{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "SEC001", "name": "[SEC001] Hardcoded Password: Hardcoded password found in source code.", "shortDescription": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "fullDescription": {"text": "Use environment variables or a secrets manager."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "GHSA-5239-wwwm-4pmq", "name": "pygments: GHSA-5239-wwwm-4pmq", "shortDescription": {"text": "pygments: GHSA-5239-wwwm-4pmq"}, "fullDescription": {"text": "Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "low", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `run` has cognitive complexity 11 (SonarSource scale). Cognitive complexit", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `run` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 11."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled ", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes e"}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED062", "name": "[MINED062] Python Dataclass No Fields (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED062] Python Dataclass No Fields (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, ra"}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/github-script` pinned to mutable ref `@v9`", "shortDescription": {"text": "Action `actions/github-script` pinned to mutable ref `@v9`"}, "fullDescription": {"text": "`uses: actions/github-script@v9` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "pre-commit hook `https://github.com/macisamuele/language-formatters-pre-commit-hooks` pinned to mutable rev `v2.16.0`", "shortDescription": {"text": "pre-commit hook `https://github.com/macisamuele/language-formatters-pre-commit-hooks` pinned to mutable rev `v2.16.0`"}, "fullDescription": {"text": "`.pre-commit-config.yaml` references `https://github.com/macisamuele/language-formatters-pre-commit-hooks` at `rev: v2.16.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_test_client_unknown_operation", "shortDescription": {"text": "Phantom test coverage: test_test_client_unknown_operation"}, "fullDescription": {"text": "Test function `test_test_client_unknown_operation` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.transport` used but never assigned in __init__", "shortDescription": {"text": "`self.transport` used but never assigned in __init__"}, "fullDescription": {"text": "Method `data_received` of class `_HttpServerProtocol` reads `self.transport`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "generic-api-key", "name": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", "shortDescription": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "fullDescription": {"text": "Gitleaks detected a committed secret or credential pattern."}, "properties": {"scanner": "gitleaks", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "curl-auth-user", "name": "Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed re", "shortDescription": {"text": "Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource."}, "fullDescription": {"text": "Gitleaks detected a committed secret or credential pattern."}, "properties": {"scanner": "gitleaks", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "Missing import: `queue` used but not imported", "shortDescription": {"text": "Missing import: `queue` used but not imported"}, "fullDescription": {"text": "The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/963"}, "properties": {"repository": "aleksul/repid", "repoUrl": "https://github.com/aleksul/repid", "branch": "main"}, "results": [{"ruleId": "SEC001", "level": "warning", "message": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "properties": {"repobilityId": 90382, "scanner": "repobility-threat-engine", "fingerprint": "f543ed5b9a27602598342c6b2b79dd09908149cbabf36afe3872ae22157ed5f4", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Low entropy value (2.3 bits) \u2014 may be placeholder or common string", "evidence": {"match": "password=\"<redacted>\"", "reason": "Low entropy value (2.3 bits) \u2014 may be placeholder or common string", "rule_id": "SEC001", "scanner": "repobility-threat-engine", "confidence": 0.3, "correlation_key": "secret|token|5|password redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/amqp/protocol/__init__.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 90341, "scanner": "repobility-ast-engine", "fingerprint": "e5e934e999a25bd49723782aa0bda39339890f60ee28c78a621e1564924b8f64", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e5e934e999a25bd49723782aa0bda39339890f60ee28c78a621e1564924b8f64"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/amqp/test_event_emitter.py"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 90338, "scanner": "repobility-ast-engine", "fingerprint": "0270004d7d25622f89cd410731f16442c0636f4d5028f8aab8a51ec05c4b6290", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0270004d7d25622f89cd410731f16442c0636f4d5028f8aab8a51ec05c4b6290"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/integration/conftest.py"}, "region": {"startLine": 299}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 90337, "scanner": "repobility-ast-engine", "fingerprint": "56aeb3118ed1568aa9bdaf1c9f1dd0e7384cd5d0d957291b8528c7b76e107376", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|56aeb3118ed1568aa9bdaf1c9f1dd0e7384cd5d0d957291b8528c7b76e107376"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/integration/conftest.py"}, "region": {"startLine": 352}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 90336, "scanner": "repobility-ast-engine", "fingerprint": "bff7dc5126a4cc278470f2985ce014c6313cced9eb7d7653bda17b3d8e6650d6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bff7dc5126a4cc278470f2985ce014c6313cced9eb7d7653bda17b3d8e6650d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/integration/conftest.py"}, "region": {"startLine": 241}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 90335, "scanner": "repobility-ast-engine", "fingerprint": "ba17bf8b7b66a3c0e69ed0b93cbaa640271832d783e03d7442b0fbbed5032aa7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ba17bf8b7b66a3c0e69ed0b93cbaa640271832d783e03d7442b0fbbed5032aa7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/integration/conftest.py"}, "region": {"startLine": 148}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 90334, "scanner": "repobility-ast-engine", "fingerprint": "411f8607dc3fa678703183657aa5da6d2c2d920c5c7a2c2dd4e9fcfab1d8a7c7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|411f8607dc3fa678703183657aa5da6d2c2d920c5c7a2c2dd4e9fcfab1d8a7c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/integration/test_nats_specific.py"}, "region": {"startLine": 224}}}]}, {"ruleId": "GHSA-5239-wwwm-4pmq", "level": "note", "message": {"text": "pygments: GHSA-5239-wwwm-4pmq"}, "properties": {"repobilityId": 90391, "scanner": "osv-scanner", "fingerprint": "db0fef0ab784fa7e288e01a475a731d75b5105247b655bdfac2babc124377da9", "category": "dependency", "severity": "low", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-4539"], "package": "pygments", "rule_id": "GHSA-5239-wwwm-4pmq", "scanner": "osv-scanner", "correlation_key": "vuln|pygments|CVE-2026-4539|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `run` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, if=7, nested_bonus=2, recursion=1."