{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CFG006", "name": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.", "shortDescription": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "fullDescription": {"text": "Add a .gitignore appropriate for your language/framework."}, "properties": {"scanner": "repobility-threat-engine", "category": "practices", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC015", "name": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.", "shortDescription": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "fullDescription": {"text": "Use secrets module (Python) or crypto.getRandomValues() (JS) for security-sensitive randomness."}, "properties": {"scanner": "repobility-threat-engine", "category": "crypto", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC136", "name": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns ", "shortDescription": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, retur"}, "fullDescription": {"text": "Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AIC005", "name": "Duplicate top-level symbol appears in a patch-style file", "shortDescription": {"text": "Duplicate top-level symbol appears in a patch-style file"}, "fullDescription": {"text": "Keep one authoritative implementation, update imports to point at it, and remove or rename the duplicate symbol."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.64, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Rename it to the domain concept it implements or merge it into the existing module it was meant to change."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `process_frames` has cognitive complexity 9 (SonarSource scale). Cognitive", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `process_frames` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 9."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `astral-sh/ruff-action` pinned to mutable ref `@v4.0.0`: `uses: astral-sh/ruff-action@v4.0.0` resolves", "shortDescription": {"text": "[MINED115] Action `astral-sh/ruff-action` pinned to mutable ref `@v4.0.0`: `uses: astral-sh/ruff-action@v4.0.0` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files co"}, "fullDescription": {"text": "Replace with: `uses: astral-sh/ruff-action@<40-char-sha>  # v4.0.0` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.btn_swap` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `s", "shortDescription": {"text": "[MINED108] `self.btn_swap` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_swap`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the "}, "fullDescription": {"text": "Initialize `self.btn_swap = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, ra"}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `io` used but not imported: The file uses `io.something(...)` but never imports `io`. This ra", "shortDescription": {"text": "[MINED107] Missing import: `io` used but not imported: The file uses `io.something(...)` but never imports `io`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import io` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/778"}, "properties": {"repository": "hacksider/Deep-Live-Cam", "repoUrl": "https://github.com/hacksider/Deep-Live-Cam", "branch": "main"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65550, "scanner": "repobility-ast-engine", "fingerprint": "b94832eb31aedcee8303b7b9a7d125059870fe5270ebecd695c37f3244ff9748", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b94832eb31aedcee8303b7b9a7d125059870fe5270ebecd695c37f3244ff9748"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_swapper.py"}, "region": {"startLine": 1032}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65549, "scanner": "repobility-ast-engine", "fingerprint": "3ea342162e8a85e61e73cdd029c57a3903782d4afeaa838eb3d35e243181c1de", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3ea342162e8a85e61e73cdd029c57a3903782d4afeaa838eb3d35e243181c1de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_swapper.py"}, "region": {"startLine": 561}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65548, "scanner": "repobility-ast-engine", "fingerprint": "a66c111b9770bc9aed12e8b1f6249c033223efe23761ded3f79a9e1d4f4b5fd4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a66c111b9770bc9aed12e8b1f6249c033223efe23761ded3f79a9e1d4f4b5fd4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_swapper.py"}, "region": {"startLine": 423}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65547, "scanner": "repobility-ast-engine", "fingerprint": "b55fbc6e0687b962e4f28ab2fb1eee4cf3bd51db3beaab5f6d7b69497850716c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b55fbc6e0687b962e4f28ab2fb1eee4cf3bd51db3beaab5f6d7b69497850716c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_swapper.py"}, "region": {"startLine": 172}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65545, "scanner": "repobility-ast-engine", "fingerprint": "81bd0df225eff139c4bc3959891ef069c407e9fce02135e2d27d4906ebc165d6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|81bd0df225eff139c4bc3959891ef069c407e9fce02135e2d27d4906ebc165d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen256.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65544, "scanner": "repobility-ast-engine", "fingerprint": "e66130ea422a94ed9deaa4892c5e2b26733c4cdcda8fe745de476ed55ccf8b82", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e66130ea422a94ed9deaa4892c5e2b26733c4cdcda8fe745de476ed55ccf8b82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen256.