{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED124", "name": "[MINED124] requirements.txt: `types-protobuf` has no version pin: Unpinned pip requirement means every fresh install may", "shortDescription": {"text": "[MINED124] requirements.txt: `types-protobuf` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducibl"}, "fullDescription": {"text": "Replace `types-protobuf` with `types-protobuf==<version>` and manage upgrades through PRs / Dependabot."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "[MINED109] Mutable default argument in `parse` (dict): `def parse(... = []/{}/set())` \u2014 Python's default value is constr", "shortDescription": {"text": "[MINED109] Mutable default argument in `parse` (dict): `def parse(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future "}, "fullDescription": {"text": "Use None as the default and create the collection inside the function: `def parse(x=None): x = x or []`"}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT015", "name": "Remote install command pipes network code directly to a shell", "shortDescription": {"text": "Remote install command pipes network code directly to a shell"}, "fullDescription": {"text": "Publish a package-manager install path or add checksum/signature verification before execution. For docs, show the inspect-then-run flow and pin the downloaded artifact version."}, "properties": {"scanner": "repobility-agent-runtime", "category": "dependency", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "SEC001", "name": "[SEC001] Hardcoded Password: Hardcoded password found in source code.", "shortDescription": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "fullDescription": {"text": "Use environment variables or a secrets manager."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "cwe": "", "owasp": ""}}, {"id": "SEC136", "name": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns ", "shortDescription": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, retur"}, "fullDescription": {"text": "Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC002", "name": "[SEC002] Hardcoded API Key: Hardcoded API key found in source code.", "shortDescription": {"text": "[SEC002] Hardcoded API Key: Hardcoded API key found in source code."}, "fullDescription": {"text": "Use environment variables. Add the pattern to .gitignore."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "cwe": "", "owasp": ""}}, {"id": "SEC134", "name": "[SEC134] AI scaffold leftover \u2014 Lorem ipsum / example.com / John Doe in code: Lorem ipsum / John Doe / example.com left ", "shortDescription": {"text": "[SEC134] AI scaffold leftover \u2014 Lorem ipsum / example.com / John Doe in code: Lorem ipsum / John Doe / example.com left in non-test code. AI agents emit these as 'reasonable defaults' when they don't know real values; the human then forgets"}, "fullDescription": {"text": "Move dummy values to fixtures / seed files. In application code, require these to come from config or fail closed. Add a CI grep that rejects 'lorem ipsum' and 'example.com' outside test files."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC015", "name": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.", "shortDescription": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "fullDescription": {"text": "Use secrets module (Python) or crypto.getRandomValues() (JS) for security-sensitive randomness."}, "properties": {"scanner": "repobility-threat-engine", "category": "crypto", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR002", "name": "[ERR002] Empty Catch Block: Empty catch blocks hide errors.", "shortDescription": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "fullDescription": {"text": "Log the error or rethrow it. Use console.error() at minimum."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "WEB005", "name": "robots.txt does not advertise a sitemap", "shortDescription": {"text": "robots.txt does not advertise a sitemap"}, "fullDescription": {"text": "Add `Sitemap: https://your-domain.example/sitemap.xml` to robots.txt."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "SEC132", "name": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the la", "shortDescription": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on it"}, "fullDescription": {"text": "Python: `f\"prefix {var} suffix\"`. JS/TS: `` `prefix ${var} suffix` ``. Add a lint rule (pyupgrade UP032, eslint prefer-template) so future PRs catch this automatically."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `emit` has cognitive complexity 8 (SonarSource scale). Cognitive complexit", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `emit` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 8."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "SEC006", "name": "[SEC006] XSS Risk: Direct HTML injection without sanitization.", "shortDescription": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "fullDescription": {"text": "Use textContent instead of innerHTML. Sanitize with DOMPurify."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "low", "confidence": 0.4, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED075", "name": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL.", "shortDescription": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-690 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.", "shortDescription": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC040", "name": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data (and 2 more): Same pattern found in 2 additional fil", "shortDescription": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "For plain text: use el.textContent = data.value (auto-escapes).\nFor HTML you need to render: el.innerHTML = DOMPurify.sanitize(html).\nFor React/Vue/Svelte: stop using innerHTML; use the framework's binding.\nWhen data comes from CV/PDF parsers, sanitize at the parser boundary too."}, "properties": {"scanner": "repobility-threat-engine", "category": "xss", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[SEC020] Secret Printed to Logs (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod (and 38 more): Same pattern found in 38 additional files. Review if needed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod (and 38 more): Same pattern found in 38 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED038", "name": "[MINED038] Swift Try Bang (and 15 more): Same pattern found in 15 additional files. Review if needed.", "shortDescription": {"text": "[MINED038] Swift Try Bang (and 15 more): Same pattern found in 15 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED012", "name": "[MINED012] Curl Pipe Bash (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED012] Curl Pipe Bash (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-494 / A08:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 72 more): Same pattern found in 72 addi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 72 more): Same pattern found in 72 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED098", "name": "[MINED098] Global Scope Pollution (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED098] Global Scope Pollution (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Import the library where you need it instead of attaching to window. For legitimate global registries, use a namespaced object (e.g., `window.__myApp.axios`)."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED045", "name": "[MINED045] Ts Non Null Assertion (and 103 more): Same pattern found in 103 additional files. Review if needed.", "shortDescription": {"text": "[MINED045] Ts Non Null Assertion (and 103 more): Same pattern found in 103 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED048", "name": "[MINED048] Php Error Suppress (and 180 more): Same pattern found in 180 additional files. Review if needed.", "shortDescription": {"text": "[MINED048] Php Error Suppress (and 180 more): Same pattern found in 180 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 8 more): Same pattern found in 8 addit", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED008", "name": "[MINED008] Swift Force Unwrap (and 27 more): Same pattern found in 27 additional files. Review if needed.", "shortDescription": {"text": "[MINED008] Swift Force Unwrap (and 27 more): Same pattern found in 27 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-476 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at ", "shortDescription": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compro"}, "fullDescription": {"text": "Replace with: `uses: actions/upload-artifact@<40-char-sha>  # v4` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.y` used but never assigned in __init__: Method `dict` of class `Point` reads `self.y`, but no assignmen", "shortDescription": {"text": "[MINED108] `self.y` used but never assigned in __init__: Method `dict` of class `Point` reads `self.y`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs agai"}, "fullDescription": {"text": "Initialize `self.y = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_new_windows_field_rejected: Test function `test_new_windows_field_rejected` runs ", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_new_windows_field_rejected: Test function `test_new_windows_field_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verif"}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED110", "name": "[MINED110] Blocking call `input` inside async function `main`: `input` is a synchronous (blocking) call. When invoked in", "shortDescription": {"text": "[MINED110] Blocking call `input` inside async function `main`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "fullDescription": {"text": "Use the async equivalent: `aiohttp` instead of `requests`, `asyncio.sleep` instead of `time.sleep`, `aiofiles` instead of `open`."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC085", "name": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. ", "shortDescription": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "fullDescription": {"text": "Use execFile / spawn with separate args array; never pass shell strings."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC083", "name": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported fr", "shortDescription": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "fullDescription": {"text": "Use a literal RegExp or whitelist-validate user input before constructing patterns."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC021", "name": "[SEC021] Shell Trace Around Secret Handling: Shell xtrace is enabled near secret handling. CI and deployment logs can ec", "shortDescription": {"text": "[SEC021] Shell Trace Around Secret Handling: Shell xtrace is enabled near secret handling. CI and deployment logs can echo every command and expand secret values, turning a safe secret-store lookup into a credential leak."}, "fullDescription": {"text": "Disable xtrace before reading secrets, re-enable it only after secret handling, and rotate any secret exposed in logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC103", "name": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inje", "shortDescription": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "fullDescription": {"text": "Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders)."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. T", "shortDescription": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import stat` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf.", "shortDescription": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED035", "name": "[MINED035] Js New Function: new Function(...) compiles strings to functions.", "shortDescription": {"text": "[MINED035] Js New Function: new Function(...) compiles strings to functions."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1290"}, "properties": {"repository": "gnachman/iTerm2", "repoUrl": "https://github.com/gnachman/iTerm2", "branch": "master"}, "results": [{"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `types-protobuf` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 130960, "scanner": "repobility-supply-chain", "fingerprint": "271f476f4c2f8cd4aaab2df1d94a490a7eba355d6896d7f6993cc60e3757be87", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|271f476f4c2f8cd4aaab2df1d94a490a7eba355d6896d7f6993cc60e3757be87"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/requirements-dev.txt"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `parse` (dict): `def parse(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130958, "scanner": "repobility-ast-engine", "fingerprint": "4f3f67a87d3ae4c1e9efaffd421f1d0e31d8ac60520d9c0da9050bd425aebac1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4f3f67a87d3ae4c1e9efaffd421f1d0e31d8ac60520d9c0da9050bd425aebac1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/ply/ply-3.4/ply/cpp.py"}, "region": {"startLine": 855}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `async_get_default` (list): `def async_get_default(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130957, "scanner": "repobility-ast-engine", "fingerprint": "7f85dfc297ca64ba25fc66e6729b0d014074959f6587eacf027c4d887a97dfb7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7f85dfc297ca64ba25fc66e6729b0d014074959f6587eacf027c4d887a97dfb7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/profile.py"}, "region": {"startLine": 6561}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `async_query` (list): `def async_query(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130956, "scanner": "repobility-ast-engine", "fingerprint": "8d82fbdb64a3095c398aac58f8f1a63b2fd5a3501c037d62afedc617699c3a98", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8d82fbdb64a3095c398aac58f8f1a63b2fd5a3501c037d62afedc617699c3a98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/profile.py"}, "region": {"startLine": 6527}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130954, "scanner": "repobility-ast-engine", "fingerprint": "1b67dfbb185223e97a09f46e09b188d306f5e5f84a45f5c6957bc1adb598422b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1b67dfbb185223e97a09f46e09b188d306f5e5f84a45f5c6957bc1adb598422b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/auth.py"}, "region": {"startLine": 152}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130953, "scanner": "repobility-ast-engine", "fingerprint": "787ba9d289f0d78248684965d986833993fbb5777bc90a9488576017f8e902bf", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|787ba9d289f0d78248684965d986833993fbb5777bc90a9488576017f8e902bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/auth.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130951, "scanner": "repobility-ast-engine", "fingerprint": "b98c98a61d43ee78d55e4ff62d6159df58d03c64058ed487d40eb5fc817d1f2f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b98c98a61d43ee78d55e4ff62d6159df58d03c64058ed487d40eb5fc817d1f2f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/tab.