UNIFIED
Repobility · multi-layer engine · AI coders
Complete repo analysis
Last scanned 1 day, 4 hours ago
·
v1
·
549 findings from
2 sources.
Findings combine the legacy security pipeline AND the multi-layer engine
(atlas, wiring, flows, ranked) AND verified AI agent contributions.
{# ── 2026-05-17 R27 #5: score breakdown panel ──────────────────────
Surfaces the score_breakdown JSON that's been silently stored on
Repository for months. Turns hidden math into a trust signal. #}
Score breakdown
â 2026-05-17-v4
calibration-aware
| Component |
Sub-score |
Weight |
Contribution |
structure_score |
60.0
|
0.15 |
9.00 |
security_score |
69.5
|
0.25 |
17.38 |
testing_score |
85.0
|
0.20 |
17.00 |
documentation_score |
70.0
|
0.15 |
10.50 |
practices_score |
90.0
|
0.15 |
13.50 |
code_quality |
80.0
|
0.10 |
8.00 |
| Overall |
|
1.00 |
75.4 |
Calibrated penalty buckets (security_score):
web: 1.6 ·
authz: 1.2 ·
threat: 27.8
security_score may be inflated — optional scanners skipped due to repo size/fast scan
Severity distribution — click a segment to filter
Active filters:
source: scanner ×
excluding tests ×
Reset all
Scan summary
Repository scanned at 73.4/100 with 100.0% coverage. It contains 41687 nodes across 23 cross-layer flows, written primarily in mixed languages. Engine surfaced 501 findings — concentrated in quality (317), software (78), cicd (54). Risk profile is high: 2 critical, 3 high, 31 medium. Recommended next step: open the quality layer findings first — that's where the highest-impact wins live.
Showing 479 of 549 findings.
Click TP / FP to vote on a finding's accuracy — votes adjust the confidence
weighting and improve detection across the platform.
critical
9-layer
security
secrets
conf 1.00
Possible secret in django/contrib/auth/management/commands/changepassword.py
Detected pattern matching password_literal. Rotate the credential and move to a secret manager.
django/contrib/auth/management/commands/changepassword.py:17
secrets
critical
9-layer
security
secrets
conf 1.00
Possible secret in django/db/backends/oracle/creation.py
Detected pattern matching password_literal. Rotate the credential and move to a secret manager.
django/db/backends/oracle/creation.py:292
secrets
high
9-layer
security
owasp
conf 1.00
Insecure pattern 'eval_used' in django/db/migrations/questioner.py:168
Found a known-risky pattern (eval_used). Review and replace if possible.
django/db/migrations/questioner.py:168
owaspeval_used
high
9-layer
security
owasp
conf 1.00
Insecure pattern 'eval_used' in scripts/manage_translations.py:403
Found a known-risky pattern (eval_used). Review and replace if possible.
scripts/manage_translations.py:403
owaspeval_used
high
9-layer
security
owasp
conf 1.00
Insecure pattern 'exec_used' in django/core/management/commands/shell.py:88
Found a known-risky pattern (exec_used). Review and replace if possible.
django/core/management/commands/shell.py:88
owaspexec_used
medium
9-layer
security
auth
conf 1.00
Django CBV `CreateView` lacks `LoginRequiredMixin` — django/views/generic/edit.py:185
Class-based view defines mutating methods (post/put/delete) without inheriting `LoginRequiredMixin`. If auth is enforced via `dispatch()` override or middleware, dismiss this finding.
django/views/generic/edit.py:185
authauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django CBV `FormView` lacks `LoginRequiredMixin` — django/views/generic/edit.py:165
Class-based view defines mutating methods (post/put/delete) without inheriting `LoginRequiredMixin`. If auth is enforced via `dispatch()` override or middleware, dismiss this finding.
django/views/generic/edit.py:165
authauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django CBV `ProcessFormView` lacks `LoginRequiredMixin` — django/views/generic/edit.py:137
Class-based view defines mutating methods (post/put/delete) without inheriting `LoginRequiredMixin`. If auth is enforced via `dispatch()` override or middleware, dismiss this finding.
django/views/generic/edit.py:137
authauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django CBV `RedirectView` lacks `LoginRequiredMixin` — django/views/generic/base.py:231
Class-based view defines mutating methods (post/put/delete) without inheriting `LoginRequiredMixin`. If auth is enforced via `dispatch()` override or middleware, dismiss this finding.