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65543, "scanner": "repobility-ast-engine", "fingerprint": "9d506c920b3a980baf4fbd636d3838a7091417587f93f1bb2101b0361c12aa85", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9d506c920b3a980baf4fbd636d3838a7091417587f93f1bb2101b0361c12aa85"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer.py"}, "region": {"startLine": 368}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65542, "scanner": "repobility-ast-engine", "fingerprint": "12a97b1c78f6773e2bb7f246144583c38f5aaf7f59aa44ec29733584eaec74f4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|12a97b1c78f6773e2bb7f246144583c38f5aaf7f59aa44ec29733584eaec74f4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/_onnx_enhancer.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65541, "scanner": "repobility-ast-engine", "fingerprint": "c39b24f1019778a0973cfd66b62d1ed985c22fddabc980f7b45f0f10c323e6ce", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c39b24f1019778a0973cfd66b62d1ed985c22fddabc980f7b45f0f10c323e6ce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/_onnx_enhancer.py"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65540, "scanner": "repobility-ast-engine", "fingerprint": "667e18f02cf085797c7217bd85ff2feeee46055f325ededc1394194a1a98e597", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|667e18f02cf085797c7217bd85ff2feeee46055f325ededc1394194a1a98e597"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_masking.py"}, "region": {"startLine": 543}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65539, "scanner": "repobility-ast-engine", "fingerprint": "2f5f2a959330661439c1c21fa3a28072233fb180696952d445a2b9e3140e48da", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2f5f2a959330661439c1c21fa3a28072233fb180696952d445a2b9e3140e48da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_masking.py"}, "region": {"startLine": 411}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65538, "scanner": "repobility-ast-engine", "fingerprint": "630877c1ab6fac2f264e3933ab00432ec5021c31fa4f9f4aed2cd8ba4d967d48", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|630877c1ab6fac2f264e3933ab00432ec5021c31fa4f9f4aed2cd8ba4d967d48"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen512.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65537, "scanner": "repobility-ast-engine", "fingerprint": "ffb160ad63b552a34a636f12a2efe1365d07c01d178715ba0212e414367dbc3b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ffb160ad63b552a34a636f12a2efe1365d07c01d178715ba0212e414367dbc3b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen512.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65536, "scanner": "repobility-ast-engine", "fingerprint": "f0fd0e05209dffd8bff9284d3660d6ef7bcbe5b5cb033ce42e8ef265eba62a4c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f0fd0e05209dffd8bff9284d3660d6ef7bcbe5b5cb033ce42e8ef265eba62a4c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 794}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65535, "scanner": "repobility-ast-engine", "fingerprint": "4c0783b6ea3d120a6d178a40cc2b13b29d225d35a54362c0224d2c4ae22f25ca", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4c0783b6ea3d120a6d178a40cc2b13b29d225d35a54362c0224d2c4ae22f25ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 408}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65513, "scanner": "repobility-ast-engine", "fingerprint": "85eb89ce7ae62808a141114112e62903bc5ef32dc3a6503b3687815fc1180161", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|85eb89ce7ae62808a141114112e62903bc5ef32dc3a6503b3687815fc1180161"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/utilities.py"}, "region": {"startLine": 347}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65512, "scanner": "repobility-ast-engine", "fingerprint": "6b4c198ee06db8880f09c499c627ed516359f4400c5468d27fc45bf6a5a82c6e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6b4c198ee06db8880f09c499c627ed516359f4400c5468d27fc45bf6a5a82c6e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/utilities.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65511, "scanner": "repobility-ast-engine", "fingerprint": "006b8228940673da7c9873ec420474e900126c22400754c61c27efc9278ecb44", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|006b8228940673da7c9873ec420474e900126c22400754c61c27efc9278ecb44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/face_analyser.py"}, "region": {"startLine": 215}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65507, "scanner": "repobility-ast-engine", "fingerprint": "d70288796362b2f5cd3b866fe2300b29598437cf24086e1a1f4113c710dc10d6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d70288796362b2f5cd3b866fe2300b29598437cf24086e1a1f4113c710dc10d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/core.py"}, "region": {"startLine": 220}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65506, "scanner": "repobility-ast-engine", "fingerprint": "7239d9a6f1cd7ed065fa175feb79b5528046aaf70227163664851ae3796e251a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7239d9a6f1cd7ed065fa175feb79b5528046aaf70227163664851ae3796e251a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/platform_info.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65505, "scanner": "repobility-ast-engine", "fingerprint": "fd425b2d7b449ccfe64b4eb66da9510a92cf53f32b3d9beb2162b06f9df3697e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fd425b2d7b449ccfe64b4eb66da9510a92cf53f32b3d9beb2162b06f9df3697e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/platform_info.