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130939, "scanner": "repobility-ast-engine", "fingerprint": "999c27ae1bfe0378ac95f3b41eca0e8b65828f3b15c340fc81ee92c85e75f6a4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|999c27ae1bfe0378ac95f3b41eca0e8b65828f3b15c340fc81ee92c85e75f6a4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/statusbar.py"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `async_subscribe_to_server_originated_rpc_notification` (dict): `def async_subscribe_to_server_originated_rpc_notification(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130938, "scanner": "repobility-ast-engine", "fingerprint": "e4b1ef1a1e0191e592c589e269ddabdb4f2037d8c434f93c0da0776251011cb8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e4b1ef1a1e0191e592c589e269ddabdb4f2037d8c434f93c0da0776251011cb8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/notifications.py"}, "region": {"startLine": 295}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `async_subscribe_to_server_originated_rpc_notification` (list): `def async_subscribe_to_server_originated_rpc_notification(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130937, "scanner": "repobility-ast-engine", "fingerprint": "6dea085eaed78f8a609e0a55d9154ec1500752e064d9e5e0c987b3dd2c180b5e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6dea085eaed78f8a609e0a55d9154ec1500752e064d9e5e0c987b3dd2c180b5e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/notifications.py"}, "region": {"startLine": 295}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130932, "scanner": "repobility-ast-engine", "fingerprint": "a48d30553bbe40b941361a4c8a00f857a4f2abd870dc7a149d189103aafd96ed", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a48d30553bbe40b941361a4c8a00f857a4f2abd870dc7a149d189103aafd96ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1345}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130931, "scanner": "repobility-ast-engine", "fingerprint": "3766830e99a3d9ccc8dfddeb146e53197f1526941d3df75cbf470d2abcfd21b2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3766830e99a3d9ccc8dfddeb146e53197f1526941d3df75cbf470d2abcfd21b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1244}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130930, "scanner": "repobility-ast-engine", "fingerprint": "c8d6b5b9043d39207f39d883a7efc7e4feb40be3d5bcb2e7cc28ac76de37fda5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c8d6b5b9043d39207f39d883a7efc7e4feb40be3d5bcb2e7cc28ac76de37fda5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1227}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130929, "scanner": "repobility-ast-engine", "fingerprint": "5e57cdf8458ce2836b6e6c59fa63c89e63d8c3d2c026ae731a5c3ab386669c4d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5e57cdf8458ce2836b6e6c59fa63c89e63d8c3d2c026ae731a5c3ab386669c4d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1218}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130928, "scanner": "repobility-ast-engine", "fingerprint": "ccb8fb6c5dfd3716f76ea92e248a2ffcc6751ccf1c01b01de4a394390e2979e2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ccb8fb6c5dfd3716f76ea92e248a2ffcc6751ccf1c01b01de4a394390e2979e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1208}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130927, "scanner": "repobility-ast-engine", "fingerprint": "30cf4847361900121b2a4f7e6be846721c9b19c22bf27164256f31d619cb69ac", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|30cf4847361900121b2a4f7e6be846721c9b19c22bf27164256f31d619cb69ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1198}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130926, "scanner": "repobility-ast-engine", "fingerprint": "f0689d501d8bf0fc8b37cac37ee3fa0c5c6c19a1133adf3eeb49c4bc1c9c1c45", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f0689d501d8bf0fc8b37cac37ee3fa0c5c6c19a1133adf3eeb49c4bc1c9c1c45"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1190}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130925, "scanner": "repobility-ast-engine", "fingerprint": "e8c1b027ac543bd2970b32cb11d2498f174fb9778ad97f4620f0bd584080e994", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e8c1b027ac543bd2970b32cb11d2498f174fb9778ad97f4620f0bd584080e994"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1181}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130924, "scanner": "repobility-ast-engine", "fingerprint": "7a20b108693cc4785e19b30f79fd83ec25f1a68708dbf9ab41e42565efb767bd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a20b108693cc4785e19b30f79fd83ec25f1a68708dbf9ab41e42565efb767bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1172}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130923, "scanner": "repobility-ast-engine", "fingerprint": "844ff90e074898d3b46b084ce2cb1e3d33e34d7c6c1b2e78ddde75a44c3968f7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|844ff90e074898d3b46b084ce2cb1e3d33e34d7c6c1b2e78ddde75a44c3968f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1157}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130922, "scanner": "repobility-ast-engine", "fingerprint": "fdd4b51ba05ba8a5d23fcc9c9d099d83c5a2ddb4ef422fb368fdf6b8eb904772", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fdd4b51ba05ba8a5d23fcc9c9d099d83c5a2ddb4ef422fb368fdf6b8eb904772"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1026}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130921, "scanner": "repobility-ast-engine", "fingerprint": "5e71c118537aca8c87c69c3fb668d7cfff81043474d78942109043407043b34a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5e71c118537aca8c87c69c3fb668d7cfff81043474d78942109043407043b34a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1008}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130920, "scanner": "repobility-ast-engine", "fingerprint": "b6e06c668727b0479fbbe077bed6af580f4789363c62946e2d9b8a91687ecb3e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b6e06c668727b0479fbbe077bed6af580f4789363c62946e2d9b8a91687ecb3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 911}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130919, "scanner": "repobility-ast-engine", "fingerprint": "80d32588405294e7fd9415caab06518a7902165028c0525f4b6d008a4ea5ca54", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|80d32588405294e7fd9415caab06518a7902165028c0525f4b6d008a4ea5ca54"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 894}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130918, "scanner": "repobility-ast-engine", "fingerprint": "8a53e8c928b6af51f2d7a557550c974f6410041726ce14dd7b5e3396a33a34df", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8a53e8c928b6af51f2d7a557550c974f6410041726ce14dd7b5e3396a33a34df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 713}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130910, "scanner": "repobility-ast-engine", "fingerprint": "243a5fee8819f62725420c57d81e93f7c68d1c97c4490733e09c82790ebcc9c6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|243a5fee8819f62725420c57d81e93f7c68d1c97c4490733e09c82790ebcc9c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/slowcat.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130909, "scanner": "repobility-ast-engine", "fingerprint": "c7c1a978c5ddd59d8869b76c3e04f05db79ad7dae3626a350b4892c223387da8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c7c1a978c5ddd59d8869b76c3e04f05db79ad7dae3626a350b4892c223387da8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 1546}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `osc` (list): `def osc(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 130883, "scanner": "repobility-ast-engine", "fingerprint": "f8ff071ed34890723de65dcbe5d12e1e21c53e0e24da0d9f9fa84f9314d77f85", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f8ff071ed34890723de65dcbe5d12e1e21c53e0e24da0d9f9fa84f9314d77f85"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/osc4-and-friends.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130877, "scanner": "repobility-ast-engine", "fingerprint": "3a78463f819454e397925ddc46b011d2f2369bc70af5f23524fd11b6ef5768d4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3a78463f819454e397925ddc46b011d2f2369bc70af5f23524fd11b6ef5768d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130876, "scanner": "repobility-ast-engine", "fingerprint": "1dce578a3eaad99d5df4cdc928036695e04b12762e3f903649b8c4d0be96a175", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1dce578a3eaad99d5df4cdc928036695e04b12762e3f903649b8c4d0be96a175"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130875, "scanner": "repobility-ast-engine", "fingerprint": "1fc1814d0c12b4d78a0c5788e0f31ede9ed283780fa8910cb5f956d55fa14b6e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1fc1814d0c12b4d78a0c5788e0f31ede9ed283780fa8910cb5f956d55fa14b6e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 69}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130866, "scanner": "repobility-ast-engine", "fingerprint": "dbea5f9161ca01ddcebd138d91ba4b2fb5ef9a7402537e416e1629de254dbf52", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dbea5f9161ca01ddcebd138d91ba4b2fb5ef9a7402537e416e1629de254dbf52"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/basechars.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130865, "scanner": "repobility-ast-engine", "fingerprint": "6665cbebfe67cf0b85ca2051078f54826e1728e02246c2c339aa2d4c5f84f7e6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6665cbebfe67cf0b85ca2051078f54826e1728e02246c2c339aa2d4c5f84f7e6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/emoji.py"}, "region": {"startLine": 238}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 130864, "scanner": "repobility-ast-engine", "fingerprint": "0384ad31713339d4c69487d6b6e345f1a0fb26c5ae5805baaf43e40caec57711", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0384ad31713339d4c69487d6b6e345f1a0fb26c5ae5805baaf43e40caec57711"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/analyze_restorable_state.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 130862, "scanner": "repobility-agent-runtime", "fingerprint": "647c8c7165285184c5c6dae414fb9b7080aed0e93b76e21b440987f1143f0353", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|647c8c7165285184c5c6dae414fb9b7080aed0e93b76e21b440987f1143f0353"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "README.md"}, "region": {"startLine": 79}}}]}, {"ruleId": "SEC001", "level": "warning", "message": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "properties": {"repobilityId": 130830, "scanner": "repobility-threat-engine", "fingerprint": "d82861ea2c483c28136a8606bac01f7e99b4681170384ed06131cfef59e0cf11", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Low entropy value (3.3 bits) \u2014 may be placeholder or common string", "evidence": {"match": "Password = \"<redacted>\"", "reason": "Low entropy value (3.3 bits) \u2014 may be placeholder or common string", "rule_id": "SEC001", "scanner": "repobility-threat-engine", "confidence": 0.3, "correlation_key": "secret|token|3|password redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/PasswordManager/PasswordManagerDataSourceProvider.swift"}, "region": {"startLine": 34}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 130821, "scanner": "repobility-threat-engine", "fingerprint": "aaced4d402c846ce6345bc84ac2c380cd7a96052defbcb346b54c6d6fe6e55aa", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "} catch (e) {\n            return null;\n        }", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|aaced4d402c846ce6345bc84ac2c380cd7a96052defbcb346b54c6d6fe6e55aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/PageSaver/extract-resources.js"}, "region": {"startLine": 10}}}]}, {"ruleId": "SEC002", "level": "warning", "message": {"text": "[SEC002] Hardcoded API Key: Hardcoded API key found in source code."}, "properties": {"repobilityId": 130819, "scanner": "repobility-threat-engine", "fingerprint": "83223ff1ad963e96caa9a4277faf5fcc42812411d75d2bb2f9f3cae761e51f8b", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Low entropy value (3.7 bits) \u2014 may be placeholder or common string", "evidence": {"match": "APIKey = \"<redacted>\"", "reason": "Low entropy value (3.7 bits) \u2014 may be placeholder or common string", "rule_id": "SEC002", "scanner": "repobility-threat-engine", "confidence": 0.3, "correlation_key": "secret|token|9|apikey redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "pwmplugin/Sources/iterm2-test-adapter/main.swift"}, "region": {"startLine": 94}}}]}, {"ruleId": "SEC134", "level": "warning", "message": {"text": "[SEC134] AI scaffold leftover \u2014 Lorem ipsum / example.com / John Doe in code: Lorem ipsum / John Doe / example.com left in non-test code. AI agents emit these as 'reasonable defaults' when they don't know real values; the human then forgets to swap them. In production, these break demo flows, send mail to a real example.com host (it's owned by IANA), and leak that the codebase had an AI scaffolding pass."}, "properties": {"repobilityId": 130817, "scanner": "repobility-threat-engine", "fingerprint": "b0c875977953a650e62f00e62048da6f1a8df6cc117538b0ac2325c8ff8994dc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"foo bar\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC134", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b0c875977953a650e62f00e62048da6f1a8df6cc117538b0ac2325c8ff8994dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "iTerm2XCTests/iTermPreferencesSearchTests.m"}, "region": {"startLine": 25}}}]}, {"ruleId": "SEC015", "level": "warning", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 130801, "scanner": "repobility-threat-engine", "fingerprint": "2c81f3dd9942ec2e8fcc1fdff5fd748e40b47f2a7bad33223e3c23d507e4e16f", "category": "crypto", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "evidence": {"match": "sessionId: Math.random", "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|crypto|token|71|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/test-extensions/storage-demo/background.js"}, "region": {"startLine": 71}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 130787, "scanner": "repobility-threat-engine", "fingerprint": "e7905951ba9dbcf90975a3bdcb671cb4def4ab13d6e1b8d4a143813f223ded0e", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "catch (e) {}", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e7905951ba9dbcf90975a3bdcb671cb4def4ab13d6e1b8d4a143813f223ded0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/Core/cloak-page-world.js"}, "region": {"startLine": 34}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 130786, "scanner": "repobility-threat-engine", "fingerprint": "71d932ab41febb858e8250488c2255007339b08a0ec6d502ffad7b6bf0e24967", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "catch (e) {\n    }", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|71d932ab41febb858e8250488c2255007339b08a0ec6d502ffad7b6bf0e24967"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/CopyMode/copy-mode-util.js"}, "region": {"startLine": 128}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 130785, "scanner": "repobility-threat-engine", "fingerprint": "77c0b6e46aa5efa953a0de0ee1655c3adf20db0a252cd9f72d83a475ca93809b", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "catch (e) {}", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|77c0b6e46aa5efa953a0de0ee1655c3adf20db0a252cd9f72d83a475ca93809b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Resources/JavaScript/dom-nuke.js"}, "region": {"startLine": 147}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 130783, "scanner": "repobility-threat-engine", "fingerprint": "fcbacc2cdaa8f9bf1a273ab6294b5e486b6155176e5e5fd9cb5d4362b3b37513", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".exec(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|11|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/WebViewAdditions/extend-selection-bigword.js"}, "region": {"startLine": 11}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 130781, "scanner": "repobility-threat-engine", "fingerprint": "de759a638e3dc0d5c49e220d72eb1c8ab93c2bdb2b71e180cfb6d7d050d12af9", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new Function(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|49|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Resources/JavaScript/content-script-injector.js"}, "region": {"startLine": 49}}}]}, {"ruleId": "WEB005", "level": "note", "message": {"text": "robots.txt does not advertise a sitemap"}, "properties": {"repobilityId": 130863, "scanner": "repobility-web-presence", "fingerprint": "645a7b278b543409db93c9918bcc11cb3984994b642cbbb2848f97e7f1506d8c", "category": "quality", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Discovered robots file or route lacks a Sitemap directive.", "evidence": {"rule_id": "WEB005", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9309", "https://www.sitemaps.org/protocol.html"], "correlation_key": "fp|645a7b278b543409db93c9918bcc11cb3984994b642cbbb2848f97e7f1506d8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/test-extensions/custom-user-agent/content.