django/views/generic/base.py:231
authauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django CBV `TemplateView` lacks `LoginRequiredMixin` — django/views/generic/base.py:221
Class-based view defines mutating methods (post/put/delete) without inheriting `LoginRequiredMixin`. If auth is enforced via `dispatch()` override or middleware, dismiss this finding.
django/views/generic/base.py:221
authauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django CBV `UpdateView` lacks `LoginRequiredMixin` — django/views/generic/edit.py:209
Class-based view defines mutating methods (post/put/delete) without inheriting `LoginRequiredMixin`. If auth is enforced via `dispatch()` override or middleware, dismiss this finding.
django/views/generic/edit.py:209
authauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django view `feed` may be unauthenticated — django/contrib/gis/views.py:5
Function-view with `request` parameter has no `@login_required` or equivalent auth decorator within 5 lines above. If auth is enforced by middleware (`AUTHENTICATION_BACKENDS`), this is a false positive — dismiss with reason `by_design`.
django/contrib/gis/views.py:5
authowaspauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django view `flatpage` may be unauthenticated — django/contrib/flatpages/views.py:22
Function-view with `request` parameter has no `@login_required` or equivalent auth decorator within 5 lines above. If auth is enforced by middleware (`AUTHENTICATION_BACKENDS`), this is a false positive — dismiss with reason `by_design`.
django/contrib/flatpages/views.py:22
authowaspauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django view `kml` may be unauthenticated — django/contrib/gis/sitemaps/views.py:10
Function-view with `request` parameter has no `@login_required` or equivalent auth decorator within 5 lines above. If auth is enforced by middleware (`AUTHENTICATION_BACKENDS`), this is a false positive — dismiss with reason `by_design`.
django/contrib/gis/sitemaps/views.py:10
authowaspauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django view `kmz` may be unauthenticated — django/contrib/gis/sitemaps/views.py:61
Function-view with `request` parameter has no `@login_required` or equivalent auth decorator within 5 lines above. If auth is enforced by middleware (`AUTHENTICATION_BACKENDS`), this is a false positive — dismiss with reason `by_design`.
django/contrib/gis/sitemaps/views.py:61
authowaspauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django view `render_flatpage` may be unauthenticated — django/contrib/flatpages/views.py:49
Function-view with `request` parameter has no `@login_required` or equivalent auth decorator within 5 lines above. If auth is enforced by middleware (`AUTHENTICATION_BACKENDS`), this is a false positive — dismiss with reason `by_design`.
django/contrib/flatpages/views.py:49
authowaspauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django view `serve` may be unauthenticated — django/contrib/staticfiles/views.py:16
Function-view with `request` parameter has no `@login_required` or equivalent auth decorator within 5 lines above. If auth is enforced by middleware (`AUTHENTICATION_BACKENDS`), this is a false positive — dismiss with reason `by_design`.
django/contrib/staticfiles/views.py:16
authowaspauth.django.unauth_view
medium
9-layer
security
auth
conf 1.00
Django view `shortcut` may be unauthenticated — django/contrib/contenttypes/views.py:9
Function-view with `request` parameter has no `@login_required` or equivalent auth decorator within 5 lines above. If auth is enforced by middleware (`AUTHENTICATION_BACKENDS`), this is a false positive — dismiss with reason `by_design`.
django/contrib/contenttypes/views.py:9
authowaspauth.django.unauth_view
medium
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
psf/black@stable can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:71
supply-chaingithub-actionspinned-dependencies
medium
9-layer
security
owasp
conf 1.00
Insecure pattern 'subprocess_shell_true' in django/utils/version.py:93
Found a known-risky pattern (subprocess_shell_true). Review and replace if possible.
django/utils/version.py:93
owaspsubprocess_shell_true
medium
9-layer
security
owasp
conf 1.00
Insecure pattern 'subprocess_shell_true' in scripts/manage_translations.py:201
Found a known-risky pattern (subprocess_shell_true). Review and replace if possible.
scripts/manage_translations.py:201
owaspsubprocess_shell_true
medium
9-layer
security
owasp
conf 1.00
Insecure pattern 'weak_hash' in django/db/backends/sqlite3/_functions.py:72
Found a known-risky pattern (weak_hash). Review and replace if possible.
