Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo

pytorch/torchtitan

https://github.com/pytorch/torchtitan · scanned 2026-05-15 18:26 UTC (2 weeks, 6 days ago) · 10 languages

561 findings (401 legacy + 160 scanner) 81st percentile · Python · medium (20-100K LoC) Scanner says 90 (lower by 11)

File as issue Image v2 schema
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 2 weeks, 6 days ago · v1 · 398 findings from 1 source. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.

JSON
Combined
83.8
/100
Repobility
77
398 legacy
9-layer
90
88.9% cov · 0 gaps
Critical
92
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-14-v3
Component Sub-score Weight Contribution
structure_score 60.0 0.15 9.00
security_score 92.7 0.25 23.18
testing_score 85.0 0.20 17.00
documentation_score 86.0 0.15 12.90
practices_score 80.0 0.15 12.00
code_quality 50.0 0.10 5.00
Overall 1.00 79.1
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 92 High 109 Medium 194 Low 3 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Legacy 398 9-layer 0 Crowd 0 Layer: Software 179 Quality 202 Cicd 1 Security 16
Corpus Intelligence Cross-corpus context (cohort percentile, top patterns, fix plan) is shown only on repositories you own. Sign up and connect your repo to view it.
Scan summary Repository scanned at 90.4/100 with 88.9% coverage. It contains 3181 nodes across 0 cross-layer flows, written primarily in mixed languages. Engine surfaced 0 findings. Risk profile is low: 0 critical, 0 high, 0 medium. Recommended next step: open the software layer findings first — that's where the highest-impact wins live.

Showing 250 of 398 findings. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