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130861, "scanner": "repobility-ai-code-hygiene", "fingerprint": "39accda88c8e340f19af4fda6eae7e53dcc707cc1a0646b1d1c42a939ad70d00", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ThirdParty/BTree/Map.swift", "duplicate_line": 52, "correlation_key": "fp|39accda88c8e340f19af4fda6eae7e53dcc707cc1a0646b1d1c42a939ad70d00"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ThirdParty/BTree/SortedSet.swift"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130860, "scanner": "repobility-ai-code-hygiene", "fingerprint": "450d0710e2ad617a48e155fc1188eb56a36d141d4c5d4fdcaef68049e4707139", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ThirdParty/BTree/Map.swift", "duplicate_line": 52, "correlation_key": "fp|450d0710e2ad617a48e155fc1188eb56a36d141d4c5d4fdcaef68049e4707139"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ThirdParty/BTree/SortedBag.swift"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130859, "scanner": "repobility-ai-code-hygiene", "fingerprint": "85ab280aaad80128c4ff655f3762d83ed647f6030080bc6acc3094d292f5be12", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ThirdParty/BTree/List.swift", "duplicate_line": 115, "correlation_key": "fp|85ab280aaad80128c4ff655f3762d83ed647f6030080bc6acc3094d292f5be12"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ThirdParty/BTree/Map.swift"}, "region": {"startLine": 105}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130858, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5c76845fcaba9d271d6a3fd59bdda794a3e446180c1758f11caba9a3571fb225", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ThirdParty/BTree/BTreeCursor.swift", "duplicate_line": 103, "correlation_key": "fp|5c76845fcaba9d271d6a3fd59bdda794a3e446180c1758f11caba9a3571fb225"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ThirdParty/BTree/BTreeIterator.swift"}, "region": {"startLine": 73}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130857, "scanner": "repobility-ai-code-hygiene", "fingerprint": "07878b7800b553ebf38f164a9dd15a5b716cab735f501c0e496efb80769060ae", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ThirdParty/BTree/BTreeCursor.swift", "duplicate_line": 121, "correlation_key": "fp|07878b7800b553ebf38f164a9dd15a5b716cab735f501c0e496efb80769060ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ThirdParty/BTree/BTreeIndex.swift"}, "region": {"startLine": 118}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130856, "scanner": "repobility-ai-code-hygiene", "fingerprint": "86109cd80d6f67a8af228454df87bf72c7d3fac1b1621453057d1bb07ade2a83", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "SearchableComboListView/SearchableComboView/SearchableComboViewStringAdditions.swift", "duplicate_line": 1, "correlation_key": "fp|86109cd80d6f67a8af228454df87bf72c7d3fac1b1621453057d1bb07ade2a83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboViewStringAdditions.swift"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130855, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6595d96f315831c8cc43d76822432484baac9ca1bd122b2ed734a156c6d908c8", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "SearchableComboListView/SearchableComboView.swift", "duplicate_line": 11, "correlation_key": "fp|6595d96f315831c8cc43d76822432484baac9ca1bd122b2ed734a156c6d908c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboView/SearchableComboView.swift"}, "region": {"startLine": 11}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130854, "scanner": "repobility-ai-code-hygiene", "fingerprint": "51f98e9d470e8f35f7d72a098ad771883badc659e4ee524740f5b825074bc495", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BetterFontPicker/BetterFontPicker/TableViewController.swift", "duplicate_line": 107, "correlation_key": "fp|51f98e9d470e8f35f7d72a098ad771883badc659e4ee524740f5b825074bc495"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboView/SearchableComboTableViewController.swift"}, "region": {"startLine": 286}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130853, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e115955670cafaebdbf2f3dc1c7f1f084414fa6f65a442ee5f867b75c8c39577", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "SearchableComboListView/SearchableComboTableViewController.swift", "duplicate_line": 9, "correlation_key": "fp|e115955670cafaebdbf2f3dc1c7f1f084414fa6f65a442ee5f867b75c8c39577"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboView/SearchableComboTableViewController.swift"}, "region": {"startLine": 102}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130852, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d40b5a3be0e7effa019e88ec86e33fa68cf9ab322938ad8f8826bd4916b035c2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "SearchableComboListView/SearchableComboListViewController.swift", "duplicate_line": 13, "correlation_key": "fp|d40b5a3be0e7effa019e88ec86e33fa68cf9ab322938ad8f8826bd4916b035c2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboView/SearchableComboListViewController.swift"}, "region": {"startLine": 19}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130851, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1379eaf885b889d872d25a1203629b242c2c2110371375acb237d4b25c2210c3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "SearchableComboListView/SearchableComboListSearchField.swift", "duplicate_line": 1, "correlation_key": "fp|1379eaf885b889d872d25a1203629b242c2c2110371375acb237d4b25c2210c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboView/SearchableComboListSearchField.swift"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130850, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ed9f25515866aa7d631981b46a3174d71afae8b864d1de1e55accb09c78c780a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BetterFontPicker/BetterFontPicker/FontPickerPanel.swift", "duplicate_line": 3, "correlation_key": "fp|ed9f25515866aa7d631981b46a3174d71afae8b864d1de1e55accb09c78c780a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboView.swift"}, "region": {"startLine": 38}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130849, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fb6784bac6a9454ba190243a52bd75abf6dca822ad6b6f2df216075f1b30e162", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BetterFontPicker/BetterFontPicker/TableViewController.swift", "duplicate_line": 107, "correlation_key": "fp|fb6784bac6a9454ba190243a52bd75abf6dca822ad6b6f2df216075f1b30e162"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboTableViewController.swift"}, "region": {"startLine": 160}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130848, "scanner": "repobility-ai-code-hygiene", "fingerprint": "de333d66d3b691d61277afc53082375f22fce139ab4b7f115a857054a49a0bcf", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BetterFontPicker/BetterFontPicker.framework/Versions/A/Headers/BetterFontPicker-Swift.h", "duplicate_line": 1, "correlation_key": "fp|de333d66d3b691d61277afc53082375f22fce139ab4b7f115a857054a49a0bcf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SearchableComboListView/SearchableComboListView.framework/Versions/A/Headers/SearchableComboListView-Swift.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130847, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7fd17c36d1e9f9ef9f48e91ab136b0150ef73a386a696dc2fbd65ecf154d0b55", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermLegacyStyleStringTest.swift", "duplicate_line": 232, "correlation_key": "fp|7fd17c36d1e9f9ef9f48e91ab136b0150ef73a386a696dc2fbd65ecf154d0b55"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermSubStringTests.swift"}, "region": {"startLine": 202}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130846, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1e67778889bd20a29d4e2b645323f9bc983495f000a59184cb3b6f9740c17a80", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermLegacyMutableStringTest.swift", "duplicate_line": 386, "correlation_key": "fp|1e67778889bd20a29d4e2b645323f9bc983495f000a59184cb3b6f9740c17a80"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermSubStringTests.swift"}, "region": {"startLine": 201}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130845, "scanner": "repobility-ai-code-hygiene", "fingerprint": "82988513457d55c45f688df580e3c85789bd4409c88e7f4ea1b93a4dedfdd7ca", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermRopeTest.swift", "duplicate_line": 354, "correlation_key": "fp|82988513457d55c45f688df580e3c85789bd4409c88e7f4ea1b93a4dedfdd7ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermSubStringTests.swift"}, "region": {"startLine": 198}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130844, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bfc5f2faf3f9852e3476d8426f974ca9affeddca848d73625e37170920dfb213", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermLegacyStyleStringTest.swift", "duplicate_line": 232, "correlation_key": "fp|bfc5f2faf3f9852e3476d8426f974ca9affeddca848d73625e37170920dfb213"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermRopeTest.swift"}, "region": {"startLine": 358}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130843, "scanner": "repobility-ai-code-hygiene", "fingerprint": "71091a31eac641b94a8c824e84bb2034f331dc7f2a892cc72f7aa3a335ebe1f7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermLegacyMutableStringTest.swift", "duplicate_line": 386, "correlation_key": "fp|71091a31eac641b94a8c824e84bb2034f331dc7f2a892cc72f7aa3a335ebe1f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermRopeTest.swift"}, "region": {"startLine": 357}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130842, "scanner": "repobility-ai-code-hygiene", "fingerprint": "de23976b9014e787b8837eca68b94adbba306a868c44dfa50f45ac1a9275cb78", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermLegacyMutableStringTest.swift", "duplicate_line": 94, "correlation_key": "fp|de23976b9014e787b8837eca68b94adbba306a868c44dfa50f45ac1a9275cb78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermMutableRopeTest.swift"}, "region": {"startLine": 61}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130841, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e2e205a8c74428cdd861178624dfa9556be13c55923ee84f447a0230b40230de", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermLegacyMutableStringTest.swift", "duplicate_line": 386, "correlation_key": "fp|e2e205a8c74428cdd861178624dfa9556be13c55923ee84f447a0230b40230de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermLegacyStyleStringTest.swift"}, "region": {"startLine": 231}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130840, "scanner": "repobility-ai-code-hygiene", "fingerprint": "44db64ec185d05c7bbc5a0b4a61529d2daf2e885d891bb46322673cf2ade0d04", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/MutableScreenCharArrayTests.swift", "duplicate_line": 6, "correlation_key": "fp|44db64ec185d05c7bbc5a0b4a61529d2daf2e885d891bb46322673cf2ade0d04"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermLegacyMutableStringTest.swift"}, "region": {"startLine": 6}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130839, "scanner": "repobility-ai-code-hygiene", "fingerprint": "58c3b649aeee0ba61eca0bd0b2262ebf22482560725f8a5b9988399ee5712645", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/iTermGraphDeltaEncoderTests.swift", "duplicate_line": 4, "correlation_key": "fp|58c3b649aeee0ba61eca0bd0b2262ebf22482560725f8a5b9988399ee5712645"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermLazyLoadingTests.swift"}, "region": {"startLine": 216}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130838, "scanner": "repobility-ai-code-hygiene", "fingerprint": "31b938675ac5e6bafa45888aa0db498bb1dd094bdb407e3d99885491408d3231", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/MutableScreenCharArrayTests.swift", "duplicate_line": 5, "correlation_key": "fp|31b938675ac5e6bafa45888aa0db498bb1dd094bdb407e3d99885491408d3231"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermASCIIStringTest.swift"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130837, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6f09ca32842f469d21fde32153ac9c1bc0705a0998e4dcf2418557136538b589", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/ExpressionSystemIntegrationTests.swift", "duplicate_line": 4, "correlation_key": "fp|6f09ca32842f469d21fde32153ac9c1bc0705a0998e4dcf2418557136538b589"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/SubexpressionTests.swift"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130836, "scanner": "repobility-ai-code-hygiene", "fingerprint": "61cf0df9057d5e6424718c7263385e984fc98b78143b763eeeac2688a985ffc4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ModernTests/ExpressionSystemIntegrationTests.swift", "duplicate_line": 4, "correlation_key": "fp|61cf0df9057d5e6424718c7263385e984fc98b78143b763eeeac2688a985ffc4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/IndirectValueTests.swift"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130835, "scanner": "repobility-ai-code-hygiene", "fingerprint": "05a791f7dc6465aaeb321b9fa78591fade22e424011e8d263a04c2e5d5f188d4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ColorPicker/ColorPicker.framework/Versions/A/Headers/CPKPopover.h", "duplicate_line": 1, "correlation_key": "fp|05a791f7dc6465aaeb321b9fa78591fade22e424011e8d263a04c2e5d5f188d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKPopover.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130834, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0c8db4fbe08cb30aa81f50095b2fda37ae78fadec43dd216f2f03f9b7055e12c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ColorPicker/ColorPicker.framework/Versions/A/Headers/CPKMainViewController.h", "duplicate_line": 1, "correlation_key": "fp|0c8db4fbe08cb30aa81f50095b2fda37ae78fadec43dd216f2f03f9b7055e12c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKMainViewController.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130833, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8170e17f7bfe954c0699ad5de901c4c945b6f616a93e8d7dc6b315cc40971886", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "ColorPicker/ColorPicker.framework/Versions/A/Headers/CPKColorWell.h", "duplicate_line": 1, "correlation_key": "fp|8170e17f7bfe954c0699ad5de901c4c945b6f616a93e8d7dc6b315cc40971886"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKColorWell.h"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 130832, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a5f2df768c22ff61c733edb216efc44ba93d4a7dc3afdcb0a9692db5326587cc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BetterFontPicker/BetterFontPicker/Affordance.swift", "duplicate_line": 52, "correlation_key": "fp|a5f2df768c22ff61c733edb216efc44ba93d4a7dc3afdcb0a9692db5326587cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BetterFontPicker/BetterFontPicker/FontFamilyMemberPickerView.swift"}, "region": {"startLine": 76}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 130824, "scanner": "repobility-threat-engine", "fingerprint": "d547aa0e704f81f824ff1072123be236f6acc32ee9274abe39e6be59eaafe218", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"(function() {\" + js + \"})();\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d547aa0e704f81f824ff1072123be236f6acc32ee9274abe39e6be59eaafe218"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/RegexVisualization/SVGViewController.swift"}, "region": {"startLine": 54}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 130823, "scanner": "repobility-threat-engine", "fingerprint": "c93e45eb238db3eb556f671be411e3e9cb22356c7ca75225717f40a1eaeca940", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"<style>body { \" + style + \"}</style>\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c93e45eb238db3eb556f671be411e3e9cb22356c7ca75225717f40a1eaeca940"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Formatting/HTMLEncoding.swift"}, "region": {"startLine": 39}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `emit` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: for=4, if=1, nested_bonus=3."}, "properties": {"repobilityId": 130808, "scanner": "repobility-threat-engine", "fingerprint": "08df4c537cd39b71396bcd52ae37284fd5c0b642ff5dfed1c29b490ff5bfcdbe", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "emit", "breakdown": {"if": 1, "for": 4, "nested_bonus": 3}, "complexity": 8, "correlation_key": "fp|08df4c537cd39b71396bcd52ae37284fd5c0b642ff5dfed1c29b490ff5bfcdbe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/gen_mainmenu.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `search_container` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, else=1, except=1, for=1, if=3, nested_bonus=4, recursion=1."}, "properties": {"repobilityId": 130807, "scanner": "repobility-threat-engine", "fingerprint": "be29706f5261c4f4e63d7854c11c5414797105ffaf5a312ca0076eedfa50b53b", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 12 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "search_container", "breakdown": {"if": 3, "for": 1, "else": 1, "except": 1, "continue": 1, "recursion": 1, "nested_bonus": 4}, "complexity": 12, "correlation_key": "fp|be29706f5261c4f4e63d7854c11c5414797105ffaf5a312ca0076eedfa50b53b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/gen_mainmenu.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `search_container` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, else=1, except=1, for=1, if=3, nested_bonus=4, recursion=1."}, "properties": {"repobilityId": 130806, "scanner": "repobility-threat-engine", "fingerprint": "b4419eca420f689839db3dea1e3244b8f49c1f282b606e6e3b67b3aa600a0cd0", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 12 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "search_container", "breakdown": {"if": 3, "for": 1, "else": 1, "except": 1, "continue": 1, "recursion": 1, "nested_bonus": 4}, "complexity": 12, "correlation_key": "fp|b4419eca420f689839db3dea1e3244b8f49c1f282b606e6e3b67b3aa600a0cd0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/docs/generate_menu_ids.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 130795, "scanner": "repobility-threat-engine", "fingerprint": "2211096468c4736dad5d7349a246068bedc6b8f0c685de3f06a85bf6467dea7f", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = `", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|token|166|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/History/history-page.js"}, "region": {"startLine": 166}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 130794, "scanner": "repobility-threat-engine", "fingerprint": "7933e2260155cf4f7e8de284b268cb781dad1fa3e89109d4aa7c316e3747ed81", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = `", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|token|19|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/test-extensions/custom-user-agent/popup.js"}, "region": {"startLine": 19}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 130793, "scanner": "repobility-threat-engine", "fingerprint": "7d5b3c2205dd60fcb0cf6a97d9704b68ea54e254e91b106fdffc52d2c4c26bf2", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = `", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|token|27|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/test-extensions/custom-user-agent/content.js"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 130829, "scanner": "repobility-threat-engine", "fingerprint": "0a334e340e23235d6ebde71ba1931a395f5bc10b1df70da2536c049af72cad86", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0a334e340e23235d6ebde71ba1931a395f5bc10b1df70da2536c049af72cad86"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/MetalRenderer/Renderers/iTermTexturePageCollection.h"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 130828, "scanner": "repobility-threat-engine", "fingerprint": "6c06b302df2bf46e25454e5333c9d78460fe5c635787f21241d37d0351cb2bb3", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6c06b302df2bf46e25454e5333c9d78460fe5c635787f21241d37d0351cb2bb3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Infrastructure/iTermTaskQueue.mm"}, "region": {"startLine": 73}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 130827, "scanner": "repobility-threat-engine", "fingerprint": "8aa0c51380d0a1bee33e0ec8a95881de44c847c694378ab17e395cc4ae3d7bda", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8aa0c51380d0a1bee33e0ec8a95881de44c847c694378ab17e395cc4ae3d7bda"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Tasks/iTermClientServerProtocol.c"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 130826, "scanner": "repobility-threat-engine", "fingerprint": "68c806b6985d522d36645b7360fae2ec9cc3db3833b4dc4d4e438661212578ba", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|68c806b6985d522d36645b7360fae2ec9cc3db3833b4dc4d4e438661212578ba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/MetalRenderer/iTermBackgroundColorRLETestHelper.m"}, "region": {"startLine": 80}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 130825, "scanner": "repobility-threat-engine", "fingerprint": "2a78c16269a16ea605a68b182a0ab1058462e330aef4a55c4d0b5e6a6a1c16bd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2a78c16269a16ea605a68b182a0ab1058462e330aef4a55c4d0b5e6a6a1c16bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Infrastructure/iTermMalloc.m"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 130816, "scanner": "repobility-threat-engine", "fingerprint": "876b7dbcb0bce256de5aa2d6de2fdf0719e61a2cfb2ec7893a0d4102c0ba9258", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|876b7dbcb0bce256de5aa2d6de2fdf0719e61a2cfb2ec7893a0d4102c0ba9258"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/setup.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 130815, "scanner": "repobility-threat-engine", "fingerprint": "3bb3e951fc3302c148aa9f4623b4403b36931042e303c621a940bf2df0e6837f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3bb3e951fc3302c148aa9f4623b4403b36931042e303c621a940bf2df0e6837f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/auth.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 130814, "scanner": "repobility-threat-engine", "fingerprint": "95cc9797c40c926759aaa04a4225f0a4ae4f9faafb543c58446c2f46cd9cfe9e", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|95cc9797c40c926759aaa04a4225f0a4ae4f9faafb543c58446c2f46cd9cfe9e", "aggregated_count": 2}}}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 130809, "scanner": "repobility-threat-engine", "fingerprint": "33f8a11bb9950391724aaaf564313c9967d2e5a2c97736723f8a42124b41d155", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "search_container", "breakdown": {"if": 3, "for": 1, "else": 1, "except": 1, "continue": 1, "recursion": 1, "nested_bonus": 4}, "aggregated": true, "complexity": 12, "correlation_key": "fp|33f8a11bb9950391724aaaf564313c9967d2e5a2c97736723f8a42124b41d155", "aggregated_count": 1}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 130805, "scanner": "repobility-threat-engine", "fingerprint": "65bcd7f326bc59f8b4437e46d4ab6a55a7a5b15fd03b0952dee24ac035ca5b3d", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|65bcd7f326bc59f8b4437e46d4ab6a55a7a5b15fd03b0952dee24ac035ca5b3d", "aggregated_count": 5}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 130804, "scanner": "repobility-threat-engine", "fingerprint": "a3e4d9de786c880f948cb19a0738d348dec263003e31ef481d77122b56448282", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a3e4d9de786c880f948cb19a0738d348dec263003e31ef481d77122b56448282"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/color.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 130803, "scanner": "repobility-threat-engine", "fingerprint": "26161f6bd4e8aea103faee441a06041bf38635ac21cd09a0a6d53e070b4805ef", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|26161f6bd4e8aea103faee441a06041bf38635ac21cd09a0a6d53e070b4805ef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/auth.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 130802, "scanner": "repobility-threat-engine", "fingerprint": "1794982fcbad85fe87c58676d67c216239b64c632905a7a01ce0f92da67d639a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|1794982fcbad85fe87c58676d67c216239b64c632905a7a01ce0f92da67d639a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/docs/generate_menu_ids.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "SEC040", "level": "none", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 130800, "scanner": "repobility-threat-engine", "fingerprint": "3dd4caf8fa81c20f9eace7ffa5194145968292c35b4d876b17652877ff96f545", "category": "xss", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|3dd4caf8fa81c20f9eace7ffa5194145968292c35b4d876b17652877ff96f545"}}}, {"ruleId": "SEC006", "level": "none", "message": {"text": "[SEC006] XSS Risk (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 130796, "scanner": "repobility-threat-engine", "fingerprint": "d9f1affcacb96541cb9dfea69fa7d055adaca1abde44138d49cbaaea5562cb22", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|d9f1affcacb96541cb9dfea69fa7d055adaca1abde44138d49cbaaea5562cb22"}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 130792, "scanner": "repobility-threat-engine", "fingerprint": "d438fc2d14c63660d615290dceab2a5421ef5f4c5a8a429a3564895c539fbbc1", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|d438fc2d14c63660d615290dceab2a5421ef5f4c5a8a429a3564895c539fbbc1"}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 130791, "scanner": "repobility-threat-engine", "fingerprint": "ccdc91647f5568f46ecca992e97d1bafbf345457aa2802aa9892807cb6f5fcd9", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "console.error('iTermHoverLinkHandler: Invalid session secret for', methodName)", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|token|10|console.error itermhoverlinkhandler: invalid session secret for methodname"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/Core/hover-link-detector.js"}, "region": {"startLine": 110}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 130790, "scanner": "repobility-threat-engine", "fingerprint": "f29b5c40adf7914a35f7541c652394c28a466e7b2c508e58e2ad7cc2468073cd", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "console.error(\"__ext_setSessionAllowed: token mismatch\")", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|token|6|console.error __ext_setsessionallowed: token mismatch"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Shared/BrowserExtensionAPIDeclarations.swift"}, "region": {"startLine": 66}}}]}, {"ruleId": "ERR002", "level": "none", "message": {"text": "[ERR002] Empty Catch Block (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 130788, "scanner": "repobility-threat-engine", "fingerprint": "e7174d71aa23c14419f9144792a6ba116afcec3004f64b82de4dbf54fc9e1921", "category": "error_handling", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|e7174d71aa23c14419f9144792a6ba116afcec3004f64b82de4dbf54fc9e1921"}}}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 130782, "scanner": "repobility-threat-engine", "fingerprint": "3dcee9344070a063169c92ec8d16b51572abdb95c2aa862c407d1f47aa5db5f9", "category": "injection", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern '\\.eval\\(' detected on same line", "evidence": {"match": ".eval(", "reason": "Safe pattern '\\.eval\\(' detected on same line", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|injection|token|58|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/GraphDiscovery/iTermBrowserGraphDiscoveryHandler.swift"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod (and 38 more): Same pattern found in 38 additional files. Review if needed."}, "properties": {"repobilityId": 130780, "scanner": "repobility-threat-engine", "fingerprint": "f7e05db95400602aa07bd6858d34947e60f7620bb60a4e8e40ed860df7e3ec68", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 38 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|f7e05db95400602aa07bd6858d34947e60f7620bb60a4e8e40ed860df7e3ec68", "aggregated_count": 38}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 130779, "scanner": "repobility-threat-engine", "fingerprint": "df0a31346cdd52153768ffb45c61074a201fe761f70f8cce1b856fe17178d273", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|df0a31346cdd52153768ffb45c61074a201fe761f70f8cce1b856fe17178d273"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Resources/JavaScript/content-script-injector.js"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 130778, "scanner": "repobility-threat-engine", "fingerprint": "a0f06c232c85d939787c6747da257cf2b6cd22329e6010906640ba59d0db728e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a0f06c232c85d939787c6747da257cf2b6cd22329e6010906640ba59d0db728e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Resources/JavaScript/chrome-runtime-api.js"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 130777, "scanner": "repobility-threat-engine", "fingerprint": "17b07da3bde6ce51d6e5bf4940461238d7a26dc6588257daa495dcd9682a00d4", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|17b07da3bde6ce51d6e5bf4940461238d7a26dc6588257daa495dcd9682a00d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Resources/JavaScript/chrome-base.js"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED038", "level": "none", "message": {"text": "[MINED038] Swift Try Bang (and 15 more): Same pattern found in 15 additional files. Review if needed."