function `test_adds_annotation_package_and_include` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142708, "scanner": "repobility-ast-engine", "fingerprint": "19e289346d7166e9c938b702807b80719ad6d515360088da4dac33f8e53f96eb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|19e289346d7166e9c938b702807b80719ad6d515360088da4dac33f8e53f96eb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_allow_legacy_missing_uris_test.py"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_already_has_operational_annotation: Test function `test_already_has_operational_annotation` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142707, "scanner": "repobility-ast-engine", "fingerprint": "ced05cbdbfba5b57f512829858d4c7e30cc56447815bfb520ea8f65b43681ae6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ced05cbdbfba5b57f512829858d4c7e30cc56447815bfb520ea8f65b43681ae6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_operational_annotations_test.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_adding_operational_annotation: Test function `test_adding_operational_annotation` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142706, "scanner": "repobility-ast-engine", "fingerprint": "f9d7e304523781c553907496f658e1527c0bddaea27fe024c9a02f061cb765e5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9d7e304523781c553907496f658e1527c0bddaea27fe024c9a02f061cb765e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_operational_annotations_test.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_operational_annotation: Test function `test_no_operational_annotation` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 142705, "scanner": "repobility-ast-engine", "fingerprint": "0f8149ae82adec128ddd0ca0e5f18dca43b07df76a48a884cc6db9c7d175b9c2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0f8149ae82adec128ddd0ca0e5f18dca43b07df76a48a884cc6db9c7d175b9c2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/add_operational_annotations_test.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_basic_replace` of class `RelativeIncludeTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142704, "scanner": "repobility-ast-engine", "fingerprint": "70a5244856ba98adb0885d96bf9dddda9f90bbdef22bb76ca6f389d9bc6c3b67", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|70a5244856ba98adb0885d96bf9dddda9f90bbdef22bb76ca6f389d9bc6c3b67"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/relative_include_test.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tmp` used but never assigned in __init__: Method `setUp` of class `RelativeIncludeTest` reads `self.tmp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142703, "scanner": "repobility-ast-engine", "fingerprint": "eaadf81eac2e59754acc2dd7fe7d4d69bd84bb81b9a8c2f1bb72d62f6dae66b6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eaadf81eac2e59754acc2dd7fe7d4d69bd84bb81b9a8c2f1bb72d62f6dae66b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/relative_include_test.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.addCleanup` used but never assigned in __init__: Method `setUp` of class `RelativeIncludeTest` reads `self.addCleanup`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142702, "scanner": "repobility-ast-engine", "fingerprint": "b33bb03917992ba606e6f8edd3ed511a352881f82ded4a7d749ae2a8394c185b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b33bb03917992ba606e6f8edd3ed511a352881f82ded4a7d749ae2a8394c185b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/relative_include_test.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.addCleanup` used but never assigned in __init__: Method `setUp` of class `RelativeIncludeTest` reads `self.addCleanup`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142701, "scanner": "repobility-ast-engine", "fingerprint": "9e2eca8a20d3b739cacef762d2cd2eba06d92921240e037efcde95eba392f6dd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9e2eca8a20d3b739cacef762d2cd2eba06d92921240e037efcde95eba392f6dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/relative_include_test.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.maxDiff` used but never assigned in __init__: Method `setUp` of class `RelativeIncludeTest` reads `self.maxDiff`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142700, "scanner": "repobility-ast-engine", "fingerprint": "d2c900fbc8d81bc5a4aed12ec3a36be1502dbee8759dc50a24bbac463c4451d3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2c900fbc8d81bc5a4aed12ec3a36be1502dbee8759dc50a24bbac463c4451d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/relative_include_test.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tmp` used but never assigned in __init__: Method `setUp` of class `RelativeIncludeTest` reads `self.tmp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142699, "scanner": "repobility-ast-engine", "fingerprint": "fe0b348be349ecb794f172540109e540494ce99d51b2f4910f25427e76983eaa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fe0b348be349ecb794f172540109e540494ce99d51b2f4910f25427e76983eaa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/relative_include_test.