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65504, "scanner": "repobility-ast-engine", "fingerprint": "ecc069faaf234f54b5374de1332bae47529a0724f45b10b886f869a3274d0aad", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ecc069faaf234f54b5374de1332bae47529a0724f45b10b886f869a3274d0aad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/onnx_optimize.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65503, "scanner": "repobility-ast-engine", "fingerprint": "4bb63bb55011650fb82db057696bdd7bb08ad72330f94f1f329424fa06a6414a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4bb63bb55011650fb82db057696bdd7bb08ad72330f94f1f329424fa06a6414a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/video_capture.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65502, "scanner": "repobility-ast-engine", "fingerprint": "aaa6b621e7f3396e263dce7781fcdb2a538eda07006cb9c14c050daf945e3a8c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aaa6b621e7f3396e263dce7781fcdb2a538eda07006cb9c14c050daf945e3a8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/video_capture.py"}, "region": {"startLine": 154}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 65501, "scanner": "repobility-ast-engine", "fingerprint": "89c08a6939e1f514783901dc6cda3e2d3bc9aa7f6ea6202bbf1f647f47384023", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|89c08a6939e1f514783901dc6cda3e2d3bc9aa7f6ea6202bbf1f647f47384023"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/video_capture.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "CFG006", "level": "warning", "message": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "properties": {"repobilityId": 65494, "scanner": "repobility-threat-engine", "fingerprint": "c65fc71ce58c37a0e07837c0fe294108b731c43ef16027a2f0971c757bbe9a16", "category": "practices", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "No .gitignore file found in repository root", "evidence": {"reason": "No .gitignore file found in repository root", "rule_id": "CFG006", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "repo|practices|cfg006"}}}, {"ruleId": "SEC015", "level": "warning", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 65488, "scanner": "repobility-threat-engine", "fingerprint": "c5300b1c554aa6f2de2d05fd152710121e2d66934f0f4a8b66378df9360c8afa", "category": "crypto", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "evidence": {"match": "def create_onnx_session", "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|crypto|token|93|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/_onnx_enhancer.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 65487, "scanner": "repobility-threat-engine", "fingerprint": "4fedcb02f7338815d5ae4c4750301b22885b67ae4aafb6f8402445d60dc0444e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "try:\n        import torch  # noqa: WPS433 \u2014 local import, avoid hard dep at module load\n        retu", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|4fedcb02f7338815d5ae4c4750301b22885b67ae4aafb6f8402445d60dc0444e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/platform_info.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 65486, "scanner": "repobility-threat-engine", "fingerprint": "489fd309063ba8f9ffdcb8a5372b6bc2540d7d6e9ddd1b96c0bfc64b7acc984c", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|489fd309063ba8f9ffdcb8a5372b6bc2540d7d6e9ddd1b96c0bfc64b7acc984c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gpu_processing.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "AIC005", "level": "note", "message": {"text": "Duplicate top-level symbol appears in a patch-style file"}, "properties": {"repobilityId": 65499, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6d35e552edfd889356238ab88159e9640f3f5cd2d0c3e393ed83d599edf84a84", "category": "quality", "severity": "low", "confidence": 0.64, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Patch-style file defines a top-level symbol also defined in another source file.", "evidence": {"symbol": "apply_patch", "rule_id": "AIC005", "scanner": "repobility-ai-code-hygiene", "references": ["https://github.com/jendrikseipp/vulture", "https://knip.dev/"], "duplicate_file": "tkinter_fix.py", "correlation_key": "fp|6d35e552edfd889356238ab88159e9640f3f5cd2d0c3e393ed83d599edf84a84"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/tkinter_fix.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 65498, "scanner": "repobility-ai-code-hygiene", "fingerprint": "70278aef257edcba514e5e6002e159fee1e72d60d095e7f8402a6438f0a2d68e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "modules/processors/frame/face_enhancer_gpen256.py", "duplicate_line": 8, "correlation_key": "fp|70278aef257edcba514e5e6002e159fee1e72d60d095e7f8402a6438f0a2d68e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen512.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 65497, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7bf622308835bfee6a00a4e8815bb4bc8f229d3513650a1a19a8a7ba80ee77c8", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "modules/tkinter_fix.py", "duplicate_line": 1, "correlation_key": "fp|7bf622308835bfee6a00a4e8815bb4bc8f229d3513650a1a19a8a7ba80ee77c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tkinter_fix.py"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 65496, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8974aae05e2b4f578ea6cb389398a125178184c92f706feada63785f69e92894", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "fix", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|8974aae05e2b4f578ea6cb389398a125178184c92f706feada63785f69e92894"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/tkinter_fix.