}, "properties": {"repobilityId": 90371, "scanner": "repobility-threat-engine", "fingerprint": "85f46576dd4182374c2b58b5a4ddd2b100427765fc546658cedb3ad825f76d8d", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "run", "breakdown": {"if": 7, "except": 1, "recursion": 1, "nested_bonus": 2}, "complexity": 11, "correlation_key": "fp|85f46576dd4182374c2b58b5a4ddd2b100427765fc546658cedb3ad825f76d8d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/_worker.py"}, "region": {"startLine": 71}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `default` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: if=7, nested_bonus=1, recursion=1."}, "properties": {"repobilityId": 90370, "scanner": "repobility-threat-engine", "fingerprint": "996af32b88828c8defad5f5e72ec49064121901288792e0a6306c96bd27cc6a2", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "default", "breakdown": {"if": 7, "recursion": 1, "nested_bonus": 1}, "complexity": 9, "correlation_key": "fp|996af32b88828c8defad5f5e72ec49064121901288792e0a6306c96bd27cc6a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/_utils/json_encoder.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `is_installed` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=1, for=1, if=5, nested_bonus=2."}, "properties": {"repobilityId": 90369, "scanner": "repobility-threat-engine", "fingerprint": "e66851209595d0b53eac8bebea61577fa164d694a52d8f27a76f4fc8080d4737", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "is_installed", "breakdown": {"if": 5, "for": 1, "else": 1, "nested_bonus": 2}, "complexity": 9, "correlation_key": "fp|e66851209595d0b53eac8bebea61577fa164d694a52d8f27a76f4fc8080d4737"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/_utils/is_installed.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90283, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2cd3757cccac00bcaf8982cd2797bc15f836ce881470971f2970ea1501c6aa88", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "tests/unit/amqp/conftest.py", "duplicate_line": 17, "correlation_key": "fp|2cd3757cccac00bcaf8982cd2797bc15f836ce881470971f2970ea1501c6aa88"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/amqp/utils.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90282, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1d7cc2dfa5036709765c891f3f97f6d1eb70b5f14f274b4a8c0ad2d34c8c402a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/in_memory/message_broker.py", "duplicate_line": 65, "correlation_key": "fp|1d7cc2dfa5036709765c891f3f97f6d1eb70b5f14f274b4a8c0ad2d34c8c402a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/dependencies/message_dependency.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90281, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bc772bfbe3264ed90b88852b772be34b46ac90c5d832e4925e16b8200b39aa8f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/pubsub/message_broker.py", "duplicate_line": 171, "correlation_key": "fp|bc772bfbe3264ed90b88852b772be34b46ac90c5d832e4925e16b8200b39aa8f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/sqs/message_broker.py"}, "region": {"startLine": 98}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90280, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c5602414456f024cdd382cf4d0e60d0f32bc3d9cd6bd0b31d36dfcd98deeca29", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/amqp/message_broker.py", "duplicate_line": 97, "correlation_key": "fp|c5602414456f024cdd382cf4d0e60d0f32bc3d9cd6bd0b31d36dfcd98deeca29"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/sqs/message_broker.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90279, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1fdb9e3508756608d919f847e530f17bda34abe18c6a33417a394ea8a8309732", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/kafka/message_broker.py", "duplicate_line": 89, "correlation_key": "fp|1fdb9e3508756608d919f847e530f17bda34abe18c6a33417a394ea8a8309732"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/sqs/message_broker.py"}, "region": {"startLine": 77}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90278, "scanner": "repobility-ai-code-hygiene", "fingerprint": "60c6fdb5bfc2497cbf70fa406cbfaccf115c16795a0741027ee11291eef999bd", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/in_memory/message_broker.py", "duplicate_line": 245, "correlation_key": "fp|60c6fdb5bfc2497cbf70fa406cbfaccf115c16795a0741027ee11291eef999bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/sqs/message_broker.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90277, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8cc2d26da942ed53551d24be6824ced69a5e6595587134de864604e9bd901d94", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/pubsub/message_broker.py", "duplicate_line": 229, "correlation_key": "fp|8cc2d26da942ed53551d24be6824ced69a5e6595587134de864604e9bd901d94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/redis/message_broker.py"}, "region": {"startLine": 666}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90276, "scanner": "repobility-ai-code-hygiene", "fingerprint": "911df32501a2eb3493297469404e3691eeedd19667cfc77afb4665aac9ab07b7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/kafka/message_broker.py", "duplicate_line": 108, "correlation_key": "fp|911df32501a2eb3493297469404e3691eeedd19667cfc77afb4665aac9ab07b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/redis/message_broker.py"}, "region": {"startLine": 618}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90275, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7de5e4b21818e238585ec46de38c61d19ce220e8e02fe3c4ac5ceedf6ed2c417", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/amqp/message_broker.py", "duplicate_line": 82, "correlation_key": "fp|7de5e4b21818e238585ec46de38c61d19ce220e8e02fe3c4ac5ceedf6ed2c417"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/redis/message_broker.py"}, "region": {"startLine": 596}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90274, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dfcb222a7d9dde8b35ab3887a938e63dc88c6d4d5d6315bd405b1e6c167d49f6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/kafka/message_broker.py", "duplicate_line": 108, "correlation_key": "fp|dfcb222a7d9dde8b35ab3887a938e63dc88c6d4d5d6315bd405b1e6c167d49f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/pubsub/message_broker.py"}, "region": {"startLine": 169}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90273, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2804a5dd9170153704d59ceba941011def0d4eba0bafb11ea2f35870f4377024", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/amqp/message_broker.py", "duplicate_line": 82, "correlation_key": "fp|2804a5dd9170153704d59ceba941011def0d4eba0bafb11ea2f35870f4377024"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/pubsub/message_broker.py"}, "region": {"startLine": 147}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90272, "scanner": "repobility-ai-code-hygiene", "fingerprint": "40e0a8d2e1300b95e92c85ecab400ddb975c63b159ac2490118d91388ec93027", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/amqp/message_broker.py", "duplicate_line": 