}, "properties": {"repobilityId": 130776, "scanner": "repobility-threat-engine", "fingerprint": "6f1f3b5626fd0c4e5fadc53dd511720fa264554fc84a1086fa104860fc1278fe", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 15 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "swift-try-bang", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347986+00:00", "triaged_in_corpus": 15, "observations_count": 2002, "ai_coder_pattern_id": 158}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|6f1f3b5626fd0c4e5fadc53dd511720fa264554fc84a1086fa104860fc1278fe", "aggregated_count": 15}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 130772, "scanner": "repobility-threat-engine", "fingerprint": "62ff231053d16ded91f5d63a99a8b7f9a8d879f1bee1b23442cfa6701d92f730", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|62ff231053d16ded91f5d63a99a8b7f9a8d879f1bee1b23442cfa6701d92f730", "aggregated_count": 2}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 130771, "scanner": "repobility-threat-engine", "fingerprint": "a40ebca239f2572db41662e4dad61977df6001a59afe46f25247982267b0fc81", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a40ebca239f2572db41662e4dad61977df6001a59afe46f25247982267b0fc81"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/CopyMode/copy-mode-cursor.js"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 130770, "scanner": "repobility-threat-engine", "fingerprint": "8e04b76d15a42fae62b72e8eb8a776f9958d2956c50c978348c356ae2b3c89ed", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8e04b76d15a42fae62b72e8eb8a776f9958d2956c50c978348c356ae2b3c89ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/setup.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 130769, "scanner": "repobility-threat-engine", "fingerprint": "757c658999afefcffe4d1833495c74e1289618ff10f4e856d39956583927912e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|757c658999afefcffe4d1833495c74e1289618ff10f4e856d39956583927912e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/docs/conf.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED012", "level": "none", "message": {"text": "[MINED012] Curl Pipe Bash (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 130768, "scanner": "repobility-threat-engine", "fingerprint": "8786be8a409eb63c165af6ee6969acf872c54b7cdd53948f18f3b1ba6b8c478f", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "curl-pipe-bash", "owasp": "A08:2021", "cwe_ids": ["CWE-494"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347926+00:00", "triaged_in_corpus": 15, "observations_count": 135001, "ai_coder_pattern_id": 25}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|8786be8a409eb63c165af6ee6969acf872c54b7cdd53948f18f3b1ba6b8c478f", "aggregated_count": 1}}}, {"ruleId": "MINED012", "level": "none", "message": {"text": "[MINED012] Curl Pipe Bash: curl ... | sh / bash \u2014 runs unverified network code."}, "properties": {"repobilityId": 130767, "scanner": "repobility-threat-engine", "fingerprint": "c7e473bec1a121c45d77b8c9db1e4422201938fa1d9622569599a0edd96804f6", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'test\\b' detected on same line", "evidence": {"mined": true, "mining": {"slug": "curl-pipe-bash", "owasp": "A08:2021", "cwe_ids": ["CWE-494"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347926+00:00", "triaged_in_corpus": 15, "observations_count": 135001, "ai_coder_pattern_id": 25}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c7e473bec1a121c45d77b8c9db1e4422201938fa1d9622569599a0edd96804f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/AISafetyClassifierTests.swift"}, "region": {"startLine": 125}}}]}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 72 more): Same pattern found in 72 additional files. Review if needed."}, "properties": {"repobilityId": 130764, "scanner": "repobility-threat-engine", "fingerprint": "1e7e9172f9bcfa2fc6630fde4af88765eb53365a06ad56c69212495859ee7a91", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 72 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 72 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|1e7e9172f9bcfa2fc6630fde4af88765eb53365a06ad56c69212495859ee7a91"}}}, {"ruleId": "MINED098", "level": "none", "message": {"text": "[MINED098] Global Scope Pollution (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 130760, "scanner": "repobility-threat-engine", "fingerprint": "d836843504e3fae6e5d7f7724208c205cb00bad4100d1636a439c245e57f7cf1", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "global-scope-pollution", "owasp": null, "cwe_ids": [], "languages": ["javascript"], "precision": 1.0, "promoted_at": "2026-05-18T15:01:13.611213+00:00", "triaged_in_corpus": 12, "observations_count": 173528, "ai_coder_pattern_id": 55}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|d836843504e3fae6e5d7f7724208c205cb00bad4100d1636a439c245e57f7cf1", "aggregated_count": 5}}}, {"ruleId": "MINED098", "level": "none", "message": {"text": "[MINED098] Global Scope Pollution: Attaching libraries/objects directly to the global window scope (e.g., `window.axios = axios;`) makes the code harder to test and increases the risk of naming collisions."}, "properties": {"repobilityId": 130759, "scanner": "repobility-threat-engine", "fingerprint": "27eba73e80e3a4832b460ad5b25ff3694ab98983f07ce219fc2716f9581fe2ac", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "global-scope-pollution", "owasp": null, "cwe_ids": [], "languages": ["javascript"], "precision": 1.0, "promoted_at": "2026-05-18T15:01:13.611213+00:00", "triaged_in_corpus": 12, "observations_count": 173528, "ai_coder_pattern_id": 55}, "scanner": "repobility-threat-engine", "correlation_key": "fp|27eba73e80e3a4832b460ad5b25ff3694ab98983f07ce219fc2716f9581fe2ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/AudioMuting/monitor-play.js"}, "region": {"startLine": 230}}}]}, {"ruleId": "MINED098", "level": "none", "message": {"text": "[MINED098] Global Scope Pollution: Attaching libraries/objects directly to the global window scope (e.g., `window.axios = axios;`) makes the code harder to test and increases the risk of naming collisions."}, "properties": {"repobilityId": 130758, "scanner": "repobility-threat-engine", "fingerprint": "c256729fcc3a7e4bbd697bc7fa42cb6d05775c36a90cc6d52cae06fc232b6f56", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "global-scope-pollution", "owasp": null, "cwe_ids": [], "languages": ["javascript"], "precision": 1.0, "promoted_at": "2026-05-18T15:01:13.611213+00:00", "triaged_in_corpus": 12, "observations_count": 173528, "ai_coder_pattern_id": 55}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c256729fcc3a7e4bbd697bc7fa42cb6d05775c36a90cc6d52cae06fc232b6f56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/AppLaunch/iTermOnboardingWindowController.m"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED098", "level": "none", "message": {"text": "[MINED098] Global Scope Pollution: Attaching libraries/objects directly to the global window scope (e.g., `window.axios = axios;`) makes the code harder to test and increases the risk of naming collisions."}, "properties": {"repobilityId": 130757, "scanner": "repobility-threat-engine", "fingerprint": "6b179d9f3a72b9e78ebf9487117363faf0ff06b530797d74f8ffdce9e1dda7e0", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "global-scope-pollution", "owasp": null, "cwe_ids": [], "languages": ["javascript"], "precision": 1.0, "promoted_at": "2026-05-18T15:01:13.611213+00:00", "triaged_in_corpus": 12, "observations_count": 173528, "ai_coder_pattern_id": 55}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6b179d9f3a72b9e78ebf9487117363faf0ff06b530797d74f8ffdce9e1dda7e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKEyedropperWindow.m"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion (and 103 more): Same pattern found in 103 additional files. Review if needed."}, "properties": {"repobilityId": 130756, "scanner": "repobility-threat-engine", "fingerprint": "12e06fffe1cdd0f1ea9fd917e1a05e7903593bb74b1689f8c764490c68554858", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 103 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|12e06fffe1cdd0f1ea9fd917e1a05e7903593bb74b1689f8c764490c68554858", "aggregated_count": 103}}}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 130755, "scanner": "repobility-threat-engine", "fingerprint": "f19d3a9b28d0627930f09ddb245f7cd6ccf07298286d047cd7dc2d0e5d59df1f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f19d3a9b28d0627930f09ddb245f7cd6ccf07298286d047cd7dc2d0e5d59df1f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SignedArchive/SignedArchive/SIGArchiveBuilder.m"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 130754, "scanner": "repobility-threat-engine", "fingerprint": "8b0c9c4c320ac4fdb575dffb142826ac594c7e7e497ee9502ddde852709284c5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8b0c9c4c320ac4fdb575dffb142826ac594c7e7e497ee9502ddde852709284c5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKMainViewController.m"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED045", "level": "none", "message": {"text": "[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong."}, "properties": {"repobilityId": 130753, "scanner": "repobility-threat-engine", "fingerprint": "d5d26a23aaf62d74dd0cc4e6ac312499a3edbcad6997492d9bb202cc27ed8abc", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-non-null-assertion", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348005+00:00", "triaged_in_corpus": 12, "observations_count": 1810954, "ai_coder_pattern_id": 105}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d5d26a23aaf62d74dd0cc4e6ac312499a3edbcad6997492d9bb202cc27ed8abc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKEyedropperWindow.m"}, "region": {"startLine": 69}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress (and 180 more): Same pattern found in 180 additional files. Review if needed."}, "properties": {"repobilityId": 130752, "scanner": "repobility-threat-engine", "fingerprint": "9a9c90631323a8b3c0925b470684d485b433730c574d58021ad0edb8a3b4604d", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 180 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|9a9c90631323a8b3c0925b470684d485b433730c574d58021ad0edb8a3b4604d", "aggregated_count": 180}}}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 130751, "scanner": "repobility-threat-engine", "fingerprint": "26d2e65e8f71fe2da25bb95272fd6036e6d0cc45d274d482720fa5cb06a288d9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|26d2e65e8f71fe2da25bb95272fd6036e6d0cc45d274d482720fa5cb06a288d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKColorNamer.m"}, "region": {"startLine": 12}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 130750, "scanner": "repobility-threat-engine", "fingerprint": "3d8cbc4cc814c38dc3062f1cd80e9118b058d91a915bbb4e95227eeec02d41ed", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3d8cbc4cc814c38dc3062f1cd80e9118b058d91a915bbb4e95227eeec02d41ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKColorComponentSliderView.m"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED048", "level": "none", "message": {"text": "[MINED048] Php Error Suppress: @function() suppresses errors silently. Hides real issues."}, "properties": {"repobilityId": 130749, "scanner": "repobility-threat-engine", "fingerprint": "485078f79885628daa0eb94f8968a1d7f0550578de5426647227a163445a54d1", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "php-error-suppress", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["php"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348013+00:00", "triaged_in_corpus": 12, "observations_count": 849118, "ai_coder_pattern_id": 166}, "scanner": "repobility-threat-engine", "correlation_key": "fp|485078f79885628daa0eb94f8968a1d7f0550578de5426647227a163445a54d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ColorPicker/ColorPicker/CPKAlphaSliderView.m"}, "region": {"startLine": 7}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 130748, "scanner": "repobility-threat-engine", "fingerprint": "43b81e30ecec4542d5b7c1728a77ddf506d2c87684fdce356d7b2b0e14a44049", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|43b81e30ecec4542d5b7c1728a77ddf506d2c87684fdce356d7b2b0e14a44049"}}}, {"ruleId": "MINED008", "level": "none", "message": {"text": "[MINED008] Swift Force Unwrap (and 27 more): Same pattern found in 27 additional files. Review if needed."}, "properties": {"repobilityId": 130744, "scanner": "repobility-threat-engine", "fingerprint": "5273b30be9c807b0a9f9b875c2d9aa89aa91784b4c019889864603afa9f7a19c", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 27 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "swift-force-unwrap", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347916+00:00", "triaged_in_corpus": 15, "observations_count": 210453, "ai_coder_pattern_id": 157}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|5273b30be9c807b0a9f9b875c2d9aa89aa91784b4c019889864603afa9f7a19c", "aggregated_count": 27}}}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 130964, "scanner": "repobility-supply-chain", "fingerprint": "da16ad8227eecc8636497f2ea1bb1dd8d3df3adf9f914a1f9a3434b05a30d192", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|da16ad8227eecc8636497f2ea1bb1dd8d3df3adf9f914a1f9a3434b05a30d192"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 130963, "scanner": "repobility-supply-chain", "fingerprint": "9f69a04457d11e23185c19b91c4feaa34da26cf6b80672d5feedc9d0a56d5466", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9f69a04457d11e23185c19b91c4feaa34da26cf6b80672d5feedc9d0a56d5466"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 130962, "scanner": "repobility-supply-chain", "fingerprint": "dd37bf18cd412686d86920a0c0a0a1b017b55deb8bf88550a8cf86def591fdae", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|dd37bf18cd412686d86920a0c0a0a1b017b55deb8bf88550a8cf86def591fdae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 130961, "scanner": "repobility-supply-chain", "fingerprint": "3216d8eb311193c6ad7f9359a7ad4d9b8f4b558c0039450053f7d11a28bf06ee", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3216d8eb311193c6ad7f9359a7ad4d9b8f4b558c0039450053f7d11a28bf06ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.y` used but never assigned in __init__: Method `dict` of class `Point` reads `self.y`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130950, "scanner": "repobility-ast-engine", "fingerprint": "d9d9d2ee98d2657e4d05f658c0e4eb388572fd6db834b1be8f7877cc84224a08", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d9d9d2ee98d2657e4d05f658c0e4eb388572fd6db834b1be8f7877cc84224a08"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 118}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.x` used but never assigned in __init__: Method `dict` of class `Point` reads `self.x`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130949, "scanner": "repobility-ast-engine", "fingerprint": "8ec6c5b27c74c009b63f0bd62925f527bd4e998873b9560a7ab85778b434705c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8ec6c5b27c74c009b63f0bd62925f527bd4e998873b9560a7ab85778b434705c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 