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 65495, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6b6d0dd0d1d94219482778ed8e99a126f1ba5cfe902fd56f0101ac255826de69", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "fix", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|6b6d0dd0d1d94219482778ed8e99a126f1ba5cfe902fd56f0101ac255826de69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tkinter_fix.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `process_frames` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, for=1, if=3, nested_bonus=4."}, "properties": {"repobilityId": 65484, "scanner": "repobility-threat-engine", "fingerprint": "ebc240c89870a4ff212a8bdd6dc00b81c38b3db9392b3ff201305e3fe9d29284", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "process_frames", "breakdown": {"if": 3, "for": 1, "continue": 1, "nested_bonus": 4}, "complexity": 9, "correlation_key": "fp|ebc240c89870a4ff212a8bdd6dc00b81c38b3db9392b3ff201305e3fe9d29284"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen256.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `build_provider_config` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=2, else=1, for=1, if=2, nested_bonus=3."}, "properties": {"repobilityId": 65483, "scanner": "repobility-threat-engine", "fingerprint": "318b2c31d088f906c27dcf36aa1e0bdc6b91102dc63db1509b6e44d7cc1f9e3b", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "build_provider_config", "breakdown": {"if": 2, "for": 1, "elif": 2, "else": 1, "nested_bonus": 3}, "complexity": 9, "correlation_key": "fp|318b2c31d088f906c27dcf36aa1e0bdc6b91102dc63db1509b6e44d7cc1f9e3b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/_onnx_enhancer.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `capture_thread` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: break=1, except=3, if=1, nested_bonus=6, while=1."}, "properties": {"repobilityId": 65482, "scanner": "repobility-threat-engine", "fingerprint": "3a7bdbe9fe6aaac31105ec08d4b4a64552e81bb466a8a408effdb2fb00f2e74f", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 12 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "capture_thread", "breakdown": {"if": 1, "break": 1, "while": 1, "except": 3, "nested_bonus": 6}, "complexity": 12, "correlation_key": "fp|3a7bdbe9fe6aaac31105ec08d4b4a64552e81bb466a8a408effdb2fb00f2e74f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark_pipeline.py"}, "region": {"startLine": 75}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 65493, "scanner": "repobility-threat-engine", "fingerprint": "167caf867501b3eeac106a7bd40447d1c391b7380eb281097218b787a4c162ed", "category": "injection", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern '\\.eval\\(' detected on same line", "evidence": {"match": ".eval(", "reason": "Safe pattern '\\.eval\\(' detected on same line", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|injection|tkinter_fix.py|16|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tkinter_fix.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 65492, "scanner": "repobility-threat-engine", "fingerprint": "f2c1b358aee937582b309e71b769576af6e86c665904af5dee2066a294e7ed7c", "category": "injection", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern '\\.eval\\(' detected on same line", "evidence": {"match": ".eval(", "reason": "Safe pattern '\\.eval\\(' detected on same line", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|injection|modules/tkinter_fix.py|13|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/tkinter_fix.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 65485, "scanner": "repobility-threat-engine", "fingerprint": "374b2f9ca97c941ea8799534a3f6a7246c4a413e5ec69c34d7f4988e5034f739", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "capture_thread", "breakdown": {"if": 1, "break": 1, "while": 1, "except": 3, "nested_bonus": 6}, "aggregated": true, "complexity": 12, "correlation_key": "fp|374b2f9ca97c941ea8799534a3f6a7246c4a413e5ec69c34d7f4988e5034f739", "aggregated_count": 2}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 65481, "scanner": "repobility-threat-engine", "fingerprint": "86ba1835d70968651e1fbb2569a4d94211de579a814cf34a5d1e1e2eafe3f130", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|86ba1835d70968651e1fbb2569a4d94211de579a814cf34a5d1e1e2eafe3f130", "aggregated_count": 1}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 65480, "scanner": "repobility-threat-engine", "fingerprint": "c4635ad245042c685931b9bfb7ead3d8a5d92eb7bbba5c6b1767f27384048612", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c4635ad245042c685931b9bfb7ead3d8a5d92eb7bbba5c6b1767f27384048612"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/_onnx_enhancer.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 65479, "scanner": "repobility-threat-engine", "fingerprint": "ba050685b26a4c5ad7830e187994c064d847ba6e8fdc7adcb45a0a25cdfe87d2", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ba050685b26a4c5ad7830e187994c064d847ba6e8fdc7adcb45a0a25cdfe87d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gpu_processing.