97, "correlation_key": "fp|40e0a8d2e1300b95e92c85ecab400ddb975c63b159ac2490118d91388ec93027"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/nats/message_broker.py"}, "region": {"startLine": 300}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90271, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8657000280c2e52a3dc7bf4fdb193a54d56eecda6b3bcedafd12d9fdf4b65064", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/kafka/message_broker.py", "duplicate_line": 89, "correlation_key": "fp|8657000280c2e52a3dc7bf4fdb193a54d56eecda6b3bcedafd12d9fdf4b65064"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/nats/message_broker.py"}, "region": {"startLine": 288}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90270, "scanner": "repobility-ai-code-hygiene", "fingerprint": "54a6f914232e6d6f22c79e8295365b61c91cdc149040504ce91468bf10e9cd3a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/in_memory/message_broker.py", "duplicate_line": 245, "correlation_key": "fp|54a6f914232e6d6f22c79e8295365b61c91cdc149040504ce91468bf10e9cd3a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/nats/message_broker.py"}, "region": {"startLine": 285}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90269, "scanner": "repobility-ai-code-hygiene", "fingerprint": "124a40b173021bb53b47ffcdb9ef4d77ecf1b1c3ad1675a1f6c6d3f62b0dc65d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/amqp/message_broker.py", "duplicate_line": 97, "correlation_key": "fp|124a40b173021bb53b47ffcdb9ef4d77ecf1b1c3ad1675a1f6c6d3f62b0dc65d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/kafka/message_broker.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90268, "scanner": "repobility-ai-code-hygiene", "fingerprint": "75bd2c0c9b9e58ffd0b3e8a2ae0f420aeb206cc2963390e1aa1520f87ecc6ed5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/in_memory/message_broker.py", "duplicate_line": 245, "correlation_key": "fp|75bd2c0c9b9e58ffd0b3e8a2ae0f420aeb206cc2963390e1aa1520f87ecc6ed5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/kafka/message_broker.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 90267, "scanner": "repobility-ai-code-hygiene", "fingerprint": "108e7b3385c0f1109099fe90a55ef0508e95de1544fa2818a607ea737740b8cf", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "repid/connections/amqp/message_broker.py", "duplicate_line": 85, "correlation_key": "fp|108e7b3385c0f1109099fe90a55ef0508e95de1544fa2818a607ea737740b8cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/in_memory/message_broker.py"}, "region": {"startLine": 248}}}]}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 90385, "scanner": "repobility-threat-engine", "fingerprint": "01b86890776fce86d32727209e70e544bb59c1398d7b82a5278eb5d20636d906", "category": "ssrf", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'localhost|127\\.0\\.0\\.1|0\\.0\\.0\\.0' detected on same line", "evidence": {"match": "URL (e", "reason": "Safe pattern 'localhost|127\\.0\\.0\\.1|0\\.0\\.0\\.0' detected on same line", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "fp|01b86890776fce86d32727209e70e544bb59c1398d7b82a5278eb5d20636d906"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/pubsub/protocol/channel.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 90381, "scanner": "repobility-threat-engine", "fingerprint": "9bccfc02b8526a082d4f489c44b7dd21a432b8a63afdec4e53442ffc45fcc1be", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|9bccfc02b8526a082d4f489c44b7dd21a432b8a63afdec4e53442ffc45fcc1be", "aggregated_count": 2}}}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 90380, "scanner": "repobility-threat-engine", "fingerprint": "908b4908c30918888c34efee69db1e3a7835b0e3f73f7f912d183a65c467e191", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|908b4908c30918888c34efee69db1e3a7835b0e3f73f7f912d183a65c467e191"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/in_memory/utils.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 90379, "scanner": "repobility-threat-engine", "fingerprint": "4f2534892131f2d5034387d5a518059257cd120789434ebcb0d690a0db6d2a00", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4f2534892131f2d5034387d5a518059257cd120789434ebcb0d690a0db6d2a00"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/amqp/protocol/reconnect.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 90378, "scanner": "repobility-threat-engine", "fingerprint": "ffa1a136da578a7a4157c1926bd570b62c0d0cee8d495ab48bcfe5ea536f5ef1", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ffa1a136da578a7a4157c1926bd570b62c0d0cee8d495ab48bcfe5ea536f5ef1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/amqp/_uamqp/outcomes.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 90377, "scanner": "repobility-threat-engine", "fingerprint": "a565191194a6e03db6139cc6cdcbc10002343bd6490651fdc0760d2f4ae42399", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a565191194a6e03db6139cc6cdcbc10002343bd6490651fdc0760d2f4ae42399"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/abc.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 90376, "scanner": "repobility-threat-engine", "fingerprint": "65bcd7f326bc59f8b4437e46d4ab6a55a7a5b15fd03b0952dee24ac035ca5b3d", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|65bcd7f326bc59f8b4437e46d4ab6a55a7a5b15fd03b0952dee24ac035ca5b3d", "aggregated_count": 5}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 90375, "scanner": "repobility-threat-engine", "fingerprint": "5b1c5faa1853aac5272d553e1138a7cca6d5c5eb44312440e0466270c217879e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5b1c5faa1853aac5272d553e1138a7cca6d5c5eb44312440e0466270c217879e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/kafka/message.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 90374, "scanner": "repobility-threat-engine", "fingerprint": "51cfd81767b7a84172182048015569384b92f0027cd5af6db3954e5914b32181", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|51cfd81767b7a84172182048015569384b92f0027cd5af6db3954e5914b32181"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/amqp/helpers.py"}, "region": {"startLine": 106}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 90373, "scanner": "repobility-threat-engine", "fingerprint": "c15da8cc8d779fef187c695e684cfd6b99233292f04fac11818a52fce1ba0998", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c15da8cc8d779fef187c695e684cfd6b99233292f04fac11818a52fce1ba0998"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/abc.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 16 more): Same pattern found in 16 additional files. Review if needed."