118}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.y` used but never assigned in __init__: Method `__repr__` of class `Point` reads `self.y`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130948, "scanner": "repobility-ast-engine", "fingerprint": "ebc16741f2de44bad2a5f61b76b0b33db1a74e611f9a2c351d39e61ee7557892", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ebc16741f2de44bad2a5f61b76b0b33db1a74e611f9a2c351d39e61ee7557892"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.x` used but never assigned in __init__: Method `__repr__` of class `Point` reads `self.x`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130947, "scanner": "repobility-ast-engine", "fingerprint": "ed3a0af04dc2a5c854cab915157be04483d9867e901ee55ac3f772dc28cf2972", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ed3a0af04dc2a5c854cab915157be04483d9867e901ee55ac3f772dc28cf2972"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.height` used but never assigned in __init__: Method `proto` of class `Size` reads `self.height`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130946, "scanner": "repobility-ast-engine", "fingerprint": "4b9f11c0fbfe9e38983ee7309349ab1b009471dcf07037d567b3aae9b5930bc8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4b9f11c0fbfe9e38983ee7309349ab1b009471dcf07037d567b3aae9b5930bc8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 69}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.width` used but never assigned in __init__: Method `proto` of class `Size` reads `self.width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130945, "scanner": "repobility-ast-engine", "fingerprint": "77b41baa9733e56123d6d1e750f24a452ffda94b6f6043f14f85c5c32279bcd2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|77b41baa9733e56123d6d1e750f24a452ffda94b6f6043f14f85c5c32279bcd2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.dict` used but never assigned in __init__: Method `json` of class `Size` reads `self.dict`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130944, "scanner": "repobility-ast-engine", "fingerprint": "01d58c62159f15825a6de0272eb53ee5a5c5438690d7d4b6ed21a555537deab1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|01d58c62159f15825a6de0272eb53ee5a5c5438690d7d4b6ed21a555537deab1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.height` used but never assigned in __init__: Method `load_from_dict` of class `Size` reads `self.height`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130943, "scanner": "repobility-ast-engine", "fingerprint": "2b277bca6c5014831d0b7a3e0e9603e709134180b50a1732900450d66bef0d5c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2b277bca6c5014831d0b7a3e0e9603e709134180b50a1732900450d66bef0d5c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.width` used but never assigned in __init__: Method `load_from_dict` of class `Size` reads `self.width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130942, "scanner": "repobility-ast-engine", "fingerprint": "b9940991e0210865ad30b8dc4448f98132986a3b9a9deb90e0dd8a1411b58f51", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b9940991e0210865ad30b8dc4448f98132986a3b9a9deb90e0dd8a1411b58f51"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.height` used but never assigned in __init__: Method `dict` of class `Size` reads `self.height`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130941, "scanner": "repobility-ast-engine", "fingerprint": "2b787305746f6362dd32d9cb686a50b768903ab2a62b8bc728cede6fced35278", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2b787305746f6362dd32d9cb686a50b768903ab2a62b8bc728cede6fced35278"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.width` used but never assigned in __init__: Method `dict` of class `Size` reads `self.width`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130940, "scanner": "repobility-ast-engine", "fingerprint": "9ede54faf64fee57b7af1fa5c4863ebf3a05fc06e7c62ee2f286163de1fc26cd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9ede54faf64fee57b7af1fa5c4863ebf3a05fc06e7c62ee2f286163de1fc26cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/util.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.emit_impl` used but never assigned in __init__: Method `emit` of class `Emitter` reads `self.emit_impl`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130936, "scanner": "repobility-ast-engine", "fingerprint": "04896bbc86aaaa419e40abc5112ae5a7a95c517d12de9077925e176e04e7fb7a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|04896bbc86aaaa419e40abc5112ae5a7a95c517d12de9077925e176e04e7fb7a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/gen_mainmenu.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.emit_impl` used but never assigned in __init__: Method `emit` of class `Emitter` reads `self.emit_impl`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130935, "scanner": "repobility-ast-engine", "fingerprint": "85b1b6955208511bce2ede3100581289daaa834df9e02dc09819094bb978ef28", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|85b1b6955208511bce2ede3100581289daaa834df9e02dc09819094bb978ef28"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/gen_mainmenu.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.emit` used but never assigned in __init__: Method `_scan_sync` of class `Search` reads `self.emit`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130917, "scanner": "repobility-ast-engine", "fingerprint": "3b49d7563168005f08ffdb42287a66b95430f535bc8beb1b2a53bf63ea6ac067", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3b49d7563168005f08ffdb42287a66b95430f535bc8beb1b2a53bf63ea6ac067"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1103}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._scan_sync` used but never assigned in __init__: Method `mainloop` of class `Search` reads `self._scan_sync`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130916, "scanner": "repobility-ast-engine", "fingerprint": "d37194d5e0855d0fe2a9409b39738bddfcb6f6e4029f1a6536b05ac9257edb3b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d37194d5e0855d0fe2a9409b39738bddfcb6f6e4029f1a6536b05ac9257edb3b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 1077}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.read_forever` used but never assigned in __init__: Method `handle_read` of class `Process` reads `self.read_forever`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130915, "scanner": "repobility-ast-engine", "fingerprint": "1de44a78348fda8e00bb56360a4a340a34eba2ff44c0eed591c0a0ea245e6e0f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1de44a78348fda8e00bb56360a4a340a34eba2ff44c0eed591c0a0ea245e6e0f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 268}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.read_forever` used but never assigned in __init__: Method `handle_read` of class `Process` reads `self.read_forever`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130914, "scanner": "repobility-ast-engine", "fingerprint": "1d21efb3133864d4ce78d0c9e0b35ad00cc58c04fb175305ceec515e00ef01df", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1d21efb3133864d4ce78d0c9e0b35ad00cc58c04fb175305ceec515e00ef01df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 266}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.wait` used but never assigned in __init__: Method `cleanup` of class `Process` reads `self.wait`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130913, "scanner": "repobility-ast-engine", "fingerprint": "62034b166ba7e377eaf727f5dce9ba37d26991866c7e4d08fdf67a0823b5c6e5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|62034b166ba7e377eaf727f5dce9ba37d26991866c7e4d08fdf67a0823b5c6e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 208}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.pid` used but never assigned in __init__: Method `cleanup` of class `Process` reads `self.pid`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130912, "scanner": "repobility-ast-engine", "fingerprint": "12c4c86e119711dd0c6cde19932db129a9d027cb6f4f600c17f48d4e5733739d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|12c4c86e119711dd0c6cde19932db129a9d027cb6f4f600c17f48d4e5733739d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 202}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.pid` used but never assigned in __init__: Method `cleanup` of class `Process` reads `self.pid`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130911, "scanner": "repobility-ast-engine", "fingerprint": "a895393fb124de374545a8ad42df60ccf77245549225eb40e2613ca3cdd5954b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a895393fb124de374545a8ad42df60ccf77245549225eb40e2613ca3cdd5954b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "OtherResources/framer.py"}, "region": {"startLine": 192}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_new_windows_field_rejected: Test function `test_new_windows_field_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130908, "scanner": "repobility-ast-engine", "fingerprint": "98eb9ae5d15bfe4b307129f57f826242f59570a3e4a102c43ca4296b9d9f9ae4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|98eb9ae5d15bfe4b307129f57f826242f59570a3e4a102c43ca4296b9d9f9ae4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 842}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_new_tabs_field_rejected: Test function `test_new_tabs_field_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130907, "scanner": "repobility-ast-engine", "fingerprint": "ac30e4295f694b5ad7f17f5e7f74fe09f2d52f7c3618ff7443c0fbda69562deb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac30e4295f694b5ad7f17f5e7f74fe09f2d52f7c3618ff7443c0fbda69562deb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 832}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_orphan_session_rejected: Test function `test_orphan_session_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130906, "scanner": "repobility-ast-engine", "fingerprint": "6436945c61e2e4be2627057acd4c11682bbb8f096f2e515ae66ed9444cf16a8e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6436945c61e2e4be2627057acd4c11682bbb8f096f2e515ae66ed9444cf16a8e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 816}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_splitter_with_one_child_rejected: Test function `test_splitter_with_one_child_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130905, "scanner": "repobility-ast-engine", "fingerprint": "076a19987db72922d44215e4704a2a69213ae05f902e8a7e021ee28d1287d726", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|076a19987db72922d44215e4704a2a69213ae05f902e8a7e021ee28d1287d726"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 806}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_same_orientation_nesting_rejected: Test function `test_same_orientation_nesting_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130904, "scanner": "repobility-ast-engine", "fingerprint": "7eb928a4121699c5c1251305db9f2579c34ca8c2434bfc598433c8cf5408ca41", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7eb928a4121699c5c1251305db9f2579c34ca8c2434bfc598433c8cf5408ca41"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 783}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_duplicate_session_id_rejected: Test function `test_duplicate_session_id_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130903, "scanner": "repobility-ast-engine", "fingerprint": "fe85cb1c3c32ecc35fdca100a7498892841702d679d8fc0abb0e389f055106ee", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fe85cb1c3c32ecc35fdca100a7498892841702d679d8fc0abb0e389f055106ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 772}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_unknown_session_id_rejected: Test function `test_unknown_session_id_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130902, "scanner": "repobility-ast-engine", "fingerprint": "f32276a15b95e98ca63a9208331ecc97218cc54b5e6052b82758dd90c5d59a15", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f32276a15b95e98ca63a9208331ecc97218cc54b5e6052b82758dd90c5d59a15"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 761}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_unknown_tab_id_rejected: Test function `test_unknown_tab_id_rejected` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130901, "scanner": "repobility-ast-engine", "fingerprint": "5268a41975a4fd71e856f3217231779d8203f99638514d4948502cada0ffe05f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5268a41975a4fd71e856f3217231779d8203f99638514d4948502cada0ffe05f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 749}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_combined_reshape_and_close: Test function `test_combined_reshape_and_close` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130900, "scanner": "repobility-ast-engine", "fingerprint": "eb950fadd9f4611cd9a2fad7d2d15c4e5160613eae8504671f5c5e9c43007470", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eb950fadd9f4611cd9a2fad7d2d15c4e5160613eae8504671f5c5e9c43007470"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 710}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_active_session_preserved_when_other_session_moves_in: Test function `test_active_session_preserved_when_other_session_moves_in` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130899, "scanner": "repobility-ast-engine", "fingerprint": "c61c7c02552262239fb181da9fe7e1fb16c2717d2793fe814fe1e8ac65416c61", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c61c7c02552262239fb181da9fe7e1fb16c2717d2793fe814fe1e8ac65416c61"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 677}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_active_session_set_after_cross_tab_move: Test function `test_active_session_set_after_cross_tab_move` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130898, "scanner": "repobility-ast-engine", "fingerprint": "cb9effbb545e1e87aa02198fc943181f7c84200078ace9deeb49c8f8d434109c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cb9effbb545e1e87aa02198fc943181f7c84200078ace9deeb49c8f8d434109c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 625}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_active_session_promoted_when_terminated: Test function `test_active_session_promoted_when_terminated` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130897, "scanner": "repobility-ast-engine", "fingerprint": "f6d464544c1110f89a10e6855bfa915265c134dea7d03816c56308a48a1db211", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f6d464544c1110f89a10e6855bfa915265c134dea7d03816c56308a48a1db211"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 603}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_active_session_survives_reshape: Test function `test_active_session_survives_reshape` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130896, "scanner": "repobility-ast-engine", "fingerprint": "eba1c10bfaa6d7f9a60f3fe3260e9479fccd9825a162a04eb6c6f3cf06d7686a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eba1c10bfaa6d7f9a60f3fe3260e9479fccd9825a162a04eb6c6f3cf06d7686a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 581}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_close_window_only: Test function `test_close_window_only` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130895, "scanner": "repobility-ast-engine", "fingerprint": "1f81481cc67d5e886e0476de74f21b0cec91d27d63e6bd766923077265363bea", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1f81481cc67d5e886e0476de74f21b0cec91d27d63e6bd766923077265363bea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 559}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_close_tab_only: Test function `test_close_tab_only` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130894, "scanner": "repobility-ast-engine", "fingerprint": "744657a15284100cd0d69f9b810ba150403a73d5c1838d7f6574a9f9fde411d1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|744657a15284100cd0d69f9b810ba150403a73d5c1838d7f6574a9f9fde411d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 535}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_close_session_only: Test function `test_close_session_only` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130893, "scanner": "repobility-ast-engine", "fingerprint": "0ef406a51d7befbd5fc6351e1d569120eceefefe3c1264702e92f9444dfa6896", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0ef406a51d7befbd5fc6351e1d569120eceefefe3c1264702e92f9444dfa6896"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 510}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_cross_window_move: Test function `test_cross_window_move` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130892, "scanner": "repobility-ast-engine", "fingerprint": "721958549495588af402a2d3f1e0adafa1ec9e73ac2afb2596b513138a18d3df", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|721958549495588af402a2d3f1e0adafa1ec9e73ac2afb2596b513138a18d3df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 479}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_cross_tab_move_emptying_single_session_tab_implicitly_closes: Test function `test_cross_tab_move_emptying_single_session_tab_implicitly_closes` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130891, "scanner": "repobility-ast-engine", "fingerprint": "b87bd3ac44cb6f87ba0ffb3adf67ad1885cb926e63aa0b4c0a3ad0832765a935", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b87bd3ac44cb6f87ba0ffb3adf67ad1885cb926e63aa0b4c0a3ad0832765a935"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 455}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_cross_tab_move_emptying_source_implicitly_closes_it: Test function `test_cross_tab_move_emptying_source_implicitly_closes_it` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130890, "scanner": "repobility-ast-engine", "fingerprint": "b8edc6e3401f0a8821358a9fb43cfbe20cda13b613f28b753d3992c47a97c7cc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b8edc6e3401f0a8821358a9fb43cfbe20cda13b613f28b753d3992c47a97c7cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 421}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_cross_tab_move_single_session: Test function `test_cross_tab_move_single_session` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130889, "scanner": "repobility-ast-engine", "fingerprint": "cda3de411d149c8df26b6be2bcb83736667fd15e491202544fa30059d114449a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cda3de411d149c8df26b6be2bcb83736667fd15e491202544fa30059d114449a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 384}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_no_op_reshape_preserves_shape: Test function `test_no_op_reshape_preserves_shape` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130888, "scanner": "repobility-ast-engine", "fingerprint": "34d420c16dfd5f6e6f4b564ba89f7ba452931cba0a792fc5c3b89d5dd9692007", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|34d420c16dfd5f6e6f4b564ba89f7ba452931cba0a792fc5c3b89d5dd9692007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 351}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_restructure_flat_to_nested: Test function `test_restructure_flat_to_nested` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130887, "scanner": "repobility-ast-engine", "fingerprint": "de4499c47e672e4e6bec0d9c43d0a664bc8087d20e183fa8407ef4c626ef567c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|de4499c47e672e4e6bec0d9c43d0a664bc8087d20e183fa8407ef4c626ef567c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 327}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_change_orientation_v_to_h: Test function `test_change_orientation_v_to_h` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130886, "scanner": "repobility-ast-engine", "fingerprint": "a298e3e9e3ac9b79df25815fd9c5c61e7407297351b5cd747c6931772b6b8012", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a298e3e9e3ac9b79df25815fd9c5c61e7407297351b5cd747c6931772b6b8012"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 307}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_swap_three_panes_in_tab: Test function `test_swap_three_panes_in_tab` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130885, "scanner": "repobility-ast-engine", "fingerprint": "9a8e50fc6770fbf9c0d0a74aa326ddf5b629057cfaf87fe90603fb75b4c8f271", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9a8e50fc6770fbf9c0d0a74aa326ddf5b629057cfaf87fe90603fb75b4c8f271"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 286}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_swap_two_panes_in_tab: Test function `test_swap_two_panes_in_tab` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 130884, "scanner": "repobility-ast-engine", "fingerprint": "f9e4755392e504a445904cc746f6347ec153c268717adac87f515d896cdd13f9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9e4755392e504a445904cc746f6347ec153c268717adac87f515d896cdd13f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/apply_layout_integration_test.py"}, "region": {"startLine": 261}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.value` used but never assigned in __init__: Method `reset` of class `ANSIColor` reads `self.value`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130882, "scanner": "repobility-ast-engine", "fingerprint": "20ca84b9906cf9db31e2a84a7d14256ecc3c467b99219fde514345c908ceb537", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|20ca84b9906cf9db31e2a84a7d14256ecc3c467b99219fde514345c908ceb537"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/osc4-and-friends.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.name` used but never assigned in __init__: Method `set` of class `DynamicColor` reads `self.name`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130881, "scanner": "repobility-ast-engine", "fingerprint": "f5cc95d03c967a3640b2987c29d5751897fdefc45377d5008e001448993efc24", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f5cc95d03c967a3640b2987c29d5751897fdefc45377d5008e001448993efc24"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/osc4-and-friends.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.value` used but never assigned in __init__: Method `set` of class `DynamicColor` reads `self.value`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130880, "scanner": "repobility-ast-engine", "fingerprint": "7539f7f8ff090f8be320f50f4222b449761b1294e15280f82c3b2f59093da1be", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7539f7f8ff090f8be320f50f4222b449761b1294e15280f82c3b2f59093da1be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/osc4-and-friends.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.name` used but never assigned in __init__: Method `reset` of class `DynamicColor` reads `self.name`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130879, "scanner": "repobility-ast-engine", "fingerprint": "e5acedee2586793ccf30c4d8d6af9793da2c515e5c5e473b6c54689c3b2880e8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e5acedee2586793ccf30c4d8d6af9793da2c515e5c5e473b6c54689c3b2880e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/osc4-and-friends.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.value` used but never assigned in __init__: Method `reset` of class `DynamicColor` reads `self.value`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 130878, "scanner": "repobility-ast-engine", "fingerprint": "a006df89c3bcb46f1223a732f02cbee70cfa630cd9280d56fa13acadb4c44075", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a006df89c3bcb46f1223a732f02cbee70cfa630cd9280d56fa13acadb4c44075"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/osc4-and-friends.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `main`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130874, "scanner": "repobility-ast-engine", "fingerprint": "0d946ee1c1b901a9d78d4acb148c167a3931d9ba929d138e3d07a4897fede022", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0d946ee1c1b901a9d78d4acb148c167a3931d9ba929d138e3d07a4897fede022"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `do_move_to_split`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130873, "scanner": "repobility-ast-engine", "fingerprint": "1423e60109af01ad61ba71e21c4b7a8d3986c49f31ce414f7ba313b4a22bf1f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1423e60109af01ad61ba71e21c4b7a8d3986c49f31ce414f7ba313b4a22bf1f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `do_move_to_split`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130872, "scanner": "repobility-ast-engine", "fingerprint": "3e92ac80fe31f845cb83cd9c1fc1e335b7399961ea9b514b6db812d2a3cb13d6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3e92ac80fe31f845cb83cd9c1fc1e335b7399961ea9b514b6db812d2a3cb13d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `do_move_to_split`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130871, "scanner": "repobility-ast-engine", "fingerprint": "fa44a358d81ac8dc0c0fda1b79d4f86678a64798ba662da2ce88e9b173bc49df", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fa44a358d81ac8dc0c0fda1b79d4f86678a64798ba662da2ce88e9b173bc49df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `do_move_to_new_window`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130870, "scanner": "repobility-ast-engine", "fingerprint": "848f7359031bf5826ba3ad1e45a1f371432c907d88fc816fa89e71982acdd2ca", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|848f7359031bf5826ba3ad1e45a1f371432c907d88fc816fa89e71982acdd2ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 76}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `do_move_to_new_tab`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130869, "scanner": "repobility-ast-engine", "fingerprint": "d58d9cc78715f0e304b5671bd20ffacf6a8a23c6bba1919e78f49045f7daf734", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d58d9cc78715f0e304b5671bd20ffacf6a8a23c6bba1919e78f49045f7daf734"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `do_move_to_new_tab`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130868, "scanner": "repobility-ast-engine", "fingerprint": "116fb7eeaf35a5315a5de29e33265b233ad535ad0cda7d25aa8972f14a99bf25", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|116fb7eeaf35a5315a5de29e33265b233ad535ad0cda7d25aa8972f14a99bf25"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `do_move_to_new_tab`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 130867, "scanner": "repobility-ast-engine", "fingerprint": "edad06e57bc5f70abb97910659c7af41131b5023ecb81d1f25d35af3bd189fa9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|edad06e57bc5f70abb97910659c7af41131b5023ecb81d1f25d35af3bd189fa9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tests/move_session_test.py"}, "region": {"startLine": 51}}}]}, {"ruleId": "SEC085", "level": "error", "message": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "properties": {"repobilityId": 130822, "scanner": "repobility-threat-engine", "fingerprint": "90608369b04c62318b64f9b93c2982eae514dd2059c46a41ea6013a8a0e5ea04", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "exec(text", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC085", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|90608369b04c62318b64f9b93c2982eae514dd2059c46a41ea6013a8a0e5ea04"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/WebViewAdditions/extend-selection-bigword.js"}, "region": {"startLine": 11}}}]}, {"ruleId": "SEC083", "level": "error", "message": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "properties": {"repobilityId": 130820, "scanner": "repobility-threat-engine", "fingerprint": "d4527e5dd4c8195bcef734f622383927f711e4f41dbe23fa3df6e7052bde863d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new RegExp(escapeRegExp", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC083", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d4527e5dd4c8195bcef734f622383927f711e4f41dbe23fa3df6e7052bde863d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/Marks/extract-text-fragment.js"}, "region": {"startLine": 95}}}]}, {"ruleId": "SEC021", "level": "error", "message": {"text": "[SEC021] Shell Trace Around Secret Handling: Shell xtrace is enabled near secret handling. CI and deployment logs can echo every command and expand secret values, turning a safe secret-store lookup into a credential leak."}, "properties": {"repobilityId": 130818, "scanner": "repobility-threat-engine", "fingerprint": "d29bc12d241c67314373d43baf876d8c9429c3386fd809110cda6766436e9c10", "category": "credential_exposure", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "set -x\n\nfunction die {\n  echo $1\n  exit\n}\n\necho Enter the notarization password", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC021", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "secret|itermai/build.sh|1|set -x function die echo 1 exit echo enter the notarization password"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "iTermAI/build.sh"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 130813, "scanner": "repobility-threat-engine", "fingerprint": "8acfb13cb90f9df53fc3af95d5bce5e98f0fba49231ae4cfc91752408d484f04", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8acfb13cb90f9df53fc3af95d5bce5e98f0fba49231ae4cfc91752408d484f04"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/focus.py"}, "region": {"startLine": 189}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 130812, "scanner": "repobility-threat-engine", "fingerprint": "eb07398bf21ecfcba522ac55ac3c4b15e13f6d0f773bbbc69f33179d332d7995", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|eb07398bf21ecfcba522ac55ac3c4b15e13f6d0f773bbbc69f33179d332d7995"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/customcontrol.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 130811, "scanner": "repobility-threat-engine", "fingerprint": "484bbb802bc34e6453a2e4b5502fed67a99cd71e3fae585c023cdb087e126df2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|484bbb802bc34e6453a2e4b5502fed67a99cd71e3fae585c023cdb087e126df2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/auth.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 130810, "scanner": "repobility-threat-engine", "fingerprint": "db1baded4e984603b152dae1173580868f10b1e5d41b3e00a2e9a6256ccc1108", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search(r\"^[0-9]+:[0-9]+: (.*)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|62|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/auth.