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_replace_without_include` of class `AnnotateHackLegacyJsonSerializationTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142698, "scanner": "repobility-ast-engine", "fingerprint": "a4ad27d288f1938849e48efdd9f03e91ead56cb48ec84a27b06cbc28784c9c67", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a4ad27d288f1938849e48efdd9f03e91ead56cb48ec84a27b06cbc28784c9c67"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_replace_with_include` of class `AnnotateHackLegacyJsonSerializationTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142697, "scanner": "repobility-ast-engine", "fingerprint": "e678c98a254308ab93d57e80a33dca6f49ecea8aa38520032dbad7d86d44f6b1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e678c98a254308ab93d57e80a33dca6f49ecea8aa38520032dbad7d86d44f6b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tmp` used but never assigned in __init__: Method `setUp` of class `AnnotateHackLegacyJsonSerializationTest` reads `self.tmp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142696, "scanner": "repobility-ast-engine", "fingerprint": "e3ce12f94434d45f4e0c6da8e887caa7da28dbbbfc6aba32bcf982003db91e5b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e3ce12f94434d45f4e0c6da8e887caa7da28dbbbfc6aba32bcf982003db91e5b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.addCleanup` used but never assigned in __init__: Method `setUp` of class `AnnotateHackLegacyJsonSerializationTest` reads `self.addCleanup`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142695, "scanner": "repobility-ast-engine", "fingerprint": "361cc2cc0b28168ac5f48b013c820f6bd79a4784ae8dfe70574be5c0a014d33a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|361cc2cc0b28168ac5f48b013c820f6bd79a4784ae8dfe70574be5c0a014d33a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.addCleanup` used but never assigned in __init__: Method `setUp` of class `AnnotateHackLegacyJsonSerializationTest` reads `self.addCleanup`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142694, "scanner": "repobility-ast-engine", "fingerprint": "f4a5799ce431ec437091bc05088b876d0696c546eb80751b4cf0b34bad4a7cec", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f4a5799ce431ec437091bc05088b876d0696c546eb80751b4cf0b34bad4a7cec"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.maxDiff` used but never assigned in __init__: Method `setUp` of class `AnnotateHackLegacyJsonSerializationTest` reads `self.maxDiff`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142693, "scanner": "repobility-ast-engine", "fingerprint": "43447c291aceb8811da52aa5384fb1a4f57e8074ce58cc7e6e1d32bfa777826c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|43447c291aceb8811da52aa5384fb1a4f57e8074ce58cc7e6e1d32bfa777826c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tmp` used but never assigned in __init__: Method `setUp` of class `AnnotateHackLegacyJsonSerializationTest` reads `self.tmp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142692, "scanner": "repobility-ast-engine", "fingerprint": "a2d84e01dbc6f2a896fa9259eb02c23e3eafbc1e830c0f974f4184f0f446a813", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a2d84e01dbc6f2a896fa9259eb02c23e3eafbc1e830c0f974f4184f0f446a813"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/annotate_hack_legacy_json_serialization_test.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_duplicate_with_trailing_semicolon` of class `RemoveDuplicateNamespacesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142691, "scanner": "repobility-ast-engine", "fingerprint": "8559e6ede02b6f1a725bb519137d8d10b054880397c09f6be97c32fe610eb5d5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8559e6ede02b6f1a725bb519137d8d10b054880397c09f6be97c32fe610eb5d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 181}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertIn` used but never assigned in __init__: Method `test_trailing_content_on_duplicate_skips_file` of class `RemoveDuplicateNamespacesTest` reads `self.assertIn`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142690, "scanner": "repobility-ast-engine", "fingerprint": "4bd6ad501e4f484866605b254bf40646a3285862034a81f0c578d734de0fa3e6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4bd6ad501e4f484866605b254bf40646a3285862034a81f0c578d734de0fa3e6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 160}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertIn` used but never assigned in __init__: Method `test_trailing_content_on_duplicate_skips_file` of class `RemoveDuplicateNamespacesTest` reads `self.assertIn`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142689, "scanner": "repobility-ast-engine", "fingerprint": "f1085897917a169e5ef1828ff985795e64bfae06ca814b1bdb1ec2f6db8c375b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f1085897917a169e5ef1828ff985795e64bfae06ca814b1bdb1ec2f6db8c375b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 159}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_trailing_content_on_duplicate_skips_file` of class `RemoveDuplicateNamespacesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142688, "scanner": "repobility-ast-engine", "fingerprint": "e2a121967d6afcf37ded7ad03a822c9fdfcb39cc197d609936af18ac8c19d6c0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e2a121967d6afcf37ded7ad03a822c9fdfcb39cc197d609936af18ac8c19d6c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_multiple_languages_with_duplicates` of class `RemoveDuplicateNamespacesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142687, "scanner": "repobility-ast-engine", "fingerprint": "d3c5ba2110ad672fce2311c80817d6fb317069e280e8f3334ae12bd63aa1f10f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d3c5ba2110ad672fce2311c80817d6fb317069e280e8f3334ae12bd63aa1f10f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_basic_duplicate_removal` of class `RemoveDuplicateNamespacesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142686, "scanner": "repobility-ast-engine", "fingerprint": "ea0535bb51e402123a37ff7f40c1406a189a98859ba85ace3700a0033f9018fc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ea0535bb51e402123a37ff7f40c1406a189a98859ba85ace3700a0033f9018fc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.assertEqual` used but never assigned in __init__: Method `test_no_duplicates` of class `RemoveDuplicateNamespacesTest` reads `self.assertEqual`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142685, "scanner": "repobility-ast-engine", "fingerprint": "0614fafd5e82812c7e628664aedafeeb9a00df37a0ad19f19ea0e4631578dc5a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0614fafd5e82812c7e628664aedafeeb9a00df37a0ad19f19ea0e4631578dc5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tmp` used but never assigned in __init__: Method `setUp` of class `RemoveDuplicateNamespacesTest` reads `self.tmp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142684, "scanner": "repobility-ast-engine", "fingerprint": "603920d0d03d40eb4ba01da1339c8fd9eb5c9a5acac6394445b5bc281438f5d8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|603920d0d03d40eb4ba01da1339c8fd9eb5c9a5acac6394445b5bc281438f5d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.addCleanup` used but never assigned in __init__: Method `setUp` of class `RemoveDuplicateNamespacesTest` reads `self.addCleanup`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142683, "scanner": "repobility-ast-engine", "fingerprint": "11a7f6a2293d38e3292aa4ca9971e6f477464656dc778cffdc3d3fc45539bdf4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|11a7f6a2293d38e3292aa4ca9971e6f477464656dc778cffdc3d3fc45539bdf4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.addCleanup` used but never assigned in __init__: Method `setUp` of class `RemoveDuplicateNamespacesTest` reads `self.addCleanup`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142682, "scanner": "repobility-ast-engine", "fingerprint": "cdb00beec7798f9e98e8353ff733e5ad69cecd71c4dc6f094e57ce17aab56124", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cdb00beec7798f9e98e8353ff733e5ad69cecd71c4dc6f094e57ce17aab56124"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.maxDiff` used but never assigned in __init__: Method `setUp` of class `RemoveDuplicateNamespacesTest` reads `self.maxDiff`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142681, "scanner": "repobility-ast-engine", "fingerprint": "03acb42591e3834efde9ab2fea03cbb4ca03f1a8ac349f35d4fc4943c0c6fd2a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|03acb42591e3834efde9ab2fea03cbb4ca03f1a8ac349f35d4fc4943c0c6fd2a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 35}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tmp` used but never assigned in __init__: Method `setUp` of class `RemoveDuplicateNamespacesTest` reads `self.tmp`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 142680, "scanner": "repobility-ast-engine", "fingerprint": "9d0f5f4790908dfe037402b032091d98b4920ad3275c3337681961e32f323b1c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9d0f5f4790908dfe037402b032091d98b4920ad3275c3337681961e32f323b1c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/codemod/remove_duplicate_namespaces_test.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 142671, "scanner": "repobility-threat-engine", "fingerprint": "b4cdee5dab2d6d0d0e0e827c36f83d6c832fcadaa903cb3c54b0abdbac7a155d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b4cdee5dab2d6d0d0e0e827c36f83d6c832fcadaa903cb3c54b0abdbac7a155d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/py/asyncio_test_server.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 142670, "scanner": "repobility-threat-engine", "fingerprint": "11bbf7b01dc2100dc68c87c2d7e1cd910397f018fe074685ae9c39e7a49d5f6c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|11bbf7b01dc2100dc68c87c2d7e1cd910397f018fe074685ae9c39e7a49d5f6c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/perf/py/asyncio_test_server.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 142657, "scanner": "repobility-threat-engine", "fingerprint": "74833b62adf5305239f7ea11748fe8ac37f0c14bacf2ca0d51339831310a16d3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|74833b62adf5305239f7ea11748fe8ac37f0c14bacf2ca0d51339831310a16d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/generate/t_concat_generator.cc"}, "region": {"startLine": 149}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142773, "scanner": "repobility-ast-engine", "fingerprint": "4c1b8fbfe2ed4db6b6a38e5a2eaea78fc3a195356727716b8a8f98da799764b1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4c1b8fbfe2ed4db6b6a38e5a2eaea78fc3a195356727716b8a8f98da799764b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/schema/tests/test_syntax_graph.py"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `enum` used but not imported: The file uses `enum.something(...)` but never imports `enum`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142772, "scanner": "repobility-ast-engine", "fingerprint": "2b9baa356799445b895f9107dfdb44186958c699a5217d47b5f193bdc8781e66", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2b9baa356799445b895f9107dfdb44186958c699a5217d47b5f193bdc8781e66"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/schema/tests/test_syntax_graph.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `socket` used but not imported: The file uses `socket.something(...)` but never imports `socket`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142771, "scanner": "repobility-ast-engine", "fingerprint": "5f7ebab7245ed5783570a05e83f0f39150056bbd6ec47a22519c8b9e71f865ae", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f7ebab7245ed5783570a05e83f0f39150056bbd6ec47a22519c8b9e71f865ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/client/test/test_server.