{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "QA001", "name": "[QA001] No Tests Found: No test files or test directories found.", "shortDescription": {"text": "[QA001] No Tests Found: No test files or test directories found."}, "fullDescription": {"text": "Add unit tests. Start with critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-threat-engine", "category": "testing", "severity": "medium", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "CFG006", "name": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.", "shortDescription": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "fullDescription": {"text": "Add a .gitignore appropriate for your language/framework."}, "properties": {"scanner": "repobility-threat-engine", "category": "practices", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "QA002", "name": "[QA002] No CI/CD Configuration: No CI/CD pipeline found. Note: some CI systems (Gitea Actions, Drone) may be configured ", "shortDescription": {"text": "[QA002] No CI/CD Configuration: No CI/CD pipeline found. Note: some CI systems (Gitea Actions, Drone) may be configured externally."}, "fullDescription": {"text": "Add GitHub Actions, GitLab CI, or similar."}, "properties": {"scanner": "repobility-threat-engine", "category": "practices", "severity": "low", "confidence": 0.6, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_LICENSE", "name": "No LICENSE file", "shortDescription": {"text": "No LICENSE file"}, "fullDescription": {"text": "Add a LICENSE file to your repository. Use choosealicense.com to pick the right license (MIT for permissive, Apache 2.0 for patent protection, GPL for copyleft)."}, "properties": {"scanner": "repobility-core", "category": "documentation", "severity": "low", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found in a documentation, catalog, or template-heavy repository", "shortDescription": {"text": "No test files found in a documentation, catalog, or template-heavy repository"}, "fullDescription": {"text": "If this repository ships runnable code, add focused tests for those examples or templates. If it is documentation/catalog content only, mark the finding as accepted or add a .repobilityignore note."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "info", "confidence": 0.35, "cwe": "", "owasp": ""}}, {"id": "QA003", "name": "[QA003] No LICENSE File: No license file found. Others cannot legally use or contribute to this code.", "shortDescription": {"text": "[QA003] No LICENSE File: No license file found. Others cannot legally use or contribute to this code."}, "fullDescription": {"text": "Add a LICENSE file. Use choosealicense.com to pick the right one."}, "properties": {"scanner": "repobility-threat-engine", "category": "documentation", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_CI", "name": "No CI/CD configuration found", "shortDescription": {"text": "No CI/CD configuration found"}, "fullDescription": {"text": "Add a CI/CD pipeline: create .github/workflows/ci.yml for GitHub Actions with steps to lint, test, and build on every push and pull request."}, "properties": {"scanner": "repobility-core", "category": "practices", "severity": "info", "confidence": 0.35, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/4"}, "properties": {"repository": "forrestchang/andrej-karpathy-skills", "repoUrl": "https://github.com/forrestchang/andrej-karpathy-skills", "branch": "main"}, "results": [{"ruleId": "QA001", "level": "warning", "message": {"text": "[QA001] No Tests Found: No test files or test directories found."}, "properties": {"repobilityId": 2054, "scanner": "repobility-threat-engine", "fingerprint": "0a6c649638a2dd6f8e8dae9bfb49f61b8c9a7baa39c17afd5d6bd2ef26cb0e1f", "category": "testing", "severity": "medium", "confidence": 0.8, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "No test files or standard test directories detected", "evidence": {"reason": "No test files or standard test directories detected", "rule_id": "QA001", "scanner": "repobility-threat-engine", "confidence": 0.8}}}, {"ruleId": "CFG006", "level": "warning", "message": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "properties": {"repobilityId": 2053, "scanner": "repobility-threat-engine", "fingerprint": "c65fc71ce58c37a0e07837c0fe294108b731c43ef16027a2f0971c757bbe9a16", "category": "practices", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "No .gitignore file found in repository root", "evidence": {"reason": "No .gitignore file found in repository root", "rule_id": "CFG006", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "repo|practices|cfg006"}}}, {"ruleId": "QA002", "level": "note", "message": {"text": "[QA002] No CI/CD Configuration: No CI/CD pipeline found. Note: some CI systems (Gitea Actions, Drone) may be configured externally."}, "properties": {"repobilityId": 2055, "scanner": "repobility-threat-engine", "fingerprint": "497633e2bdfdbfcdaf2e0680dabb32b556b79794c8dde75f107474bf4f2cd478", "category": "practices", "severity": "low", "confidence": 0.6, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "No standard CI config files found \u2014 CI may be configured externally", "evidence": {"reason": "No standard CI config files found \u2014 CI may be configured externally", "rule_id": "QA002", "scanner": "repobility-threat-engine", "confidence": 0.6}}}, {"ruleId": "CORE_NO_LICENSE", "level": "note", "message": {"text": "No LICENSE file"}, "properties": {"repobilityId": 2051, "scanner": "repobility-core", "fingerprint": "9314e9238cd99885865b92490d1aaa96ca62b1390c9377878d5f3d99227e1c3c", "category": "documentation", "severity": "low", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_LICENSE", "scanner": "repobility-core", "correlation_key": "repo|documentation|core_no_license"}}}, {"ruleId": "CORE_NO_TESTS", "level": "none", "message": {"text": "No test files found in a documentation, catalog, or template-heavy repository"}, "properties": {"repobilityId": 42212, "scanner": "repobility-core", "fingerprint": "69cfb3536a8ccff500ccafcd681fc8d4bc9f4eda6689da02ddec81654bd9fd15", "category": "testing", "severity": "info", "confidence": 0.35, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Repository shape is documentation, catalog, skill, or template-heavy rather than a conventional runnable application.", "evidence": {"reason": "Repository shape is documentation, catalog, skill, or template-heavy rather than a conventional runnable application.", "rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "confidence": 0.35, "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "QA003", "level": "none", "message": {"text": "[QA003] No LICENSE File: No license file found. Others cannot legally use or contribute to this code."}, "properties": {"repobilityId": 2056, "scanner": "repobility-threat-engine", "fingerprint": "fbc69eb9b9248061c8975ded26c0e352b264bf9434709268b35cf175bd99bebe", "category": "documentation", "severity": "info", "confidence": 1.0, "triageState": "fixed", "verdict": "confirmed", "isResolved": true, "reason": "No LICENSE file in repository root", "evidence": {"reason": "No LICENSE file in repository root", "rule_id": "QA003", "scanner": "repobility-threat-engine", "confidence": 1.0}}}, {"ruleId": "CORE_NO_CI", "level": "none", "message": {"text": "No CI/CD configuration found"}, "properties": {"repobilityId": 2052, "scanner": "repobility-core", "fingerprint": "ca5da3551af97272c4f099fc472740148135a15816b81b90bd862e8f91ec66ce", "category": "practices", "severity": "info", "confidence": 0.35, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Repository shape is documentation, catalog, skill, or template-heavy.", "evidence": {"reason": "Repository shape is documentation, catalog, skill, or template-heavy.", "rule_id": "CORE_NO_CI", "scanner": "repobility-core", "confidence": 0.35, "correlation_key": "repo|practices|core_no_ci"}}}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 2050, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}]}]}