django/db/backends/sqlite3/_functions.py:72
owaspweak_hash
medium
9-layer
security
owasp
conf 1.00
Insecure pattern 'weak_hash' in django/db/models/functions/__init__.py:55
Found a known-risky pattern (weak_hash). Review and replace if possible.
django/db/models/functions/__init__.py:55
owaspweak_hash
medium
9-layer
security
owasp
conf 1.00
Insecure pattern 'weak_hash' in django/db/models/functions/text.py:216
Found a known-risky pattern (weak_hash). Review and replace if possible.
django/db/models/functions/text.py:216
owaspweak_hash
medium
9-layer
security
owasp
conf 1.00
Insecure pattern 'weak_hash' in scripts/verify_release.sh:63
Found a known-risky pattern (weak_hash). Review and replace if possible.
scripts/verify_release.sh:63
owaspweak_hash
medium
9-layer
quality
integrity
conf 1.00
Likely N+1 query: `for field in …` triggers a query per row — django/contrib/contenttypes/views.py:57
The loop iterates a Django queryset and accesses `field.remote_field.model` per row, which fires an additional database query each iteration. Add `.select_related('<fk_field>')` for FK / O2O relations or `.prefetch_related('<m2m_or_reverse>')` for many-related lookups, to load everything in 1-2 que…
django/contrib/contenttypes/views.py:57
integrityn-plus-oneperformance
medium
9-layer
quality
integrity
conf 1.00
Likely N+1 query: `for field in …` triggers a query per row — django/contrib/contenttypes/views.py:73
The loop iterates a Django queryset and accesses `field.remote_field.model` per row, which fires an additional database query each iteration. Add `.select_related('<fk_field>')` for FK / O2O relations or `.prefetch_related('<m2m_or_reverse>')` for many-related lookups, to load everything in 1-2 que…
django/contrib/contenttypes/views.py:73
integrityn-plus-oneperformance
medium
9-layer
quality
integrity
conf 1.00
Network/subprocess call without timeout or try/except — django/db/backends/base/client.py:31
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium
9-layer
quality
integrity
conf 1.00
Network/subprocess call without timeout or try/except — django/db/backends/mysql/client.py:40
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium
9-layer
quality
integrity
conf 1.00
Network/subprocess call without timeout or try/except — django/db/backends/mysql/creation.py:78
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium
9-layer
quality
integrity
conf 1.00
Network/subprocess call without timeout or try/except — django/utils/autoreload.py:290
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium
9-layer
quality
integrity
conf 1.00
Network/subprocess call without timeout or try/except — scripts/do_django_release.py:165
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium
9-layer
quality
integrity
conf 1.00
Network/subprocess call without timeout or try/except — scripts/manage_translations.py:48
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium
9-layer
quality
integrity
conf 1.00
Network/subprocess call without timeout or try/except — scripts/prepare_commit_msg.py:28
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium
9-layer
security
coverage
conf 1.00
No auth library detected
The scanner did not find any standard auth library (JWT, OAuth, NextAuth, Auth0, etc.). Either auth lives in custom code, in a separate service, or is missing.
coverageauth
low
9-layer
quality
maintenance
conf 1.00
59 TODO/FIXME markers
High count of TODO/FIXME/HACK markers — track them as issues so they're not forgotten.