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 65478, "scanner": "repobility-threat-engine", "fingerprint": "62a134cc564510ec2c0258ca8a051a58cabedabb2cbcfa2dbc100f04a9788330", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|62a134cc564510ec2c0258ca8a051a58cabedabb2cbcfa2dbc100f04a9788330"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark_pipeline.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `astral-sh/ruff-action` pinned to mutable ref `@v4.0.0`: `uses: astral-sh/ruff-action@v4.0.0` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 65552, "scanner": "repobility-supply-chain", "fingerprint": "3f761e807c2d525c5d9a730ff6b84b999e370fffff7b1a8c1f42988aba8c1379", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3f761e807c2d525c5d9a730ff6b84b999e370fffff7b1a8c1f42988aba8c1379"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ruff.yml"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 65551, "scanner": "repobility-supply-chain", "fingerprint": "daa332da480ba3b31cf899a6e45d06269b1ee1fae5367e9edda6edf140da6d59", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|daa332da480ba3b31cf899a6e45d06269b1ee1fae5367e9edda6edf140da6d59"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ruff.yml"}, "region": {"startLine": 12}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_swap` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_swap`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65534, "scanner": "repobility-ast-engine", "fingerprint": "2c684beb498f5bb562ed9dfec73ab5f785b2b15e15edd78f2534e0c93e819483", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2c684beb498f5bb562ed9dfec73ab5f785b2b15e15edd78f2534e0c93e819483"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 541}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_random_face` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_random_face`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65533, "scanner": "repobility-ast-engine", "fingerprint": "2b450eb148c37acf1cec7a397c06c0571a7329570601feb8a6e294473ea8e57d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2b450eb148c37acf1cec7a397c06c0571a7329570601feb8a6e294473ea8e57d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 529}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_random_face` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_random_face`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65532, "scanner": "repobility-ast-engine", "fingerprint": "8287a677fcf73913c1316bc66c2fe549323d13da2cba5b0cd3c30570d5392a99", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8287a677fcf73913c1316bc66c2fe549323d13da2cba5b0cd3c30570d5392a99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 528}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_random_face` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_random_face`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65531, "scanner": "repobility-ast-engine", "fingerprint": "82d059399faf3efb1ad79335b62cf34f74339ef49cfea6fe655e18ed82619356", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|82d059399faf3efb1ad79335b62cf34f74339ef49cfea6fe655e18ed82619356"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 527}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_select_source` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_select_source`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65530, "scanner": "repobility-ast-engine", "fingerprint": "e1a16f60e8065ab94c997d471fded1d823b88f4a7b793baff669c37b49c90a14", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e1a16f60e8065ab94c997d471fded1d823b88f4a7b793baff669c37b49c90a14"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 522}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_select_target` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_select_target`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65529, "scanner": "repobility-ast-engine", "fingerprint": "fd752a37b8d7d2c823a6ebea648c4c2edeb058f58c09c1d56bf70be6e3a54a98", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fd752a37b8d7d2c823a6ebea648c4c2edeb058f58c09c1d56bf70be6e3a54a98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 557}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._on_select_target` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self._on_select_target`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65528, "scanner": "repobility-ast-engine", "fingerprint": "9691cef300c663935e92f8295d00a44d2085f523b06bda5eedca8a02f02a8d4f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9691cef300c663935e92f8295d00a44d2085f523b06bda5eedca8a02f02a8d4f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 556}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.target_label` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.target_label`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65527, "scanner": "repobility-ast-engine", "fingerprint": "ffbe8f5ef1cd91adb3f844a62bf93f8427e38476740b9900feede688057faea0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ffbe8f5ef1cd91adb3f844a62bf93f8427e38476740b9900feede688057faea0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 551}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_swap` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_swap`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65526, "scanner": "repobility-ast-engine", "fingerprint": "0d0d01e955f25be22b0bba798cba21734616d3d488dea63a5f9d1b48477104b4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0d0d01e955f25be22b0bba798cba21734616d3d488dea63a5f9d1b48477104b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 