critical Legacy software code_execution conf 0.85 Code execution — JS eval()
eval() executes arbitrary code. Code injection risk.
torchtitan/components/validate.py:293 code_executionlegacy js-eval-usage · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — JS eval()
eval() executes arbitrary code. Code injection risk.
torchtitan/components/validate.py:285 code_executionlegacy js-eval-usage · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — JS eval()
eval() executes arbitrary code. Code injection risk.
torchtitan/components/validate.py:279 code_executionlegacy js-eval-usage · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — JS eval()
eval() executes arbitrary code. Code injection risk.
torchtitan/components/validate.py:231 code_executionlegacy js-eval-usage · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — JS eval()
eval() executes arbitrary code. Code injection risk.
torchtitan/models/flux/model/hf_embedder.py:47 code_executionlegacy js-eval-usage · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — JS eval()
eval() executes arbitrary code. Code injection risk.
torchtitan/models/flux/validate.py:142 code_executionlegacy js-eval-usage · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/protocols/state_dict_adapter.py:95 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/rl/models/vllm_wrapper.py:430 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/rl/actors/trainer.py:184 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/ft/checkpoint.py:168 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/ft/checkpoint.py:165 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/ft/trainer.py:479 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/forge/example_train.py:343 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/graph_trainer/precompile.py:436 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/graph_trainer/precompile.py:181 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/graph_trainer/cudagraph.py:147 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/graph_trainer/storage.py:74 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/experiments/graph_trainer/storage.py:31 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/components/tokenizer.py:199 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/components/tokenizer.py:166 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/components/checkpoint.py:618 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/components/checkpoint.py:546 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/components/checkpoint.py:538 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/components/checkpoint.py:227 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/models/flux/model/state_dict_adapter.py:50 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/models/flux/inference/infer.py:38 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
torchtitan/trainer.py:809 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
scripts/checkpoint_conversion/convert_from_hf.py:36 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Lua loadstring
loadstring/load executes Lua code. Code injection.
scripts/checkpoint_conversion/convert_to_hf.py:43 code_executionlegacy lua-loadstring · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — PHP eval
eval() executes arbitrary PHP. Code injection.
torchtitan/components/validate.py:293 code_executionlegacy php-eval · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — PHP eval
eval() executes arbitrary PHP. Code injection.
torchtitan/components/validate.py:285 code_executionlegacy php-eval · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — PHP eval
eval() executes arbitrary PHP. Code injection.
torchtitan/components/validate.py:279 code_executionlegacy php-eval · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — PHP eval
eval() executes arbitrary PHP. Code injection.
torchtitan/components/validate.py:231 code_executionlegacy php-eval · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — PHP eval
eval() executes arbitrary PHP. Code injection.
torchtitan/models/flux/model/hf_embedder.py:47 code_executionlegacy php-eval · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — PHP eval
eval() executes arbitrary PHP. Code injection.
torchtitan/models/flux/validate.py:142 code_executionlegacy php-eval · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/components/validate.py:293 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/components/validate.py:285 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/components/validate.py:279 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/components/validate.py:231 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/components/validate.py:229 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/models/flux/model/hf_embedder.py:47 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/models/flux/validate.py:142 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy software code_execution conf 0.85 Code execution — Ruby eval
eval() executes arbitrary code. Code injection.
torchtitan/models/flux/validate.py:139 code_executionlegacy ruby-eval-call · CWE-95
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle.loads
pickle.loads() can execute arbitrary code via __reduce__.
torchtitan/experiments/graph_trainer/precompile.py:437 deserializationlegacy python-pickle-loads · CWE-502
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle.loads
pickle.loads() can execute arbitrary code via __reduce__.
torchtitan/experiments/graph_trainer/precompile.py:185 deserializationlegacy python-pickle-loads · CWE-502
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle.loads
pickle.loads() can execute arbitrary code via __reduce__.
torchtitan/experiments/graph_trainer/precompile.py:182 deserializationlegacy python-pickle-loads · CWE-502
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle.loads
pickle.loads() can execute arbitrary code via __reduce__.
torchtitan/components/dataloader.py:167 deserializationlegacy python-pickle-loads · CWE-502
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle/yaml/marshal
pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data — RCE.
torchtitan/experiments/graph_trainer/precompile.py:437 deserializationlegacy unsafe-deserialization-pickle · CWE-502 · A08:2021
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle/yaml/marshal
pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data — RCE.
torchtitan/experiments/graph_trainer/precompile.py:185 deserializationlegacy unsafe-deserialization-pickle · CWE-502 · A08:2021
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle/yaml/marshal
pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data — RCE.
torchtitan/experiments/graph_trainer/precompile.py:182 deserializationlegacy unsafe-deserialization-pickle · CWE-502 · A08:2021
critical Legacy security deserialization conf 0.85 Insecure deserialization — pickle/yaml/marshal
pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data — RCE.
torchtitan/components/dataloader.py:167 deserializationlegacy unsafe-deserialization-pickle · CWE-502 · A08:2021
high Legacy quality error_handling conf 0.85 Bare except: pass — silent failure
except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
torchtitan/experiments/rl/grpo.py:237 error_handlinglegacy bare-except-pass · CWE-755
high Legacy software command_injection conf 0.85 Command injection — Ruby system/exec call
system / backtick run shell. Command injection if any arg dynamic.
torchtitan/experiments/graph_trainer/custom_codegen.py:484 command_injectionlegacy ruby-system-call · CWE-78
high Legacy software command_injection conf 0.85 Command injection — Ruby system/exec call
system / backtick run shell. Command injection if any arg dynamic.
torchtitan/experiments/graph_trainer/custom_codegen.py:468 command_injectionlegacy ruby-system-call · CWE-78
high Legacy software command_injection conf 0.85 Command injection — Ruby system/exec call
system / backtick run shell. Command injection if any arg dynamic.
torchtitan/experiments/graph_trainer/custom_codegen.py:38 command_injectionlegacy ruby-system-call · CWE-78
high Legacy software command_injection conf 0.85 Command injection — subprocess shell=True
subprocess(..., shell=True) enables command injection.
scripts/loss_compare.py:124 command_injectionlegacy python-subprocess-shell-true · CWE-78
high Legacy software logging conf 0.85 Credential interpolated into log f-string
logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
torchtitan/config/manager.py:208 logginglegacy logging-credential-via-fstring · CWE-532 · A09:2021
high Legacy quality error_handling conf 0.85 except BaseException — catches SystemExit/KeyboardInterrupt
