{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT015", "name": "Remote install command pipes network code directly to a shell", "shortDescription": {"text": "Remote install command pipes network code directly to a shell"}, "fullDescription": {"text": "Agent helper projects often publish one-line installers. `curl | sh` style commands are convenient, but they bypass review unless the script is pinned, signed, or checksum-verified."}, "properties": {"scanner": "repobility-agent-runtime", "category": "dependency", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "WEB005", "name": "robots.txt does not advertise a sitemap", "shortDescription": {"text": "robots.txt does not advertise a sitemap"}, "fullDescription": {"text": "Sitemap directives in robots.txt help crawlers and AI agents find the canonical public URL inventory quickly."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "MINED059", "name": "[MINED059] Rust Expect In Prod (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED059] Rust Expect In Prod (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED068", "name": "[MINED068] Rust Unsafe Block (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED068] Rust Unsafe Block (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-119 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED003", "name": "[MINED003] Rust Unwrap In Prod (and 8 more): Same pattern found in 8 additional files. Review if needed.", "shortDescription": {"text": "[MINED003] Rust Unwrap In Prod (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO ", "shortDescription": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED046", "name": "[MINED046] Dart Print (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED046] Dart Print (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED045", "name": "[MINED045] Ts Non Null Assertion (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED045] Ts Non Null Assertion (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy (and 35 more): Same pattern found in 35 additional files. Review if needed.", "shortDescription": {"text": "[MINED022] C Strcpy (and 35 more): Same pattern found in 35 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "RUSTSEC-2025-0141", "name": "bincode: RUSTSEC-2025-0141", "shortDescription": {"text": "bincode: RUSTSEC-2025-0141"}, "fullDescription": {"text": "Bincode is unmaintained"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "MINED029", "name": "[MINED029] Kotlin Null Bang: x!! throws NullPointerException if x is null. Bypasses Kotlins null safety.", "shortDescription": {"text": "[MINED029] Kotlin Null Bang: x!! throws NullPointerException if x is null. Bypasses Kotlins null safety."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/checkout` pinned to mutable ref `@v6`", "shortDescription": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "fullDescription": {"text": "`uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "MINED025", "name": "[MINED025] Php Eval: eval() executes arbitrary PHP. Code injection.", "shortDescription": {"text": "[MINED025] Php Eval: eval() executes arbitrary PHP. Code injection."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED024", "name": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk.", "shortDescription": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED015", "name": "[MINED015] Ruby Eval Call: eval() executes arbitrary code. Code injection.", "shortDescription": {"text": "[MINED015] Ruby Eval Call: eval() executes arbitrary code. Code injection."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED116", "name": "Workflow uses `secrets.PAT` on a `pull_request` trigger", "shortDescription": {"text": "Workflow uses `secrets.PAT` on a `pull_request` trigger"}, "fullDescription": {"text": "This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.PAT }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "critical", "confidence": 0.9, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1075"}, "properties": {"repository": "pola-rs/r-polars", "repoUrl": "https://github.com/pola-rs/r-polars", "branch": "main"}, "results": [{"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 105643, "scanner": "repobility-threat-engine", "fingerprint": "28bc154b703c3eb3e1bea96e4fe7a08ad7f0dffcbd64798b7bb87809368a6fca", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|src/rust/src/r_udf.rs|55|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/r_udf.rs"}, "region": {"startLine": 55}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 105642, "scanner": "repobility-threat-engine", "fingerprint": "28c7887d8642328a3b5b1cdac3fb930062340fce47ed8f10bd9730281bb1b487", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|r/autocompletion.r|86|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/autocompletion.R"}, "region": {"startLine": 