}, "properties": {"repobilityId": 90372, "scanner": "repobility-threat-engine", "fingerprint": "77c6c839e3d15e6868a981640348ff83ed699acf23819d7eaf9cee4a446a7fe9", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 16 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "is_installed", "breakdown": {"if": 5, "for": 1, "else": 1, "nested_bonus": 2}, "aggregated": true, "complexity": 9, "correlation_key": "fp|77c6c839e3d15e6868a981640348ff83ed699acf23819d7eaf9cee4a446a7fe9", "aggregated_count": 16}}}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 90388, "scanner": "repobility-threat-engine", "fingerprint": "30908cf3f588ab4eda7820cdf917f9c85cfdac53a90b8c3d0f6493c0ef3f5eb0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "kwargs.update(server_specific_parameters)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|30908cf3f588ab4eda7820cdf917f9c85cfdac53a90b8c3d0f6493c0ef3f5eb0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/sqs/message_broker.py"}, "region": {"startLine": 232}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 90387, "scanner": "repobility-threat-engine", "fingerprint": "7642d1fa78d1d48f0c4d35196b10b9772592ab7cd072a72d8897f4fd02dacc14", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(s", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|7642d1fa78d1d48f0c4d35196b10b9772592ab7cd072a72d8897f4fd02dacc14"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/sqs/message_broker.py"}, "region": {"startLine": 181}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 90386, "scanner": "repobility-threat-engine", "fingerprint": "fc1982be5107ff458b27eeba4f6c1d832e965e848fca741cccbeecbc992b8a16", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(d", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|fc1982be5107ff458b27eeba4f6c1d832e965e848fca741cccbeecbc992b8a16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/sqs/message.py"}, "region": {"startLine": 158}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 90384, "scanner": "repobility-threat-engine", "fingerprint": "9e9f602b6546cf27287c13be9429c63c29e0da79ae82cbc9ef9ace0326b910be", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9e9f602b6546cf27287c13be9429c63c29e0da79ae82cbc9ef9ace0326b910be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/pubsub/protocol/control_batcher.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 90383, "scanner": "repobility-threat-engine", "fingerprint": "b9a6f69d8a70c9773776b612d2105ea7f8cd989b05d1b666cc88c8c5f6db109a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b9a6f69d8a70c9773776b612d2105ea7f8cd989b05d1b666cc88c8c5f6db109a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/kafka/subscriber.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/github-script` pinned to mutable ref `@v9`"}, "properties": {"repobilityId": 90368, "scanner": "repobility-supply-chain", "fingerprint": "a7f4196c0f66cb1e76d8f1ab14d7fe6bad07bc3dffb37e7fc3453c7f603ecd01", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a7f4196c0f66cb1e76d8f1ab14d7fe6bad07bc3dffb37e7fc3453c7f603ecd01"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 113}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `peaceiris/actions-gh-pages` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 90367, "scanner": "repobility-supply-chain", "fingerprint": "b9c1e18e923d5193d7be9441a64e3c05885b75cb667f3e5ffc0bc42544e6d9be", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b9c1e18e923d5193d7be9441a64e3c05885b75cb667f3e5ffc0bc42544e6d9be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/download-artifact` pinned to mutable ref `@v8`"}, "properties": {"repobilityId": 90366, "scanner": "repobility-supply-chain", "fingerprint": "3d2637f4fc5b723e22d53611bbb333c6024f4565f72a18b35f66a8b53acb24dd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3d2637f4fc5b723e22d53611bbb333c6024f4565f72a18b35f66a8b53acb24dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 69}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 90365, "scanner": "repobility-supply-chain", "fingerprint": "717c25456c4ebb7e1efa6cc0d4000654b0c61a653524d77dd2846a80722805d4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|717c25456c4ebb7e1efa6cc0d4000654b0c61a653524d77dd2846a80722805d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 90364, "scanner": "repobility-supply-chain", "fingerprint": "ff085714ff2e92008ff6846e0fd7eb744c4a8de1bf3e5054ce4f6b638eddfe43", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ff085714ff2e92008ff6846e0fd7eb744c4a8de1bf3e5054ce4f6b638eddfe43"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 90363, "scanner": "repobility-supply-chain", "fingerprint": "d988a1ad9e533c7767d9da37c225f9aa22661e79b302fc46ad01fc4343ece35f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d988a1ad9e533c7767d9da37c225f9aa22661e79b302fc46ad01fc4343ece35f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 90362, "scanner": "repobility-supply-chain", "fingerprint": "bd27a442d3bb0492c74b94b1dd1d79487139a99a905eaa473910d5058f586942", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bd27a442d3bb0492c74b94b1dd1d79487139a99a905eaa473910d5058f586942"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 90361, "scanner": "repobility-supply-chain", "fingerprint": "abcd97f52c52bb90ff9b9c9adbac9322334bfc062efd6776c41cf4e9c3d52ed1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|abcd97f52c52bb90ff9b9c9adbac9322334bfc062efd6776c41cf4e9c3d52ed1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yaml"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 90360, "scanner": "repobility-supply-chain", "fingerprint": "bb95173b937d222db786f666818be62c060b22709ec149724583829c5993183e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bb95173b937d222db786f666818be62c060b22709ec149724583829c5993183e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs.yml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 90359, "scanner": "repobility-supply-chain", "fingerprint": "12bff81309ef58622f86339e3b532338dcba2997919d474a0c967e73c1b96534", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|12bff81309ef58622f86339e3b532338dcba2997919d474a0c967e73c1b96534"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs.yml"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 90358, "scanner": "repobility-supply-chain", "fingerprint": "6c2771a46d5e291d0e503f3572c2e226755eaea77066cbbb528013e8c986d684", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6c2771a46d5e291d0e503f3572c2e226755eaea77066cbbb528013e8c986d684"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release.yaml"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 90357, "scanner": "repobility-supply-chain", "fingerprint": "c8c88ac93789aa37d7b7194a4c8103ed62fc99ba05c72c35465d161dd840a91e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c8c88ac93789aa37d7b7194a4c8103ed62fc99ba05c72c35465d161dd840a91e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release.yaml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `pr-annotators/mypy-pr-annotator` pinned to mutable ref `@v1.0.0`"}, "properties": {"repobilityId": 90356, "scanner": "repobility-supply-chain", "fingerprint": "beb0d764732a91fefa2e4f11ad55d216303d12578763e35c007fca694af8128d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|beb0d764732a91fefa2e4f11ad55d216303d12578763e35c007fca694af8128d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/mypy.yml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 90355, "scanner": "repobility-supply-chain", "fingerprint": "35a5bff0fe8ae70c18adf751224abdb5046f8ea6f30621c5e71575e2aed726e9", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|35a5bff0fe8ae70c18adf751224abdb5046f8ea6f30621c5e71575e2aed726e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/mypy.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 90354, "scanner": "repobility-supply-chain", "fingerprint": "655689f709af3743cc769bd773f0d9beffce0055c011bbea00dce3a4e8980628", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|655689f709af3743cc769bd773f0d9beffce0055c011bbea00dce3a4e8980628"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/mypy.