except BaseException: ... — prevents Ctrl+C and SystemExit from working.
torchtitan/experiments/graph_trainer/storage.py:69 error_handlinglegacy overcatch-baseexception · CWE-705
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:548 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:546 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:541 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:539 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:501 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:446 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:438 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/experiments/rl/grpo.py:436 null_safetylegacy scala-get-on-option · CWE-476
high Legacy software null_safety conf 0.85 Scala: .get on Option
Option.get throws NoSuchElementException on None. Use getOrElse / fold / match.
torchtitan/components/checkpoint.py:106 null_safetylegacy scala-get-on-option · CWE-476
medium Legacy security injection conf 0.50 [SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
Use subprocess with shell=False and a list of args. Never eval user input.
torchtitan/components/validate.py:289 injectionlegacy
medium Legacy security injection conf 0.50 [SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
Use subprocess with shell=False and a list of args. Never eval user input.
scripts/loss_compare.py:124 injectionlegacy
low Legacy security deserialization conf 1.00 [SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data.
torchtitan/experiments/graph_trainer/precompile.py:269 deserializationlegacy
low Legacy security deserialization conf 1.00 [SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data.
torchtitan/components/dataloader.py:167 deserializationlegacy
medium Legacy software race_condition conf 0.85 Concurrency — TOCTOU race via os.path.exists+open
if os.path.exists(p): open(p) — file can be replaced/deleted between check and use.
torchtitan/experiments/graph_trainer/custom_codegen.py:426 race_conditionlegacy toctou-os-path-exists · CWE-367
medium Legacy software race_condition conf 0.85 Concurrency — TOCTOU race via os.path.exists+open
if os.path.exists(p): open(p) — file can be replaced/deleted between check and use.
torchtitan/components/tokenizer.py:164 race_conditionlegacy toctou-os-path-exists · CWE-367
medium Legacy software race_condition conf 0.85 Concurrency — TOCTOU race via os.path.exists+open
if os.path.exists(p): open(p) — file can be replaced/deleted between check and use.
torchtitan/components/tokenizer.py:156 race_conditionlegacy toctou-os-path-exists · CWE-367
medium Legacy software race_condition conf 0.85 Concurrency — TOCTOU race via os.path.exists+open
if os.path.exists(p): open(p) — file can be replaced/deleted between check and use.
torchtitan/models/flux/model/state_dict_adapter.py:48 race_conditionlegacy toctou-os-path-exists · CWE-367
medium Legacy cicd docker conf 0.90 Docker build context has no .dockerignore
Without .dockerignore, build context can include source history, local env files, dependencies, and generated artifacts.
.dockerignore dockerlegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/models/llama3/parallelize.py:25 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/models/llama3/model.py:51 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/models/llama3/config_registry.py:29 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/models/gpt_oss/parallelize.py:28 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/models/gpt_oss/config_registry.py:24 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/models/flux/flux_datasets.py:101 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/experiments/transformers_modeling_backend/pipeline.py:10 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/experiments/transformers_modeling_backend/parallelize.py:29 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/experiments/graph_trainer/qwen3/parallelize.py:1 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/experiments/graph_trainer/llama3/parallelize.py:1 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
torchtitan/experiments/ft/trainer.py:282 qualitylegacy
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/protocols/model.py:74 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/protocols/model.py:65 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/protocols/state_dict_adapter.py:35 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/distributed/utils.py:309 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/quantization/__init__.py:47 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/metrics.py:111 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/metrics.py:108 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/tokenizer.py:40 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/tokenizer.py:36 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/tokenizer.py:32 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/dataloader.py:51 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/optimizer.py:417 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/optimizer.py:411 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/optimizer.py:407 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/optimizer.py:259 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/optimizer.py:255 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/validate.py:43 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/components/loss.py:55 test_qualitylegacy stub-only-function · CWE-1188
high Legacy software test_quality conf 0.85 Function is stub-only (pass/raise NotImplementedError)
Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
torchtitan/models/flux/model/model.py:56 test_qualitylegacy stub-only-function · CWE-1188
medium Legacy quality quality conf 0.85 input() call in production code
input() blocks for stdin. Inappropriate in services.
torchtitan/models/common/token_dispatcher.py:350 qualitylegacy python-input-call
high Legacy quality quality conf 0.85 Magic number used as default arg
Using hardcoded default values for complex configuration objects makes the code brittle and difficult to manage. Consider using a dedicated factory or builder pattern. Auto-promoted from proposal 444 on 2026-05-12. Synth confidence: 0.85. FP estimate: 0.00.
torchtitan/config/configs.py:188 qualitylegacy magic-number-default
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configs.py:344 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configs.py:306 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configs.py:295 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configs.py:231 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configs.py:82 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configs.py:25 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/function.py:32 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configurable.py:138 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configurable.py:134 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configurable.py:38 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configurable.py:34 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configurable.py:33 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/config/configurable.py:21 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/protocols/sharding.py:60 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/protocols/sharding.py:35 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/protocols/model.py:55 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/protocols/module.py:42 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/tools/profiler.py:100 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/tools/utils.py:192 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/tools/utils.py:177 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/models/attention.py:219 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/models/attention.py:32 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/models/vllm_wrapper.py:140 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/actors/generator.py:123 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/actors/generator.py:92 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/actors/generator.py:33 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/actors/trainer.py:63 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/grpo.py:161 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/grpo.py:60 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/sum_digits.py:26 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/types.py:86 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/types.py:68 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/types.py:51 