86}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 105641, "scanner": "repobility-threat-engine", "fingerprint": "872d70779592705519a48dbe1117247dc65a8d0496e29e6475e75c4cc366f64f", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|r/as_polars_df.r|182|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_df.R"}, "region": {"startLine": 182}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 105635, "scanner": "repobility-agent-runtime", "fingerprint": "9125480eaccedcf875f5d1df420d97486f9645e8beb67b5f75c709b37f6d0bbb", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|9125480eaccedcf875f5d1df420d97486f9645e8beb67b5f75c709b37f6d0bbb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".devcontainer/devcontainer.json"}, "region": {"startLine": 39}}}]}, {"ruleId": "WEB005", "level": "note", "message": {"text": "robots.txt does not advertise a sitemap"}, "properties": {"repobilityId": 105676, "scanner": "repobility-web-presence", "fingerprint": "21482e0df8d7f4eb50997e6d708c98cbe32be3ad2bea8442b06ff0ca1e404160", "category": "quality", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Discovered robots file or route lacks a Sitemap directive.", "evidence": {"rule_id": "WEB005", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9309", "https://www.sitemaps.org/protocol.html"], "correlation_key": "fp|21482e0df8d7f4eb50997e6d708c98cbe32be3ad2bea8442b06ff0ca1e404160"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-r.yml"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 105674, "scanner": "repobility-threat-engine", "fingerprint": "9165cfb92f23c82d748ff2e396f6ce1906a33fc59330ee3ce89bc7aac0698e97", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|9165cfb92f23c82d748ff2e396f6ce1906a33fc59330ee3ce89bc7aac0698e97", "aggregated_count": 1}}}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 105673, "scanner": "repobility-threat-engine", "fingerprint": "9f5df7d8293fe78552f371e3e7fba225c323aa45ac71a88bfb263fb211961244", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9f5df7d8293fe78552f371e3e7fba225c323aa45ac71a88bfb263fb211961244"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/r_threads.rs"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 105672, "scanner": "repobility-threat-engine", "fingerprint": "9144bc27bdb890b9ad1209fcf272b422190a305b50ae5dc2d4c2ec10b7fd4dec", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9144bc27bdb890b9ad1209fcf272b422190a305b50ae5dc2d4c2ec10b7fd4dec"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/lazyframe/mod.rs"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 105671, "scanner": "repobility-threat-engine", "fingerprint": "ffa2dbaf40cf11109c22041bda9a8d262b723f324b126319c72db30912f8823a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ffa2dbaf40cf11109c22041bda9a8d262b723f324b126319c72db30912f8823a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/dataframe/mod.rs"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 105670, "scanner": "repobility-threat-engine", "fingerprint": "7bcded00ad833ba73bcf4b2215be5d4e118edecf98ea1a94a390c7d651375790", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|7bcded00ad833ba73bcf4b2215be5d4e118edecf98ea1a94a390c7d651375790", "aggregated_count": 5}}}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 105669, "scanner": "repobility-threat-engine", "fingerprint": "88f68ad4b2f13d12d5622ef1a2466b8f231366bbbd2793058541a6f897825811", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|88f68ad4b2f13d12d5622ef1a2466b8f231366bbbd2793058541a6f897825811"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/conversion/data_table.rs"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 105668, "scanner": "repobility-threat-engine", "fingerprint": "d7a89d4ffcd924354b3562ae20535c970bf493c3edaa6af6e26961988387898d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d7a89d4ffcd924354b3562ae20535c970bf493c3edaa6af6e26961988387898d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/conversion/clock.rs"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 105667, "scanner": "repobility-threat-engine", "fingerprint": "5eba31efceae0082ab6567d2509fb6a916a98ab7596725384ee1cac1fa8926c0", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5eba31efceae0082ab6567d2509fb6a916a98ab7596725384ee1cac1fa8926c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/conversion/chunked_array.rs"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED003", "level": "none", "message": {"text": "[MINED003] Rust Unwrap In Prod (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 105666, "scanner": "repobility-threat-engine", "fingerprint": "2d06773f5e7f0bf519e2c5e314779328b6af335b0b4758ea0e10bfd081cbce50", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|2d06773f5e7f0bf519e2c5e314779328b6af335b0b4758ea0e10bfd081cbce50", "aggregated_count": 8}}}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 