{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "CFG001", "name": "Docker Runs as Root", "shortDescription": {"text": "Docker Runs as Root"}, "fullDescription": {"text": "No USER directive found in Dockerfile"}, "properties": {"scanner": "repobility-threat-engine", "category": "config", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "ERR003", "name": "Ignored Error (Go)", "shortDescription": {"text": "Ignored Error (Go)"}, "fullDescription": {"text": "Pattern matched with no mitigating context found"}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CFG003", "name": "Docker COPY Everything", "shortDescription": {"text": "Docker COPY Everything"}, "fullDescription": {"text": "Pattern matched with no mitigating context found"}, "properties": {"scanner": "repobility-threat-engine", "category": "config", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/154"}, "properties": {"repository": "aljefra-compose/vpnapp", "repoUrl": "aljefra-compose://c4afc5f6-abb0-4760-b576-4bd19e05aa4e", "branch": "compose"}, "results": [{"ruleId": "CFG001", "level": "warning", "message": {"text": "Docker Runs as Root"}, "properties": {"repobilityId": 3972, "scanner": "repobility-threat-engine", "fingerprint": "ffccd6ebe62750a612a615b93332dcbb7dd5beadef74e0befc94015c172f4106", "category": "config", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CFG001", "scanner": "repobility-threat-engine", "confidence": 0.9, "correlation_key": "fp|ffccd6ebe62750a612a615b93332dcbb7dd5beadef74e0befc94015c172f4106"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "Ignored Error (Go)"}, "properties": {"repobilityId": 3971, "scanner": "repobility-threat-engine", "fingerprint": "a3f8549ed5af74933ad74e05d1c0cc41fcf3e27ff96ea58f13032c058373ecd3", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a3f8549ed5af74933ad74e05d1c0cc41fcf3e27ff96ea58f13032c058373ecd3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "internal/platform/httpclient/retry.go"}, "region": {"startLine": 106}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "Ignored Error (Go)"}, "properties": {"repobilityId": 3970, "scanner": "repobility-threat-engine", "fingerprint": "1db306dc328ba3e7e623bee37f359ae7a109516c004773fb98f8e0369d301a33", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1db306dc328ba3e7e623bee37f359ae7a109516c004773fb98f8e0369d301a33"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "internal/adapters/http/middleware/request_id.go"}, "region": {"startLine": 67}}}]}, {"ruleId": "ERR003", "level": "note", "message": {"text": "Ignored Error (Go)"}, "properties": {"repobilityId": 3969, "scanner": "repobility-threat-engine", "fingerprint": "cbf3aec089f3776504e6fded6726ccb832fe2bc86d00a6cef14c4966b98219b8", "category": "error_handling", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "ERR003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|cbf3aec089f3776504e6fded6726ccb832fe2bc86d00a6cef14c4966b98219b8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cmd/server/main.go"}, "region": {"startLine": 179}}}]}, {"ruleId": "CFG003", "level": "note", "message": {"text": "Docker COPY Everything"}, "properties": {"repobilityId": 3968, "scanner": "repobility-threat-engine", "fingerprint": "bb29d47ff18d0d39665432e78066224887b181faf14e0ad9e9ff81ace0812b4e", "category": "config", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CFG003", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|security|dockerfile|11|cfg003"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 11}}}]}]}]}