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/dependency-review-action` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 90353, "scanner": "repobility-supply-chain", "fingerprint": "dc208c408c52fd559aa22c0f65f6994c871e80cbf03fcb394e817653fb02d1c7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|dc208c408c52fd559aa22c0f65f6994c871e80cbf03fcb394e817653fb02d1c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dependency-review.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 90352, "scanner": "repobility-supply-chain", "fingerprint": "64d5293326072b1a54395e924c8fb3ee26775f705a8f384da176aa0c358e7484", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|64d5293326072b1a54395e924c8fb3ee26775f705a8f384da176aa0c358e7484"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dependency-review.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 90351, "scanner": "repobility-supply-chain", "fingerprint": "f82500d730789f204326ad0aac2795324107a70d68c1ac80df871b4a94fab7e4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f82500d730789f204326ad0aac2795324107a70d68c1ac80df871b4a94fab7e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/dependency-review.yml"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `github/codeql-action/analyze` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 90350, "scanner": "repobility-supply-chain", "fingerprint": "6fc2b80b67c1276fbd6c70c11d1dc78d39a380244b34818bc4a5487c74e5a448", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6fc2b80b67c1276fbd6c70c11d1dc78d39a380244b34818bc4a5487c74e5a448"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/codeql.yml"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `github/codeql-action/autobuild` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 90349, "scanner": "repobility-supply-chain", "fingerprint": "4e709e0cd119a3d7a193142631b234823d48a82941d266b119f03fc903370913", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4e709e0cd119a3d7a193142631b234823d48a82941d266b119f03fc903370913"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/codeql.yml"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `github/codeql-action/init` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 90348, "scanner": "repobility-supply-chain", "fingerprint": "fe6b5d1099006394951f5a9e028800b2cf923889dec4de4825de0778db693139", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fe6b5d1099006394951f5a9e028800b2cf923889dec4de4825de0778db693139"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/codeql.yml"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 90347, "scanner": "repobility-supply-chain", "fingerprint": "8d185c1a419e185eb1a56e999c8642911e811e472b59837acdf5820bfae98407", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8d185c1a419e185eb1a56e999c8642911e811e472b59837acdf5820bfae98407"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/codeql.yml"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/macisamuele/language-formatters-pre-commit-hooks` pinned to mutable rev `v2.16.0`"}, "properties": {"repobilityId": 90346, "scanner": "repobility-supply-chain", "fingerprint": "795793962719233bc364a876dcce6b91eb277903f2c69ad988b01b02b815c8f7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|795793962719233bc364a876dcce6b91eb277903f2c69ad988b01b02b815c8f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/igorshubovych/markdownlint-cli` pinned to mutable rev `v0.48.0`"}, "properties": {"repobilityId": 90345, "scanner": "repobility-supply-chain", "fingerprint": "d2e41e16ebb39d53a243f783431e1c83ad0f8b5af244c960886b1b0b836c6f46", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d2e41e16ebb39d53a243f783431e1c83ad0f8b5af244c960886b1b0b836c6f46"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/astral-sh/ruff-pre-commit` pinned to mutable rev `v0.15.15`"}, "properties": {"repobilityId": 90344, "scanner": "repobility-supply-chain", "fingerprint": "23f6c1dd4f49a39cea042bd31d83e9bb836d18a3d57a7f13897630a063e495b0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|23f6c1dd4f49a39cea042bd31d83e9bb836d18a3d57a7f13897630a063e495b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v6.0.0`"}, "properties": {"repobilityId": 90343, "scanner": "repobility-supply-chain", "fingerprint": "092c09456ec43df41cbddea98953254d7f70abb7f3227127b37c056dd2fe9c62", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|092c09456ec43df41cbddea98953254d7f70abb7f3227127b37c056dd2fe9c62"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_test_client_unknown_operation"}, "properties": {"repobilityId": 90333, "scanner": "repobility-ast-engine", "fingerprint": "6d499dc688dc57f3617ecd4c5bf042966d7e8ee3b93801a17ee6c5dedff6b57b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6d499dc688dc57f3617ecd4c5bf042966d7e8ee3b93801a17ee6c5dedff6b57b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_test_client.py"}, "region": {"startLine": 109}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_actor"}, "properties": {"repobilityId": 90332, "scanner": "repobility-ast-engine", "fingerprint": "a4254ea0d5cebb7ca0101d994004f8d269a3c51a3673556d1b909078695c3279", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a4254ea0d5cebb7ca0101d994004f8d269a3c51a3673556d1b909078695c3279"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 119}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_actor"}, "properties": {"repobilityId": 90331, "scanner": "repobility-ast-engine", "fingerprint": "dffc02084416e284e2a545ae24d66692f1278509132082679d4b453f82b31984", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dffc02084416e284e2a545ae24d66692f1278509132082679d4b453f82b31984"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_actor"}, "properties": {"repobilityId": 90330, "scanner": "repobility-ast-engine", "fingerprint": "1c15d918d5e5293ebf57dc7f9e3ed26cdda906e504062d11f675083115a1ea3a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c15d918d5e5293ebf57dc7f9e3ed26cdda906e504062d11f675083115a1ea3a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_actor"}, "properties": {"repobilityId": 90329, "scanner": "repobility-ast-engine", "fingerprint": "949bc0237db7f63e2da5233cc3a639193f63ce8f5df5b37077d4c4e22e4e7bf9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|949bc0237db7f63e2da5233cc3a639193f63ce8f5df5b37077d4c4e22e4e7bf9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_send_message_both_channel_and_operation_id"}, "properties": {"repobilityId": 90328, "scanner": "repobility-ast-engine", "fingerprint": "358cef2757ad356ca7e6f5ee036edcf538ea0d23491fa775736f8ad65e1b4b78", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|358cef2757ad356ca7e6f5ee036edcf538ea0d23491fa775736f8ad65e1b4b78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 206}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_send_message_neither_channel_nor_operation_id"}, "properties": {"repobilityId": 90327, "scanner": "repobility-ast-engine", "fingerprint": "e409b235b22f006e0967b892aab4d8a2d4ebad6702624397e362fe6f4803393d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e409b235b22f006e0967b892aab4d8a2d4ebad6702624397e362fe6f4803393d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 