105662, "scanner": "repobility-threat-engine", "fingerprint": "e2e5796cdb4751ccb2425a922fa8c714384ff30c486205d25c4b357637e964cc", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e2e5796cdb4751ccb2425a922fa8c714384ff30c486205d25c4b357637e964cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/utils-parse-expr.R"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 105661, "scanner": "repobility-threat-engine", "fingerprint": "4ea00ce35407cc34ddcf3d0d2870245a926836a531462a3cbf740be7ebc2a010", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4ea00ce35407cc34ddcf3d0d2870245a926836a531462a3cbf740be7ebc2a010"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/import-standalone-lifecycle.R"}, "region": {"startLine": 209}}}]}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 105660, "scanner": "repobility-threat-engine", "fingerprint": "98b016da3466d01ab79a255d3eb96782343be555f1780d7fd00791ad11ae38d2", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|98b016da3466d01ab79a255d3eb96782343be555f1780d7fd00791ad11ae38d2", "aggregated_count": 3}}}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "properties": {"repobilityId": 105659, "scanner": "repobility-threat-engine", "fingerprint": "bda92e0b602099d20dc944d16a677f9082e3713c1f065920a070f38c2413bef6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bda92e0b602099d20dc944d16a677f9082e3713c1f065920a070f38c2413bef6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/meta-versions.R"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "properties": {"repobilityId": 105658, "scanner": "repobility-threat-engine", "fingerprint": "96ab8b9e74b0d96bdb7a4be770406b4fc4609608f457660bfc5529076e833052", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "correlation_key": "fp|96ab8b9e74b0d96bdb7a4be770406b4fc4609608f457660bfc5529076e833052"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/lazyframe-utils.R"}, "region": {"startLine": 57}}}]}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "properties": {"repobilityId": 105657, "scanner": "repobility-threat-engine", "fingerprint": "df4c4b0a95ecdbabb5f8829e81414ac51964e8aef0ae4bc20f09ebe3dbe4dcf3", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "correlation_key": "fp|df4c4b0a95ecdbabb5f8829e81414ac51964e8aef0ae4bc20f09ebe3dbe4dcf3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/dataframe-html.R"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 105656, "scanner": "repobility-threat-engine", "fingerprint": "3a22ac02b2baf370d83ba17a8bec43c4e714d3f46e5467e1b51a8599f7854e5a", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|3a22ac02b2baf370d83ba17a8bec43c4e714d3f46e5467e1b51a8599f7854e5a", "aggregated_count": 1}}}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 105655, "scanner": "repobility-threat-engine", "fingerprint": "5e2430688a84d0eb88faa28820b0a104874d179ad166d6d5911126146696cc25", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5e2430688a84d0eb88faa28820b0a104874d179ad166d6d5911126146696cc25"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/infer_polars_dtype.R"}, "region": {"startLine": 147}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 105654, "scanner": "repobility-threat-engine", "fingerprint": "0afd127fd1241835388ce89f25fec24576fcf32ac4087e3b290cc4cbd033d473", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0afd127fd1241835388ce89f25fec24576fcf32ac4087e3b290cc4cbd033d473"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/expr-s3-operators.R"}, "region": {"startLine": 127}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 105653, "scanner": "repobility-threat-engine", "fingerprint": "54e2d285e592f77da1d1ad25c02a498324a2d0c72bacb2483468786d25c47393", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|54e2d285e592f77da1d1ad25c02a498324a2d0c72bacb2483468786d25c47393"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_df.R"}, "region": {"startLine": 182}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 105644, "scanner": "repobility-threat-engine", "fingerprint": "2f2c41301c1dbf5a378e7fb88f09e64c16178cf76632d7c8f5254e7775e098f0", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|2f2c41301c1dbf5a378e7fb88f09e64c16178cf76632d7c8f5254e7775e098f0"}}}, {"ruleId": "MINED022", "level": "none", "message": {"text": "[MINED022] C Strcpy (and 35 more): Same pattern found in 35 additional files. Review if needed."