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/types.py:35 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/rl/types.py:12 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/ft/config/job_config.py:14 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/ft/checkpoint.py:58 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/ft/optimizer.py:27 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/ft/trainer.py:32 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/ft/manager.py:37 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/autoparallel/configs.py:21 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/autoparallel/configs.py:13 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/forge/engine.py:35 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/graph_trainer/qwen3/model.py:17 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/graph_trainer/llama3/model.py:17 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/graph_trainer/deepseek_v3/model.py:17 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/graph_trainer/simple_fsdp.py:42 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/graph_trainer/trainer.py:53 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/graph_trainer/configs.py:18 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/transformers_modeling_backend/model.py:87 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/experiments/transformers_modeling_backend/configs.py:12 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/float8.py:211 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/float8.py:178 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/float8.py:60 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/float8.py:38 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/__init__.py:42 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/__init__.py:22 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/mx.py:157 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/mx.py:113 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/mx.py:49 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/quantization/mx.py:27 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/metrics.py:278 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/tokenizer.py:515 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/tokenizer.py:113 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/tokenizer.py:20 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/checkpoint.py:166 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/dataloader.py:71 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/dataloader.py:45 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/optimizer.py:358 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/optimizer.py:93 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/optimizer.py:38 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/validate.py:69 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/validate.py:31 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/loss.py:228 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/loss.py:94 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/loss.py:82 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/loss.py:50 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/components/lr_scheduler.py:50 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/hf_datasets/multimodal/mm_datasets.py:482 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/hf_datasets/text_datasets.py:552 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/hf_datasets/text_datasets.py:241 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/embedding.py:26 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/decoder.py:66 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/decoder.py:50 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/rmsnorm.py:24 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/token_dispatcher.py:542 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/token_dispatcher.py:525 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/token_dispatcher.py:471 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/token_dispatcher.py:161 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/token_dispatcher.py:48 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/token_dispatcher.py:29 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/token_dispatcher.py:21 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/moe.py:321 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/moe.py:152 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/moe.py:77 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/linear.py:24 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/rope.py:39 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:596 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:553 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:519 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:497 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:464 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:261 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:177 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/attention.py:75 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/common/feed_forward.py:41 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/deepseek_v3/model.py:183 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/deepseek_v3/model.py:143 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/deepseek_v3/model.py:36 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/model.py:30 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:355 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:299 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:192 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:169 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:134 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:117 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:99 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/model/layers.py:45 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/tokenizer.py:27 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/flux_datasets.py:358 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/trainer.py:33 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/validate.py:48 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/configs.py:53 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/configs.py:26 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/flux/configs.py:10 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/qwen3_vl/model.py:53 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/qwen3_vl/vision_encoder.py:465 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/gpt_oss/model.py:183 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/gpt_oss/model.py:130 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/gpt_oss/model.py:40 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/gpt_oss/moe.py:227 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/gpt_oss/moe.py:130 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/qwen3/model.py:82 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/qwen3/model.py:36 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/llama4/model.py:116 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/llama4/model.py:72 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/llama3/model.py:66 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/models/llama3/model.py:32 error_handlinglegacy php-error-suppress · CWE-755
medium Legacy quality error_handling conf 0.85 PHP @ error-suppress operator
@function() suppresses errors silently. Hides real issues.
torchtitan/trainer.py:53 error_handlinglegacy php-error-suppress · CWE-755
high Legacy software logging conf 0.85 PII printed to stdout/stderr
Logging password/token/email/ssn directly to stdout.
scripts/download_hf_assets.py:156 logginglegacy print-pii · CWE-532 · A09:2021
medium Legacy software ssrf conf 0.85 requests.* without timeout argument
requests.get/post/etc. without timeout= can hang forever.
torchtitan/hf_datasets/multimodal/utils/image.py:37 ssrflegacy python-requests-no-timeout · CWE-400
low Legacy quality quality conf 0.85 Cluster of TODOs in one file
Code path with a TODO/FIXME/HACK comment that gates correctness — left for later but never resolved.
torchtitan/experiments/graph_trainer/passes.py:197 qualitylegacy todo-bomb
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/9eb441b0-4d1c-45b8-9825-0c639f48bd8b/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/9eb441b0-4d1c-45b8-9825-0c639f48bd8b/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.