193}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_send_message_operation_not_found"}, "properties": {"repobilityId": 90326, "scanner": "repobility-ast-engine", "fingerprint": "327c3b0bf7d9dfaca44b316da7c7bb758bcfa30c0f319b8f0e9d999035d07d56", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|327c3b0bf7d9dfaca44b316da7c7bb758bcfa30c0f319b8f0e9d999035d07d56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_send_message_server_not_found"}, "properties": {"repobilityId": 90325, "scanner": "repobility-ast-engine", "fingerprint": "c4363f744938ad28dc44e65b81de04dc8b9b3013dc2ba387d8e7d5bcb5885a3c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c4363f744938ad28dc44e65b81de04dc8b9b3013dc2ba387d8e7d5bcb5885a3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_send_message_no_server"}, "properties": {"repobilityId": 90324, "scanner": "repobility-ast-engine", "fingerprint": "c862b80f49c4af8963e5cb188b6d940406173f3220a9317271b41ed8d7ad905b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c862b80f49c4af8963e5cb188b6d940406173f3220a9317271b41ed8d7ad905b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 166}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_run_worker_server_not_found"}, "properties": {"repobilityId": 90323, "scanner": "repobility-ast-engine", "fingerprint": "ffb62aaf14eece92f5de0a6c16c54b3413e3378f534107a987c5f715e08fa8c5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ffb62aaf14eece92f5de0a6c16c54b3413e3378f534107a987c5f715e08fa8c5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_run_worker_no_server"}, "properties": {"repobilityId": 90322, "scanner": "repobility-ast-engine", "fingerprint": "b1b362ebb7fbf4bee3e3b569cbc0127d4ac59f8c20cfe9b8269702a69bd3b307", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b1b362ebb7fbf4bee3e3b569cbc0127d4ac59f8c20cfe9b8269702a69bd3b307"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_main.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_is_imported_with_incorrect_constraints"}, "properties": {"repobilityId": 90321, "scanner": "repobility-ast-engine", "fingerprint": "71532695445983a030ec08e2ac3b0a0461042c0395652e753df59d010f094694", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|71532695445983a030ec08e2ac3b0a0461042c0395652e753df59d010f094694"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_utils.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_message_example_raises_error_when_neither_headers_nor_payload_provided"}, "properties": {"repobilityId": 90320, "scanner": "repobility-ast-engine", "fingerprint": "476fde497879da9bb29a03fb1b41ee677484701321862655f0ba5cf120028a3d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|476fde497879da9bb29a03fb1b41ee677484701321862655f0ba5cf120028a3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_asyncapi_generator.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_channel_equality_with_non_channel_raises"}, "properties": {"repobilityId": 90319, "scanner": "repobility-ast-engine", "fingerprint": "e4f47279fcbc721abf673190d9bacc9b6c12ae344750f12602c0b861e78595ac", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e4f47279fcbc721abf673190d9bacc9b6c12ae344750f12602c0b861e78595ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_channel.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_run_with_keepalive_skipped_when_interval_none"}, "properties": {"repobilityId": 90318, "scanner": "repobility-ast-engine", "fingerprint": "09d2feabadf7d2a307b1d869d29d6c94fec61292d13ebcdd97c62c8b495b34bd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09d2feabadf7d2a307b1d869d29d6c94fec61292d13ebcdd97c62c8b495b34bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_runner.py"}, "region": {"startLine": 894}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_run_with_keepalive_skipped_when_capability_false"}, "properties": {"repobilityId": 90317, "scanner": "repobility-ast-engine", "fingerprint": "002c74c6feaf8434bbcafdba5c6196cf4d90b1b1369180b2021d911c5375f93d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|002c74c6feaf8434bbcafdba5c6196cf4d90b1b1369180b2021d911c5375f93d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_runner.py"}, "region": {"startLine": 881}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_runner_unrouted_message_no_id_always_reject"}, "properties": {"repobilityId": 90316, "scanner": "repobility-ast-engine", "fingerprint": "d0252e60a903c526e0b512101e5fdfda0df41345819a34e8618f3649f78eda47", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d0252e60a903c526e0b512101e5fdfda0df41345819a34e8618f3649f78eda47"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_runner.py"}, "region": {"startLine": 812}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_runner_unrouted_message_reject_below_threshold"}, "properties": {"repobilityId": 90315, "scanner": "repobility-ast-engine", "fingerprint": "54f866d48f5087f02f27ebb275c91c996ec2f6e89f6cb5b1c439e223b4722ee0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|54f866d48f5087f02f27ebb275c91c996ec2f6e89f6cb5b1c439e223b4722ee0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_runner.py"}, "region": {"startLine": 769}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_runner_unpause_threshold_validation"}, "properties": {"repobilityId": 90314, "scanner": "repobility-ast-engine", "fingerprint": "5b7b4ef3e4fd26f1f89bf02058e742a029625706c1ed53ecd71543959983603a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5b7b4ef3e4fd26f1f89bf02058e742a029625706c1ed53ecd71543959983603a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_runner.py"}, "region": {"startLine": 240}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_depends_missing_required_argument"}, "properties": {"repobilityId": 90313, "scanner": "repobility-ast-engine", "fingerprint": "6029cce4e8e3ef0efbf1eee017e859a109b2e2bf3cdf9eb5c1a92a3adab8dc65", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6029cce4e8e3ef0efbf1eee017e859a109b2e2bf3cdf9eb5c1a92a3adab8dc65"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_dependencies.py"}, "region": {"startLine": 707}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_class_instead_of_instance_dependency_raises_warning"}, "properties": {"repobilityId": 90312, "scanner": "repobility-ast-engine", "fingerprint": "62139dfbf1ea101e9b7c60691493c0346e78005843b9fb9400ed1bffc2a4b1ac", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|62139dfbf1ea101e9b7c60691493c0346e78005843b9fb9400ed1bffc2a4b1ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_dependencies.py"}, "region": {"startLine": 581}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_positional_only_arg_raises"}, "properties": {"repobilityId": 90311, "scanner": "repobility-ast-engine", "fingerprint": "2962800c831d8cbedcaf02c052ab2d9c5f55e477610788db772a9c701f7d3a92", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2962800c831d8cbedcaf02c052ab2d9c5f55e477610788db772a9c701f7d3a92"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_dependencies.py"}, "region": {"startLine": 257}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_message_dependency_reply_fallback"}, "properties": {"repobilityId": 90310, "scanner": "repobility-ast-engine", "fingerprint": "b06ff744ad9e79a10bf6d8d1fdd7f0c60d615f8d021475aee6d8b739237fc8a6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b06ff744ad9e79a10bf6d8d1fdd7f0c60d615f8d021475aee6d8b739237fc8a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_dependencies.py"}, "region": {"startLine": 169}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_depends_raises_on_both_run_in_process_and_pool_executor"}, "properties": {"repobilityId": 90309, "scanner": "repobility-ast-engine", "fingerprint": "6a21564da87834007bad9b385c07686a387847bd03fdd3b514416be2b4c54a0e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6a21564da87834007bad9b385c07686a387847bd03fdd3b514416be2b4c54a0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/test_dependencies.