}, "properties": {"repobilityId": 105640, "scanner": "repobility-threat-engine", "fingerprint": "c64ef4743ea7e500f703b40ebabd54c799dfc42e6c2fcbca18f98b8b11b232b1", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 35 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|c64ef4743ea7e500f703b40ebabd54c799dfc42e6c2fcbca18f98b8b11b232b1", "aggregated_count": 35}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 105636, "scanner": "repobility-threat-engine", "fingerprint": "2b70059552f04f0065a2fb6cfc2648c70b06fef5545cf30a6482bd13737e555c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2b70059552f04f0065a2fb6cfc2648c70b06fef5545cf30a6482bd13737e555c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/scripts/generate-lib-sums.mjs"}, "region": {"startLine": 29}}}]}, {"ruleId": "RUSTSEC-2025-0141", "level": "error", "message": {"text": "bincode: RUSTSEC-2025-0141"}, "properties": {"repobilityId": 105675, "scanner": "osv-scanner", "fingerprint": "9bcf200bc0eee6af9fd52aa4539f4ab4e7f6c2dac349c39291857fa52ccf950a", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "package": "bincode", "rule_id": "RUSTSEC-2025-0141", "scanner": "osv-scanner", "correlation_key": "fp|9bcf200bc0eee6af9fd52aa4539f4ab4e7f6c2dac349c39291857fa52ccf950a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/Cargo.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 105665, "scanner": "repobility-threat-engine", "fingerprint": "09278745fba0ab75194109d262465e2f4b013b39d22b28e9b0b880d91467251b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|09278745fba0ab75194109d262465e2f4b013b39d22b28e9b0b880d91467251b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/conversion/clock.rs"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 105664, "scanner": "repobility-threat-engine", "fingerprint": "33c17c4473613861d5b3b9bdd69d34b1810efee621dbd103d9de571b3b843436", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|33c17c4473613861d5b3b9bdd69d34b1810efee621dbd103d9de571b3b843436"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/conversion/chunked_array.rs"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 105663, "scanner": "repobility-threat-engine", "fingerprint": "3f615bf12d2e94643121162a95702af414b0044cf02a4d841c7ee4781f2fd1cc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3f615bf12d2e94643121162a95702af414b0044cf02a4d841c7ee4781f2fd1cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/rust/src/conversion/categorical.rs"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED029", "level": "error", "message": {"text": "[MINED029] Kotlin Null Bang: x!! throws NullPointerException if x is null. Bypasses Kotlins null safety."}, "properties": {"repobilityId": 105652, "scanner": "repobility-threat-engine", "fingerprint": "f49831c49276646dc6147a74c1b384b6bdb5735e690fe241e9746fbcf8c2dbd8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "kotlin-null-bang", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["kotlin"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347966+00:00", "triaged_in_corpus": 15, "observations_count": 7344, "ai_coder_pattern_id": 155}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f49831c49276646dc6147a74c1b384b6bdb5735e690fe241e9746fbcf8c2dbd8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_df.R"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 105633, "scanner": "repobility-supply-chain", "fingerprint": "7399887ae9cb09f812cec75556cb6531fc3cbd271958934656c7c11cb0f56408", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7399887ae9cb09f812cec75556cb6531fc3cbd271958934656c7c11cb0f56408"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 222}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-r-dependencies` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105632, "scanner": "repobility-supply-chain", "fingerprint": "8af495e945434ae0be1c7f3a2cdbe2318c7df9de752e4dac7ac199965caff75e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8af495e945434ae0be1c7f3a2cdbe2318c7df9de752e4dac7ac199965caff75e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 193}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-r` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105631, "scanner": "repobility-supply-chain", "fingerprint": "297b48e268733ca23801cd6dca13e7798525980a6a1714439195478daefb5ba0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|297b48e268733ca23801cd6dca13e7798525980a6a1714439195478daefb5ba0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 187}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-pandoc` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105630, "scanner": "repobility-supply-chain", "fingerprint": "4839447d8e14a931233ecdf9e2b7c8696cdd033206b1e8a22bafad1191b17da9", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4839447d8e14a931233ecdf9e2b7c8696cdd033206b1e8a22bafad1191b17da9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 185}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/download-artifact` pinned to mutable ref `@v8`"}, "properties": {"repobilityId": 105629, "scanner": "repobility-supply-chain", "fingerprint": "4b271e4b6f932187f649e7c7d17ddc04923870892933c3469fabb61657368671", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4b271e4b6f932187f649e7c7d17ddc04923870892933c3469fabb61657368671"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 173}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `rui314/setup-mold` pinned