545}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._on_swap_paths` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self._on_swap_paths`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65525, "scanner": "repobility-ast-engine", "fingerprint": "ce22b97a237abb74495119ff9d94ed1a9cafb96f44f4a1da8b67ed7190accbc3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ce22b97a237abb74495119ff9d94ed1a9cafb96f44f4a1da8b67ed7190accbc3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 544}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_random_face` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_random_face`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65524, "scanner": "repobility-ast-engine", "fingerprint": "a9b98879637cdf4e6a9bb6d77d1881976d6d6816aab3a9ecc0617e42f2ded3a1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a9b98879637cdf4e6a9bb6d77d1881976d6d6816aab3a9ecc0617e42f2ded3a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 534}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_select_source` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_select_source`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65523, "scanner": "repobility-ast-engine", "fingerprint": "2f407af74f5d57e24c1360bbc525dbf08d96dd7717afdb15e5cf5ba045bcf685", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2f407af74f5d57e24c1360bbc525dbf08d96dd7717afdb15e5cf5ba045bcf685"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 533}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._on_random_face` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self._on_random_face`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65522, "scanner": "repobility-ast-engine", "fingerprint": "b83138c2c3a7145950efa3abd297202c787a7aadcc09f46cc8b853d8595357cd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b83138c2c3a7145950efa3abd297202c787a7aadcc09f46cc8b853d8595357cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 532}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._on_select_source` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self._on_select_source`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65521, "scanner": "repobility-ast-engine", "fingerprint": "39576454a4b88acaa7f6a9865923e1de3c4c274f6b8dd8550efeb117f0aa2d60", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|39576454a4b88acaa7f6a9865923e1de3c4c274f6b8dd8550efeb117f0aa2d60"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 525}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.source_label` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.source_label`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65520, "scanner": "repobility-ast-engine", "fingerprint": "80587eb182072c2559ba54fed3dd0ba0b37316c9fcf0bb1dcd36e5e7aee79b1a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|80587eb182072c2559ba54fed3dd0ba0b37316c9fcf0bb1dcd36e5e7aee79b1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 519}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_select_target` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_select_target`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65519, "scanner": "repobility-ast-engine", "fingerprint": "b7cd4c1cba7acd7f2c31877f7d1514168225edf39451062503fc55a70cf19da6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b7cd4c1cba7acd7f2c31877f7d1514168225edf39451062503fc55a70cf19da6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 552}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.target_label` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.target_label`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65518, "scanner": "repobility-ast-engine", "fingerprint": "cf6c69b7505930a35f2d7c69f0e446a960b0d93783d288966c5a522256951163", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf6c69b7505930a35f2d7c69f0e446a960b0d93783d288966c5a522256951163"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 550}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_swap` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_swap`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65517, "scanner": "repobility-ast-engine", "fingerprint": "47e24e849a29b4c762096b6e26ac1f1b7d2ed168521e1de468bcc651683491b0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|47e24e849a29b4c762096b6e26ac1f1b7d2ed168521e1de468bcc651683491b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 540}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_random_face` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_random_face`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65516, "scanner": "repobility-ast-engine", "fingerprint": "d2c6158adeea39e33152d719cb01bb16ab66328593cf5a326478550a0d72f9be", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2c6158adeea39e33152d719cb01bb16ab66328593cf5a326478550a0d72f9be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 526}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.btn_select_source` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.btn_select_source`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65515, "scanner": "repobility-ast-engine", "fingerprint": "e53df361d8d2bd1e81247680fb0c1e93f4b7ac3eb0508ff05403aca596aeba56", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e53df361d8d2bd1e81247680fb0c1e93f4b7ac3eb0508ff05403aca596aeba56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 521}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.source_label` used but never assigned in __init__: Method `_build_image_row` of class `MainWindow` reads `self.source_label`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65514, "scanner": "repobility-ast-engine", "fingerprint": "ad03e47018cf1c184ce69ecfb64933c704130d686827cf0232de9112b949cd32", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ad03e47018cf1c184ce69ecfb64933c704130d686827cf0232de9112b949cd32"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui.py"}, "region": {"startLine": 518}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cancel` used but never assigned in __init__: Method `_hide` of class `ToolTip` reads `self._cancel`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65510, "scanner": "repobility-ast-engine", "fingerprint": "6a5838e032241a484f4dc5c87a6b3e2eca9ea19e01734de339a4229400a38db9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6a5838e032241a484f4dc5c87a6b3e2eca9ea19e01734de339a4229400a38db9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui_tooltip.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._show` used but never assigned in __init__: Method `_schedule_show` of class `ToolTip` reads `self._show`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65509, "scanner": "repobility-ast-engine", "fingerprint": "41f2b839553f8c4d7c5f06d5c6e78b4f52152df3e8e81f3066d0767b55a816e2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|41f2b839553f8c4d7c5f06d5c6e78b4f52152df3e8e81f3066d0767b55a816e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui_tooltip.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cancel` used but never assigned in __init__: Method `_schedule_show` of class `ToolTip` reads `self._cancel`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65508, "scanner": "repobility-ast-engine", "fingerprint": "f15eae13827931fcb598bbc862047a1e33ab01802ec2cab7ce282bf7cb1b95d0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f15eae13827931fcb598bbc862047a1e33ab01802ec2cab7ce282bf7cb1b95d0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui_tooltip.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._measure_fps` used but never assigned in __init__: Method `start` of class `VideoCapturer` reads `self._measure_fps`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 65500, "scanner": "repobility-ast-engine", "fingerprint": "f7ba15d442580d0c3435ac72875d3dc465dc99b4313e328d05f4b5a3782cbeec", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f7ba15d442580d0c3435ac72875d3dc465dc99b4313e328d05f4b5a3782cbeec"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/video_capture.py"}, "region": {"startLine": 98}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 65491, "scanner": "repobility-threat-engine", "fingerprint": "d6cd6a9466ca04d61b432da3c1fce7abeac815211e4255704f0a29e1549a3888", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self._tooltip_window.destroy()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d6cd6a9466ca04d61b432da3c1fce7abeac815211e4255704f0a29e1549a3888"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/ui_tooltip.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 65490, "scanner": "repobility-threat-engine", "fingerprint": "95abfc2204984f08feebccab8933362e392062ed6ea230911d369088751b18be", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "progress.update(1)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|95abfc2204984f08feebccab8933362e392062ed6ea230911d369088751b18be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen512.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 65489, "scanner": "repobility-threat-engine", "fingerprint": "e7c2a5e28d94d075c7f782f96baafec0d780de85add9a5179a9125c0d3ffb8db", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "progress.update(1)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e7c2a5e28d94d075c7f782f96baafec0d780de85add9a5179a9125c0d3ffb8db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_enhancer_gpen256.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 65477, "scanner": "repobility-threat-engine", "fingerprint": "160e075bb4831948c0f168e5e7401791e42db000fa8ad06fb565d5abb74763e7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|160e075bb4831948c0f168e5e7401791e42db000fa8ad06fb565d5abb74763e7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "run.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 65476, "scanner": "repobility-threat-engine", "fingerprint": "b4aba7c68a7a5d61ecd78696bb1621b1a66e9a2444fe6d0ca6b5264adec250e3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b4aba7c68a7a5d61ecd78696bb1621b1a66e9a2444fe6d0ca6b5264adec250e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/gpu_processing.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 65475, "scanner": "repobility-threat-engine", "fingerprint": "51d4cd9802cda8f3a50b3f51a476fe2f8cc8fd21ff91f664c335c009fbb0c7d7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|51d4cd9802cda8f3a50b3f51a476fe2f8cc8fd21ff91f664c335c009fbb0c7d7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "benchmark_pipeline.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `io` used but not imported: The file uses `io.something(...)` but never imports `io`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 65546, "scanner": "repobility-ast-engine", "fingerprint": "f9b5a57112d1ac6a3407797ee3539306be28db175daf7cf40d975900d4d45a3f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9b5a57112d1ac6a3407797ee3539306be28db175daf7cf40d975900d4d45a3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "modules/processors/frame/face_swapper.py"}, "region": {"startLine": 399}}}]}]}]}