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.transport` used but never assigned in __init__"}, "properties": {"repobilityId": 90308, "scanner": "repobility-ast-engine", "fingerprint": "69be5165106d012f91a6a5f5deb12ec76a7d0666a687c363517e0f431cacec80", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|69be5165106d012f91a6a5f5deb12ec76a7d0666a687c363517e0f431cacec80"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/health_check_server.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.handle_request` used but never assigned in __init__"}, "properties": {"repobilityId": 90307, "scanner": "repobility-ast-engine", "fingerprint": "0b24cbb4bb5da93da9806430d80df17e49cbee70460dd0d1454b971f0ccce092", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0b24cbb4bb5da93da9806430d80df17e49cbee70460dd0d1454b971f0ccce092"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/health_check_server.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.transport` used but never assigned in __init__"}, "properties": {"repobilityId": 90306, "scanner": "repobility-ast-engine", "fingerprint": "9edc652b266039e38a752e52c9154f68fbfe8d753ac048061d5d2a0407705db2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9edc652b266039e38a752e52c9154f68fbfe8d753ac048061d5d2a0407705db2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/health_check_server.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.health_status` used but never assigned in __init__"}, "properties": {"repobilityId": 90305, "scanner": "repobility-ast-engine", "fingerprint": "da435377bcb9312de82e0456df3beb38e3ed7ff2f18bf323c1d3bc3906066dc5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|da435377bcb9312de82e0456df3beb38e3ed7ff2f18bf323c1d3bc3906066dc5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/health_check_server.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.transport` used but never assigned in __init__"}, "properties": {"repobilityId": 90304, "scanner": "repobility-ast-engine", "fingerprint": "5523096dd1fc056d18b284c3e9c7d3becfe272fc98503ee35f615d9e5436b7a5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5523096dd1fc056d18b284c3e9c7d3becfe272fc98503ee35f615d9e5436b7a5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/asyncapi_server.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.transport` used but never assigned in __init__"}, "properties": {"repobilityId": 90303, "scanner": "repobility-ast-engine", "fingerprint": "2555290ecd4ff3d6d86bb32d4bd2862e3b2a0b5c7e89e98c99f002477f88ba4b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2555290ecd4ff3d6d86bb32d4bd2862e3b2a0b5c7e89e98c99f002477f88ba4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/asyncapi_server.py"}, "region": {"startLine": 102}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.handle_request` used but never assigned in __init__"}, "properties": {"repobilityId": 90302, "scanner": "repobility-ast-engine", "fingerprint": "9a834c3785692cb4c516714293803a10415c1f4a7def9e6c1815ef30dcdaf75d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9a834c3785692cb4c516714293803a10415c1f4a7def9e6c1815ef30dcdaf75d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/asyncapi_server.py"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.transport` used but never assigned in __init__"}, "properties": {"repobilityId": 90301, "scanner": "repobility-ast-engine", "fingerprint": "28cedf2a5f996f2222279d000f6bbcb29954fae5ebeb40e0673497a8c895f910", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|28cedf2a5f996f2222279d000f6bbcb29954fae5ebeb40e0673497a8c895f910"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/asyncapi_server.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.stop` used but never assigned in __init__"}, "properties": {"repobilityId": 90300, "scanner": "repobility-ast-engine", "fingerprint": "f30421406cc163585454412d0d17dda62f5c5a8430cee44c599e8537a897ab24", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f30421406cc163585454412d0d17dda62f5c5a8430cee44c599e8537a897ab24"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/asyncapi_server.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.start` used but never assigned in __init__"}, "properties": {"repobilityId": 90299, "scanner": "repobility-ast-engine", "fingerprint": "f68221eaa54fa69ee105afa3cbd80ad59493a8f2b6510a469d9a7f3c2fb45133", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f68221eaa54fa69ee105afa3cbd80ad59493a8f2b6510a469d9a7f3c2fb45133"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/asyncapi_server.py"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_default_server` used but never assigned in __init__"}, "properties": {"repobilityId": 90298, "scanner": "repobility-ast-engine", "fingerprint": "6403444b4fa2d81f96a8f6b7a365f42b9db6f7253dde9f60217d6ed8876d7210", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6403444b4fa2d81f96a8f6b7a365f42b9db6f7253dde9f60217d6ed8876d7210"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/server_registry.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.get_server` used but never assigned in __init__"}, "properties": {"repobilityId": 90297, "scanner": "repobility-ast-engine", "fingerprint": "5528b4fca2323d2c78b6ef08e0614b68166637eb21194a745ae566bb07416e37", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5528b4fca2323d2c78b6ef08e0614b68166637eb21194a745ae566bb07416e37"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/server_registry.py"}, "region": {"startLine": 57}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.actor` used but never assigned in __init__"}, "properties": {"repobilityId": 90296, "scanner": "repobility-ast-engine", "fingerprint": "6ff94b11e021c29fef56ff7f4d45aa2426bbff07ff4fd822ea840116223c58c6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6ff94b11e021c29fef56ff7f4d45aa2426bbff07ff4fd822ea840116223c58c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/router.py"}, "region": {"startLine": 670}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.actors` used but never assigned in __init__"}, "properties": {"repobilityId": 90295, "scanner": "repobility-ast-engine", "fingerprint": "2328900cd0466e2fd3eba89b61e7c0497c980062a3a748506452464d63b54f2b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2328900cd0466e2fd3eba89b61e7c0497c980062a3a748506452464d63b54f2b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/router.py"}, "region": {"startLine": 149}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.dependency_kwargs` used but never assigned in __init__"}, "properties": {"repobilityId": 