to mutable ref `@v1`"}, "properties": {"repobilityId": 105628, "scanner": "repobility-supply-chain", "fingerprint": "7acfabbde5911b2516656faaa3c43d1ed9e30b46395485fb5dda0dbd21ba1fd2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7acfabbde5911b2516656faaa3c43d1ed9e30b46395485fb5dda0dbd21ba1fd2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 156}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 105627, "scanner": "repobility-supply-chain", "fingerprint": "f41143e549d5e25660ee4c4235924cdddf4fa6f75b694ae2e4d0c7736e764c6e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f41143e549d5e25660ee4c4235924cdddf4fa6f75b694ae2e4d0c7736e764c6e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 155}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 105626, "scanner": "repobility-supply-chain", "fingerprint": "3308881bd08548dffc4b25145c26ffb2bff49449285545833c77f118c8aa6407", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3308881bd08548dffc4b25145c26ffb2bff49449285545833c77f118c8aa6407"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 119}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-r-dependencies` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105625, "scanner": "repobility-supply-chain", "fingerprint": "76b90cb6a84aa69c5867f0d46ef766bfc7c83c00533e247cfaaaeea59db6b6b8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|76b90cb6a84aa69c5867f0d46ef766bfc7c83c00533e247cfaaaeea59db6b6b8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 95}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-r` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105624, "scanner": "repobility-supply-chain", "fingerprint": "af39adc40d3ee2cc973e5d04657f93c46a538dcf989613b5e2659a38f040df89", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|af39adc40d3ee2cc973e5d04657f93c46a538dcf989613b5e2659a38f040df89"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `Swatinem/rust-cache` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105623, "scanner": "repobility-supply-chain", "fingerprint": "e466df9720c13b353dd4e455345856e501ea72e8ce85f1c90443c0169629d1bb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e466df9720c13b353dd4e455345856e501ea72e8ce85f1c90443c0169629d1bb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `rui314/setup-mold` pinned to mutable ref `@v1`"}, "properties": {"repobilityId": 105622, "scanner": "repobility-supply-chain", "fingerprint": "2ed8e44e9cc5be157b7d5eec4390ec6caf7d1e16acc3fe3ad3f1ea2c63441827", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2ed8e44e9cc5be157b7d5eec4390ec6caf7d1e16acc3fe3ad3f1ea2c63441827"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 105621, "scanner": "repobility-supply-chain", "fingerprint": "ebc00e9d3d6812c88b9f2e5e6190332b590a16c2e267a73b28b97df3ca40b859", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ebc00e9d3d6812c88b9f2e5e6190332b590a16c2e267a73b28b97df3ca40b859"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-lib.yml"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/deploy-pages` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 105620, "scanner": "repobility-supply-chain", "fingerprint": "d3cb22522f5b764fa5e2b475e71dc86540472b493182ccabf407e0e4b00f1792", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d3cb22522f5b764fa5e2b475e71dc86540472b493182ccabf407e0e4b00f1792"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 170}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-pages-artifact` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 105619, "scanner": "repobility-supply-chain", "fingerprint": "242424ba92c72d486140f67941a02051981f7992a72045335d4ee28869e20e52", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|242424ba92c72d486140f67941a02051981f7992a72045335d4ee28869e20e52"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 153}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `Swatinem/rust-cache` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105618, "scanner": "repobility-supply-chain", "fingerprint": "7d74d7e98e22652928f4fd416bbcf7199d889a61710dd2146f91afa0bfb2be82", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7d74d7e98e22652928f4fd416bbcf7199d889a61710dd2146f91afa0bfb2be82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `rui314/setup-mold` pinned to mutable ref `@v1`"}, "properties": {"repobilityId": 105617, "scanner": "repobility-supply-chain", "fingerprint": "61611b241a13431be334595faed98c42d676195ee1fc088eda9294637792905e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|61611b241a13431be334595faed98c42d676195ee1fc088eda9294637792905e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 115}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/configure-pages` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 