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142770, "scanner": "repobility-ast-engine", "fingerprint": "4ff2dee2995ac1809d45d86e75782181eedadf50d0eb0e0eef664626a0a3409a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4ff2dee2995ac1809d45d86e75782181eedadf50d0eb0e0eef664626a0a3409a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/test/python_annotations_test.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142766, "scanner": "repobility-ast-engine", "fingerprint": "9041618c2d4dacc344f7602c691f70ea322c1776a94aafaaf403b8c504d891b6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9041618c2d4dacc344f7602c691f70ea322c1776a94aafaaf403b8c504d891b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/test/mutable_structs.py"}, "region": {"startLine": 137}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142765, "scanner": "repobility-ast-engine", "fingerprint": "7015f521c612c87390fb08bfdc3709bebc022aed99444ab8ea880ef5bb417e09", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7015f521c612c87390fb08bfdc3709bebc022aed99444ab8ea880ef5bb417e09"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/py/util/Decorators.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142764, "scanner": "repobility-ast-engine", "fingerprint": "d2600d317b9232ea3346b5ee7e86c44a56e63339e58bafe3e6c822ae030e0ec8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2600d317b9232ea3346b5ee7e86c44a56e63339e58bafe3e6c822ae030e0ec8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/py/util/__init__.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `socket` used but not imported: The file uses `socket.something(...)` but never imports `socket`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142763, "scanner": "repobility-ast-engine", "fingerprint": "cf496ff106abba4ca478d0de1ae043c4dfa6167bd536a267b8dba8ed324524cf", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf496ff106abba4ca478d0de1ae043c4dfa6167bd536a267b8dba8ed324524cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/py/server/TAsyncioServer.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142762, "scanner": "repobility-ast-engine", "fingerprint": "420a7e461265bad7c51893a6ec38832c9732b71378cde1657c90ce39cac63398", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|420a7e461265bad7c51893a6ec38832c9732b71378cde1657c90ce39cac63398"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/py/protocol/TSimpleJSONProtocol.py"}, "region": {"startLine": 637}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142761, "scanner": "repobility-ast-engine", "fingerprint": "375fe4db165e5a8f6fcecdc3ef60028ac4d8854265d4480c26844c93017b9922", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|375fe4db165e5a8f6fcecdc3ef60028ac4d8854265d4480c26844c93017b9922"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/py/protocol/TJSONProtocol.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142760, "scanner": "repobility-ast-engine", "fingerprint": "d2ab81f1c3cee31392948dee76d8c8472b7b75ba20f97e92ef9c4d9e7631e83c", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2ab81f1c3cee31392948dee76d8c8472b7b75ba20f97e92ef9c4d9e7631e83c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/lib/python/metadata.py"}, "region": {"startLine": 503}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142759, "scanner": "repobility-ast-engine", "fingerprint": "9b367a61cec09b0f6f3dace79e6954ad543902b9ac1054b6c87ca62f5e6cae6a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9b367a61cec09b0f6f3dace79e6954ad543902b9ac1054b6c87ca62f5e6cae6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/test/thrift-python/struct_test.py"}, "region": {"startLine": 1272}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142758, "scanner": "repobility-ast-engine", "fingerprint": "5dab5c659edf52aca529800f5a6497d2455080488f6fddf2552a7bb32e79c172", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5dab5c659edf52aca529800f5a6497d2455080488f6fddf2552a7bb32e79c172"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/test/py/JSONReaderTest.py"}, "region": {"startLine": 35}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142757, "scanner": "repobility-ast-engine", "fingerprint": "2569ebeba2e5daa4b6c2e78c0a270304ee456db98043ab1a79ed2f65a5771ec8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2569ebeba2e5daa4b6c2e78c0a270304ee456db98043ab1a79ed2f65a5771ec8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/test/JsonToThriftTest/SimpleJSONToThriftTest.py"}, "region": {"startLine": 149}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142731, "scanner": "repobility-ast-engine", "fingerprint": "ac60baceaca3f18af177ef12e01894c7ec7b45581a648876d4db0adb5419dfa6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac60baceaca3f18af177ef12e01894c7ec7b45581a648876d4db0adb5419dfa6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/ast_generator_test.py"}, "region": {"startLine": 316}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `ast` used but not imported: The file uses `ast.something(...)` but never imports `ast`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 142730, "scanner": "repobility-ast-engine", "fingerprint": "3fd17cac512565dd040caa0bf5e26a99de7925e796aa11671246f6ab0b4edbb1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3fd17cac512565dd040caa0bf5e26a99de7925e796aa11671246f6ab0b4edbb1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "thrift/compiler/test/ast_generator_test.py"}, "region": {"startLine": 401}}}]}]}]}