90294, "scanner": "repobility-ast-engine", "fingerprint": "29cf78b0dff7713621b9d568cb7c1ef069c6b18eb8d5d562c5cd580bd56ee3d7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|29cf78b0dff7713621b9d568cb7c1ef069c6b18eb8d5d562c5cd580bd56ee3d7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 534}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.kwargs` used but never assigned in __init__"}, "properties": {"repobilityId": 90293, "scanner": "repobility-ast-engine", "fingerprint": "ccb6b02e3d4c646079d266a74c468232aecdd809fe5a9770f8d49fe12560fda2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ccb6b02e3d4c646079d266a74c468232aecdd809fe5a9770f8d49fe12560fda2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 559}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.dependency_kwargs` used but never assigned in __init__"}, "properties": {"repobilityId": 90292, "scanner": "repobility-ast-engine", "fingerprint": "450a03cd735c39f56d9fc3c37a08065eb806b93c34e8d2e72cdf07183293da3c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|450a03cd735c39f56d9fc3c37a08065eb806b93c34e8d2e72cdf07183293da3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 557}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.args` used but never assigned in __init__"}, "properties": {"repobilityId": 90291, "scanner": "repobility-ast-engine", "fingerprint": "1335207d81c33ac3f0319f0f54b83cfd1373c2cedb21771bbe320cd9b50144a8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1335207d81c33ac3f0319f0f54b83cfd1373c2cedb21771bbe320cd9b50144a8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 523}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.root_arg` used but never assigned in __init__"}, "properties": {"repobilityId": 90290, "scanner": "repobility-ast-engine", "fingerprint": "9f484797d81fdf5d83a91ef614b927b46b3a5c895a7046066a8698a66165896f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9f484797d81fdf5d83a91ef614b927b46b3a5c895a7046066a8698a66165896f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 518}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.args` used but never assigned in __init__"}, "properties": {"repobilityId": 90289, "scanner": "repobility-ast-engine", "fingerprint": "7594f11095f06f620afde7bda143ce641b757a3c6671c8f0b41f81b6b5b4eb17", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7594f11095f06f620afde7bda143ce641b757a3c6671c8f0b41f81b6b5b4eb17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 547}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.kwargs` used but never assigned in __init__"}, "properties": {"repobilityId": 90288, "scanner": "repobility-ast-engine", "fingerprint": "f862e12a74f46504cbb35b3b57b188bd1177344c59227e7affec73d01d8295b5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f862e12a74f46504cbb35b3b57b188bd1177344c59227e7affec73d01d8295b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 520}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.root_arg` used but never assigned in __init__"}, "properties": {"repobilityId": 90287, "scanner": "repobility-ast-engine", "fingerprint": "03c97d3142730fed6b31856b6e52f488337b5a47bab7a82048527b272c14a1a3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|03c97d3142730fed6b31856b6e52f488337b5a47bab7a82048527b272c14a1a3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 517}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._parse_headers` used but never assigned in __init__"}, "properties": {"repobilityId": 90286, "scanner": "repobility-ast-engine", "fingerprint": "d7ef1bf23108a712e64fe430a11cffc7f70ade49c2a0cac054b716001dcf941a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d7ef1bf23108a712e64fe430a11cffc7f70ade49c2a0cac054b716001dcf941a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 507}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._parse_payload` used but never assigned in __init__"}, "properties": {"repobilityId": 90285, "scanner": "repobility-ast-engine", "fingerprint": "c11f8698eb3c05dcea65db4821f3836dab412dc5cf941fb18f2e1704ca46582f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c11f8698eb3c05dcea65db4821f3836dab412dc5cf941fb18f2e1704ca46582f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 506}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._parse_payload` used but never assigned in __init__"}, "properties": {"repobilityId": 90284, "scanner": "repobility-ast-engine", "fingerprint": "a2cc8c364127f7080ad245515edc43f4be54662867268ab2231c9a26aca7f369", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a2cc8c364127f7080ad245515edc43f4be54662867268ab2231c9a26aca7f369"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/converter.py"}, "region": {"startLine": 227}}}]}, {"ruleId": "generic-api-key", "level": "error", "message": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "properties": {"repobilityId": 90390, "scanner": "gitleaks", "fingerprint": "911bdbb6a593db64ddf15c3acdaaf03e5a7b1aebc79632f8f85fc08e04f0d585", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "password_hash\": \"REDACTED\"", "rule_id": "generic-api-key", "scanner": "gitleaks", "detector": "generic-api-key", "correlation_key": "secret|token|1|password_hash : redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/integration/rabbitmq_definitions.json"}, "region": {"startLine": 5}}}]}, {"ruleId": "curl-auth-user", "level": "error", "message": {"text": "Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource."}, "properties": {"repobilityId": 90389, "scanner": "gitleaks", "fingerprint": "2fa3da44f5f41edd62fd5b84db4bc0573fdb1cbc669037c36899db28989e4373", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "curl`\n(assuming the management plugin `rabbitmq_management` is enabled):\n\n```bash\ncurl -i -u REDACTED", "rule_id": "curl-auth-user", "scanner": "gitleaks", "detector": "curl-auth-user", "correlation_key": "secret|token|13|curl assuming the management plugin rabbitmq_management is enabled : bash curl -i -u redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/cookbook/rabbitmq_retries.md"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 90342, "scanner": "repobility-ast-engine", "fingerprint": "b6a051b0bcd91309155536240e5333381082090b473bf38e67dc432dfaef5f03", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b6a051b0bcd91309155536240e5333381082090b473bf38e67dc432dfaef5f03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "repid/connections/in_memory/message_broker.py"}, "region": {"startLine": 255}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 90340, "scanner": "repobility-ast-engine", "fingerprint": "1c5c7f90350246ae8590306ea1ad2d22d9c9f987e7a1f88ea8537ccb708d0c2f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c5c7f90350246ae8590306ea1ad2d22d9c9f987e7a1f88ea8537ccb708d0c2f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/unit/in_memory/test_message_broker.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 90339, "scanner": "repobility-ast-engine", "fingerprint": "8cc8db5e308654218a52a707d2cd916ecd5204c48679562f15266532c91f0ab9", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8cc8db5e308654218a52a707d2cd916ecd5204c48679562f15266532c91f0ab9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/integration/test_worker.py"}, "region": {"startLine": 122}}}]}]}]}