105616, "scanner": "repobility-supply-chain", "fingerprint": "d4155ff8f65a54753af337247023124e6beab3583ca4e0d26ab0e0351e9f0386", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d4155ff8f65a54753af337247023124e6beab3583ca4e0d26ab0e0351e9f0386"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `arduino/setup-task` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105615, "scanner": "repobility-supply-chain", "fingerprint": "ca7d9dad32e935d9858313e861064a471a6c748980645fdcdbc25684ceb3f7b5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ca7d9dad32e935d9858313e861064a471a6c748980645fdcdbc25684ceb3f7b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 98}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-r-dependencies` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105614, "scanner": "repobility-supply-chain", "fingerprint": "fbccb8747bb8f59b4cb0d5a186e249893bfff35a0735d4e1c37347de7501c8d0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fbccb8747bb8f59b4cb0d5a186e249893bfff35a0735d4e1c37347de7501c8d0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `quarto-dev/quarto-actions/setup` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105613, "scanner": "repobility-supply-chain", "fingerprint": "9c0002812ab77d9c78f61b075001d4f063372d0ebbee6f0897b3815fd907a5cb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9c0002812ab77d9c78f61b075001d4f063372d0ebbee6f0897b3815fd907a5cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 105612, "scanner": "repobility-supply-chain", "fingerprint": "0b61ee874462585420f940bce9c3d68a6f431a89bca1c471985c1a5988a03ceb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0b61ee874462585420f940bce9c3d68a6f431a89bca1c471985c1a5988a03ceb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-r` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105611, "scanner": "repobility-supply-chain", "fingerprint": "bacdc1ab0ba2e286b567037611bec7c4cd102b8f5ceea62879b1336139ebb5c0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bacdc1ab0ba2e286b567037611bec7c4cd102b8f5ceea62879b1336139ebb5c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `r-lib/actions/setup-pandoc` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 105610, "scanner": "repobility-supply-chain", "fingerprint": "73562aed590bef53aa3e057bf248a1fb062aa43cb32f10813bd0a826f7d82260", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|73562aed590bef53aa3e057bf248a1fb062aa43cb32f10813bd0a826f7d82260"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 77}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 105609, "scanner": "repobility-supply-chain", "fingerprint": "a7a774fe720e862f9c4f12b3f171ab8cc33127da7d2deda3d528aae09222a78e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a7a774fe720e862f9c4f12b3f171ab8cc33127da7d2deda3d528aae09222a78e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-docs.yml"}, "region": {"startLine": 60}}}]}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 105608, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "MINED025", "level": "error", "message": {"text": "[MINED025] Php Eval: eval() executes arbitrary PHP. Code injection."}, "properties": {"repobilityId": 105651, "scanner": "repobility-threat-engine", "fingerprint": "6ca984cf7a1529849e2b2b310a71f4cf34d619ccabbcf3ed835c7b57fa4c67f2", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-eval", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347956+00:00", "triaged_in_corpus": 20, "observations_count": 35589, "ai_coder_pattern_id": 164}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6ca984cf7a1529849e2b2b310a71f4cf34d619ccabbcf3ed835c7b57fa4c67f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/autocompletion.R"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED025", "level": "error", "message": {"text": "[MINED025] Php Eval: eval() executes arbitrary PHP. Code injection."}, "properties": {"repobilityId": 105650, "scanner": "repobility-threat-engine", "fingerprint": "a30c1f4f3b3c0e795ee13167e7a027e369f1fc5c53065e58dd7f4b5ee2773e03", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-eval", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347956+00:00", "triaged_in_corpus": 20, "observations_count": 35589, "ai_coder_pattern_id": 164}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a30c1f4f3b3c0e795ee13167e7a027e369f1fc5c53065e58dd7f4b5ee2773e03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_df.R"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED024", "level": "error", "message": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "properties": {"repobilityId": 105649, "scanner": "repobility-threat-engine", "fingerprint": "91926e41c640c37139303fd15a4daefed35d6a2264242ce4e56fcebd20f1ea5f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-eval-usage", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347954+00:00", "triaged_in_corpus": 20, "observations_count": 35589, "ai_coder_pattern_id": 