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 130799, "scanner": "repobility-threat-engine", "fingerprint": "da789375820c0dc1bb22a81970aa81c7800fd0b3606cb4a2b633ea7f6006805b", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".innerHTML = `\n        <div class=\"entry-content\">\n            <div class=\"entry-header\">", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|da789375820c0dc1bb22a81970aa81c7800fd0b3606cb4a2b633ea7f6006805b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/History/history-page.js"}, "region": {"startLine": 166}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 130798, "scanner": "repobility-threat-engine", "fingerprint": "df74eefd97b7b0b24c0770735a489d86bafa64a580999aaafc95b0ea83ffc918", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".innerHTML = `\n            <div class=\"modified\">\n              \u2705 <strong>User-Agent Modified</stron", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|df74eefd97b7b0b24c0770735a489d86bafa64a580999aaafc95b0ea83ffc918"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/test-extensions/custom-user-agent/popup.js"}, "region": {"startLine": 19}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 130797, "scanner": "repobility-threat-engine", "fingerprint": "51a7b11a3fafd689e75a5854831ea8324a0bba55647faee52309e79630d58127", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".innerHTML = `\n    <strong>\ud83d\udd27 Custom User Agent Extension Active</strong><br>\n    <span id=\"ua-displa", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|51a7b11a3fafd689e75a5854831ea8324a0bba55647faee52309e79630d58127"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/test-extensions/custom-user-agent/content.js"}, "region": {"startLine": 27}}}]}, {"ruleId": "SEC020", "level": "error", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 130789, "scanner": "repobility-threat-engine", "fingerprint": "a6d6a386f65e8cd5d77db9ff875479914231f54e53c5c27710fee76828c84a4d", "category": "credential_exposure", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Credential-bearing variable appears to be printed or logged", "evidence": {"match": "console.error(TAG, 'Invalid session secret for clearStateWithoutResponse')", "reason": "Credential-bearing variable appears to be printed or logged", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.85, "correlation_key": "secret|token|2|console.error tag invalid session secret for clearstatewithoutresponse"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Browser/FindOnPage/find-api.js"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED038", "level": "error", "message": {"text": "[MINED038] Swift Try Bang: try! crashes on thrown error. Use try? or do/catch."}, "properties": {"repobilityId": 130775, "scanner": "repobility-threat-engine", "fingerprint": "84a1585a9cca59658b0c32833df34914c4a9ba339382875aa01a504cc1a4014f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "swift-try-bang", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347986+00:00", "triaged_in_corpus": 15, "observations_count": 2002, "ai_coder_pattern_id": 158}, "scanner": "repobility-threat-engine", "correlation_key": "fp|84a1585a9cca59658b0c32833df34914c4a9ba339382875aa01a504cc1a4014f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Sources/BrowserExtensionContentScriptInjectionGenerator.swift"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED038", "level": "error", "message": {"text": "[MINED038] Swift Try Bang: try! crashes on thrown error. Use try? or do/catch."}, "properties": {"repobilityId": 130774, "scanner": "repobility-threat-engine", "fingerprint": "887dd0dafa969d643f3ea8acf8f955e2a4e93e4a4a0e7d1a5d587fce96dbfd2c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "swift-try-bang", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347986+00:00", "triaged_in_corpus": 15, "observations_count": 2002, "ai_coder_pattern_id": 158}, "scanner": "repobility-threat-engine", "correlation_key": "fp|887dd0dafa969d643f3ea8acf8f955e2a4e93e4a4a0e7d1a5d587fce96dbfd2c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Shared/BrowserExtensionTemplateLoader.swift"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED038", "level": "error", "message": {"text": "[MINED038] Swift Try Bang: try! crashes on thrown error. Use try? or do/catch."}, "properties": {"repobilityId": 130773, "scanner": "repobility-threat-engine", "fingerprint": "27e1ecc4567d9816a6263216fc009050601a14ab87baba73049eef3c4de32c2d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "swift-try-bang", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347986+00:00", "triaged_in_corpus": 15, "observations_count": 2002, "ai_coder_pattern_id": 158}, "scanner": "repobility-threat-engine", "correlation_key": "fp|27e1ecc4567d9816a6263216fc009050601a14ab87baba73049eef3c4de32c2d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/TriggerNullCharacterTests.swift"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED012", "level": "error", "message": {"text": "[MINED012] Curl Pipe Bash: curl ... | sh / bash \u2014 runs unverified network code."}, "properties": {"repobilityId": 130766, "scanner": "repobility-threat-engine", "fingerprint": "7f91acc02a46abb7b51d9ea6ea29d747e702025879c2b011de2d9fc5fe57e425", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "curl-pipe-bash", "owasp": "A08:2021", "cwe_ids": ["CWE-494"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347926+00:00", "triaged_in_corpus": 15, "observations_count": 135001, "ai_coder_pattern_id": 25}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7f91acc02a46abb7b51d9ea6ea29d747e702025879c2b011de2d9fc5fe57e425"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/ShellIntegrationInstaller/iTermShellIntegrationDownloadAndRunViewController.m"}, "region": {"startLine": 35}}}]}, {"ruleId": "MINED012", "level": "error", "message": {"text": "[MINED012] Curl Pipe Bash: curl ... | sh / bash \u2014 runs unverified network code."}, "properties": {"repobilityId": 130765, "scanner": "repobility-threat-engine", "fingerprint": "2fd4b933b90d56e1b66d74fe35ca3b30f899156a9ae5b54d12c12a00448cc1f7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "curl-pipe-bash", "owasp": "A08:2021", "cwe_ids": ["CWE-494"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347926+00:00", "triaged_in_corpus": 15, "observations_count": 135001, "ai_coder_pattern_id": 25}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2fd4b933b90d56e1b66d74fe35ca3b30f899156a9ae5b54d12c12a00448cc1f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermArrangementTrustGateTests.swift"}, "region": {"startLine": 74}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 130763, "scanner": "repobility-threat-engine", "fingerprint": "0c57e7847b6fce24e0e3f33a3d99930dfb1520e0896e18e7aa30fb106c1989bf", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(f", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|0c57e7847b6fce24e0e3f33a3d99930dfb1520e0896e18e7aa30fb106c1989bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/NSStringShellEscapeTests.swift"}, "region": {"startLine": 51}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 130762, "scanner": "repobility-threat-engine", "fingerprint": "5731c68bf25492150abc8bcd0d7a6fa2512a0357cd6b53e3dd862b5706d5433a", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(f", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5731c68bf25492150abc8bcd0d7a6fa2512a0357cd6b53e3dd862b5706d5433a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/AISafetyRefusalParserTests.swift"}, "region": {"startLine": 267}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 130761, "scanner": "repobility-threat-engine", "fingerprint": "ccdbc1594d8c64ef75c42a60f9866e089b74c19ffae6f579fc16de695f0f9dc2", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(f", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|ccdbc1594d8c64ef75c42a60f9866e089b74c19ffae6f579fc16de695f0f9dc2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/AIMetadataFixtureCoverageTest.swift"}, "region": {"startLine": 90}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 130747, "scanner": "repobility-threat-engine", "fingerprint": "c4cd9263314c9cc146b12e3df09ec291e1bf48e007a1742d237384e653f3c504", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "modifiedTabs.delete(tabId);", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c4cd9263314c9cc146b12e3df09ec291e1bf48e007a1742d237384e653f3c504"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/test-extensions/custom-user-agent/background.js"}, "region": {"startLine": 47}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 130746, "scanner": "repobility-threat-engine", "fingerprint": "d77e396208dfe052c3ae468f9a886fe1c2d434cb0f0ef03f37ff9b3cf638ddd7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "m.delete(range: 0..<1)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d77e396208dfe052c3ae468f9a886fe1c2d434cb0f0ef03f37ff9b3cf638ddd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/iTermNonASCIIStringTest.swift"}, "region": {"startLine": 132}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 130745, "scanner": "repobility-threat-engine", "fingerprint": "430c76588bfd7acdaa35e15a00b39a283d52174717a1bc0439c1b428197e6904", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Self.update()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|430c76588bfd7acdaa35e15a00b39a283d52174717a1bc0439c1b428197e6904"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BetterFontPicker/BetterFontPicker/SystemFontClassifier.swift"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED008", "level": "error", "message": {"text": "[MINED008] Swift Force Unwrap: optional! crashes on nil. Use guard let or if let."}, "properties": {"repobilityId": 130743, "scanner": "repobility-threat-engine", "fingerprint": "f11d43847df47c0affc5d35fc7b3caa09e0d4dac903241c042b4bdb0b04c56c3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "swift-force-unwrap", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347916+00:00", "triaged_in_corpus": 15, "observations_count": 210453, "ai_coder_pattern_id": 157}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f11d43847df47c0affc5d35fc7b3caa09e0d4dac903241c042b4bdb0b04c56c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/SaveScreenWhenCursorMovesAboveOutputTests.swift"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED008", "level": "error", "message": {"text": "[MINED008] Swift Force Unwrap: optional! crashes on nil. Use guard let or if let."}, "properties": {"repobilityId": 130742, "scanner": "repobility-threat-engine", "fingerprint": "7390fc8c6aad039d8f12137f5f0195e88dd70e5934ce1dd78dc61186b78c61b6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "swift-force-unwrap", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347916+00:00", "triaged_in_corpus": 15, "observations_count": 210453, "ai_coder_pattern_id": 157}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7390fc8c6aad039d8f12137f5f0195e88dd70e5934ce1dd78dc61186b78c61b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ModernTests/PathTests.swift"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED008", "level": "error", "message": {"text": "[MINED008] Swift Force Unwrap: optional! crashes on nil. Use guard let or if let."}, "properties": {"repobilityId": 130741, "scanner": "repobility-threat-engine", "fingerprint": "8211a685e7a74080c5e2ecbc498fe798f2fe0b982a5b8feec3314fbec3ea066c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "swift-force-unwrap", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["swift"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347916+00:00", "triaged_in_corpus": 15, "observations_count": 210453, "ai_coder_pattern_id": 157}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8211a685e7a74080c5e2ecbc498fe798f2fe0b982a5b8feec3314fbec3ea066c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BetterFontPicker/BetterFontPicker/Affordance.swift"}, "region": {"startLine": 106}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 130959, "scanner": "repobility-ast-engine", "fingerprint": "750f93a2398ef180f0d121d74945e10babd164a1be25be1ee36789e7ca31b056", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|750f93a2398ef180f0d121d74945e10babd164a1be25be1ee36789e7ca31b056"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/ply/ply-3.4/example/BASIC/basinterp.py"}, "region": {"startLine": 363}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `base64` used but not imported: The file uses `base64.something(...)` but never imports `base64`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 130955, "scanner": "repobility-ast-engine", "fingerprint": "ac0207ad6cbb38fc8c6ef784c3f7e402daa0ab9ce9704809a294657d473e5fe2", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac0207ad6cbb38fc8c6ef784c3f7e402daa0ab9ce9704809a294657d473e5fe2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/binding.py"}, "region": {"startLine": 143}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 130952, "scanner": "repobility-ast-engine", "fingerprint": "61b60de35cec0bb6a588037bc502686c38e08d2b413dffe3b6288174370d1c1d", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|61b60de35cec0bb6a588037bc502686c38e08d2b413dffe3b6288174370d1c1d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/iterm2/auth.py"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `sys` used but not imported: The file uses `sys.something(...)` but never imports `sys`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 130934, "scanner": "repobility-ast-engine", "fingerprint": "2ec900cf3f3eecdfa2435e82dc84b447097a5d51cedc73b65844cbe4f66760cd", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2ec900cf3f3eecdfa2435e82dc84b447097a5d51cedc73b65844cbe4f66760cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/gen_mainmenu.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 130933, "scanner": "repobility-ast-engine", "fingerprint": "670699a24c187a5b71cd4251f1c92ee72de57f4a9a956aecf80028f1fce340c6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|670699a24c187a5b71cd4251f1c92ee72de57f4a9a956aecf80028f1fce340c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api/library/python/iterm2/gen_profile.py"}, "region": {"startLine": 1019}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 130831, "scanner": "repobility-threat-engine", "fingerprint": "98f0d103a69e2bf87f9350325796095fd2db4818ef8b3ab50d6d0b58a5d65c10", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|98f0d103a69e2bf87f9350325796095fd2db4818ef8b3ab50d6d0b58a5d65c10"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sources/Tasks/iTermFileDescriptorMultiClient+MRR.m"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED035", "level": "error", "message": {"text": "[MINED035] Js New Function: new Function(...) compiles strings to functions."}, "properties": {"repobilityId": 130784, "scanner": "repobility-threat-engine", "fingerprint": "5201b14aab4022811eeded6c126cf4f9c585fdd0370408770e61727447fa2d55", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-new-function", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347980+00:00", "triaged_in_corpus": 20, "observations_count": 2547, "ai_coder_pattern_id": 104}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5201b14aab4022811eeded6c126cf4f9c585fdd0370408770e61727447fa2d55"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "WebExtensionsFramework/Resources/JavaScript/content-script-injector.js"}, "region": {"startLine": 49}}}]}]}]}