{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "SEC015", "name": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.", "shortDescription": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "fullDescription": {"text": "Use secrets module (Python) or crypto.getRandomValues() (JS) for security-sensitive randomness."}, "properties": {"scanner": "repobility-threat-engine", "category": "crypto", "severity": "info", "confidence": 0.25, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/386"}, "properties": {"repository": "reyamira/models", "repoUrl": "https://github.com/reyamira/models.git", "branch": "main"}, "results": [{"ruleId": "AIC003", "level": "warning", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 12574, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3f34824d9e0bd5f8a9fc7ac0479caf103dc21f7d3b8b470dee4c950c10734b7e", "category": "quality", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/tui/status/detail.rs", "duplicate_line": 3, "correlation_key": "fp|3f34824d9e0bd5f8a9fc7ac0479caf103dc21f7d3b8b470dee4c950c10734b7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/tui/status/overall.rs"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "warning", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 12573, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1c6c8b939a2f4932ee120d870a79eaefcd8a2b4e2a794337a904ded1f02fd143", "category": "quality", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/status/assessment.rs", "duplicate_line": 440, "correlation_key": "fp|1c6c8b939a2f4932ee120d870a79eaefcd8a2b4e2a794337a904ded1f02fd143"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/status/types.rs"}, "region": {"startLine": 699}}}]}, {"ruleId": "AIC003", "level": "warning", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 12572, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f6e4abcbb03a162eff4533b4a200c87df2789adc2324184f9c895479d57218f6", "category": "quality", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/status/assessment.rs", "duplicate_line": 501, "correlation_key": "fp|f6e4abcbb03a162eff4533b4a200c87df2789adc2324184f9c895479d57218f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/status/fetch.rs"}, "region": {"startLine": 306}}}]}, {"ruleId": "AIC003", "level": "warning", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 12571, "scanner": "repobility-ai-code-hygiene", "fingerprint": "cbf80fecd49af426cd3ccceddd19242033c500576de20f079dbaf6c89537a9a7", "category": "quality", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/status/adapters/onlineornot.rs", "duplicate_line": 113, "correlation_key": "fp|cbf80fecd49af426cd3ccceddd19242033c500576de20f079dbaf6c89537a9a7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/status/adapters/status_io.rs"}, "region": {"startLine": 259}}}]}, {"ruleId": "AIC003", "level": "warning", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 12570, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ea4f055968f4b07eda1592c06b1cd98379fd804cddad591d2eba88bda59aa864", "category": "quality", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/status/adapters/instatus.rs", "duplicate_line": 54, "correlation_key": "fp|ea4f055968f4b07eda1592c06b1cd98379fd804cddad591d2eba88bda59aa864"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/status/adapters/onlineornot.rs"}, "region": {"startLine": 49}}}]}, {"ruleId": "AIC003", "level": "warning", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 12569, "scanner": "repobility-ai-code-hygiene", "fingerprint": "80a639534aa0c5448605210687cff56c2cde499d9c240f46608524560cc8ee19", "category": "quality", "severity": "medium", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "src/agents/helpers.rs", "duplicate_line": 35, "correlation_key": "fp|80a639534aa0c5448605210687cff56c2cde499d9c240f46608524560cc8ee19"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "src/formatting.rs"}, "region": {"startLine": 138}}}]}, {"ruleId": "SEC015", "level": "none", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 12575, "scanner": "repobility-threat-engine", "fingerprint": "d93b00711db2389f76f44864917210ba71d1fa1c591253696528058ec3fb47eb", "category": "crypto", "severity": "info", "confidence": 0.25, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "evidence": {"match": "Math.random()", "reason": "Weak PRNG appears to be used for non-security behavior (UI, sampling, demos, shuffling, or backoff), not for secrets", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 0.25, "correlation_key": "code|crypto|token|60|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "website/src/utils/focus-trap.ts"}, "region": {"startLine": 60}}}]}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 12568, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}]}]}