103}, "scanner": "repobility-threat-engine", "correlation_key": "fp|91926e41c640c37139303fd15a4daefed35d6a2264242ce4e56fcebd20f1ea5f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/autocompletion.R"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED024", "level": "error", "message": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "properties": {"repobilityId": 105648, "scanner": "repobility-threat-engine", "fingerprint": "9e976fabad0b33249b23cdbbadeee5edbdcb333b666703dca806d6795fac7ff5", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-eval-usage", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347954+00:00", "triaged_in_corpus": 20, "observations_count": 35589, "ai_coder_pattern_id": 103}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9e976fabad0b33249b23cdbbadeee5edbdcb333b666703dca806d6795fac7ff5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_df.R"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED015", "level": "error", "message": {"text": "[MINED015] Ruby Eval Call: eval() executes arbitrary code. Code injection."}, "properties": {"repobilityId": 105647, "scanner": "repobility-threat-engine", "fingerprint": "dea78d18ce0bb8bd791786544c4ed3d0efc88732e975f09e94b82ea623031ef4", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ruby-eval-call", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["ruby"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347933+00:00", "triaged_in_corpus": 20, "observations_count": 85733, "ai_coder_pattern_id": 161}, "scanner": "repobility-threat-engine", "correlation_key": "fp|dea78d18ce0bb8bd791786544c4ed3d0efc88732e975f09e94b82ea623031ef4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/infer_polars_dtype.R"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED015", "level": "error", "message": {"text": "[MINED015] Ruby Eval Call: eval() executes arbitrary code. Code injection."}, "properties": {"repobilityId": 105646, "scanner": "repobility-threat-engine", "fingerprint": "463f3e4cc932e680e592d0ac16e33552203aec108d8193f3fd9bf1248bb73e9e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ruby-eval-call", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["ruby"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347933+00:00", "triaged_in_corpus": 20, "observations_count": 85733, "ai_coder_pattern_id": 161}, "scanner": "repobility-threat-engine", "correlation_key": "fp|463f3e4cc932e680e592d0ac16e33552203aec108d8193f3fd9bf1248bb73e9e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/autocompletion.R"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED015", "level": "error", "message": {"text": "[MINED015] Ruby Eval Call: eval() executes arbitrary code. Code injection."}, "properties": {"repobilityId": 105645, "scanner": "repobility-threat-engine", "fingerprint": "3fa52c5012b37ae0da00c5ca9ef49512a5b47fbb38bf5efa335fcc7e578565f1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ruby-eval-call", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["ruby"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347933+00:00", "triaged_in_corpus": 20, "observations_count": 85733, "ai_coder_pattern_id": 161}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3fa52c5012b37ae0da00c5ca9ef49512a5b47fbb38bf5efa335fcc7e578565f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_df.R"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 105639, "scanner": "repobility-threat-engine", "fingerprint": "623231518bb985ffed6a77bd901864e2320ccfce3614a636d48a88087cbd64db", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|623231518bb985ffed6a77bd901864e2320ccfce3614a636d48a88087cbd64db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_dtype_expr.R"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 105638, "scanner": "repobility-threat-engine", "fingerprint": "cf421ec407e3264f9624ef314e85ebd5886816a1867db833982a342daa547f20", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cf421ec407e3264f9624ef314e85ebd5886816a1867db833982a342daa547f20"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/as_polars_df.R"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 105637, "scanner": "repobility-threat-engine", "fingerprint": "1140a8e6f7b12f5cd36372c4ea4b4a88b0366c7e7b343b3ce2bb860dc1d78396", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|1140a8e6f7b12f5cd36372c4ea4b4a88b0366c7e7b343b3ce2bb860dc1d78396"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "R/000-utils-s7.R"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.PAT` on a `pull_request` trigger"}, "properties": {"repobilityId": 105634, "scanner": "repobility-supply-chain", "fingerprint": "3d909be5f3cc38326f00e4271e13a38fc87f8ce2f6e8d80e7790161fb8b18340", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3d909be5f3cc38326f00e4271e13a38fc87f8ce2f6e8d80e7790161fb8b18340"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/lint-mega-linter.yaml"}, "region": {"startLine": 63}}}]}]}]}