maintenance
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: Gruntfile.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_docs/namespace_urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_docs/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/broken_app/models.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/complex_app/admin/foo.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/configured_settings_manage.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/custom_templates/app_template/api.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/custom_templates/project_template/additional_dir/additional_file.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/custom_templates/project_template/additional_dir/extra.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/custom_templates/project_template/additional_dir/localized.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/custom_templates/project_template/project_name/settings.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/simple_app/models.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/admin_scripts/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/builtin_server/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/file_storage/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/generic_inline_admin/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/commands/app_with_locale/some_file.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/commands/someapp/static/javascript.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/commands/static/javascript_ignored.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/other/locale/de/formats.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/other/locale/fr/formats.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/other2/locale/de/formats.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/patterns/urls/default.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/patterns/urls/disabled.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/patterns/urls/included.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/patterns/urls/namespace.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/patterns/urls/path_unused.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/patterns/urls/wrong.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/patterns/urls/wrong_namespace.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/project_dir/app_no_locale/models.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/project_dir/app_with_locale/models.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/sampleproject/manage.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/sampleproject/sampleproject/settings.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/i18n/urls_default_unprefixed.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/middleware/cond_get_urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/middleware/extra_urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/middleware/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/model_meta/results.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/project_template/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/resolve_url/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/sitecustomize.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/template_backends/apps/good/templatetags/empty.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/template_backends/apps/good/templatetags/good_tags.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/template_backends/apps/good/templatetags/override.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/template_backends/apps/good/templatetags/subpackage/tags.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/template_backends/apps/importerror/templatetags/broken_tags.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/test_client/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/test_sqlite.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
software
dead-code-candidate
conf 1.00
File has no detected symbols: tests/urls.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/python_matrix.yml:26
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/python_matrix.yml:43
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/python_matrix.yml:47
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/postgis.yml:42
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/postgis.yml:46
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/selenium.yml:24
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/selenium.yml:28
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/selenium.yml:64
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/selenium.yml:68
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/download-artifact@v4 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/coverage_comment.yml:24
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/github-script@v8 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/coverage_comment.yml:39
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/check-migrations.yml:44
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/check-migrations.yml:49
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/docs.yml:31
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/docs.yml:35
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/check_pr_quality.yml:24
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/check_pr_quality.yml:32
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/github-script@v8 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/labels.yml:25
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/benchmark.yml:17
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/cache@v4 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/benchmark.yml:31
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:27
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:31
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:47
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:51
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:67
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:78
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:92
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-node@v5 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/linters.yml:96
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/screenshots.yml:24
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v6 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/screenshots.yml:28
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/cache@v4 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/screenshots.yml:46
supply-chaingithub-actionspinned-dependencies
low
9-layer
cicd
supply-chain
conf 1.00
GitHub Action is tag-pinned rather than SHA-pinned
actions/upload-artifact@v4 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/screenshots.yml:63
supply-chaingithub-actionspinned-dependencies
low
9-layer
security
owasp
conf 1.00
Insecure pattern 'debug_true' in django/views/debug.py:29
Found a known-risky pattern (debug_true). Review and replace if possible.
django/views/debug.py:29
owaspdebug_true
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `assertDeprecated` in tests/deprecation/test_deprecate_posargs.py:18
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `attrs_copy` in tests/forms_tests/tests/test_utils.py:52
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `body_copy` in django/db/backends/sqlite3/schema.py:209
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `book_state_copy` in tests/migrations/test_autodetector.py:1860
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `date_copy` in tests/modeladmin/test_checks.py:105
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `extra_old` in tests/queries/tests.py:417
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `field_copy` in tests/model_fields/models.py:548
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `field_copy` in tests/model_fields/test_generatedfield.py:400
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `file_copy` in django/db/models/fields/files.py:214
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `from_buffer_copy` in django/contrib/gis/gdal/raster/band.py:222
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `get_all_related_objects_with_model_legacy` in tests/model_meta/results.py:301
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `get_connection_copy` in tests/backends/base/test_creation.py:24
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `model_a_old` in tests/migrations/test_state.py:716
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `msg_copy` in django/core/mail/backends/locmem.py:33
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `path_unused` in tests/i18n/patterns/tests.py:104
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `pony_old` in tests/migrations/test_operations.py:6722
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `remote_field_copy` in tests/foreign_object/tests.py:741
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `response_copy` in tests/test_client/tests.py:93
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `s3_copy` in tests/basic/tests.py:949
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `sourceraster_copy` in tests/gis_tests/gdal_tests/test_raster.py:500
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `support_legacy` in django/template/base.py:1179
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `support_legacy` in django/template/defaulttags.py:1676
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `support_legacy` in django/template/loader_tags.py:347
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `support_legacy` in django/templatetags/i18n.py:511
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_combine_empty_copy` in tests/queries/test_q.py:59
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_connection_arg_deprecated` in tests/mail/tests.py:1867
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_copy` in tests/gis_tests/geos_tests/test_geos.py:1366
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_copy` in tests/utils_tests/test_datastructures.py:118
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_copy` in tests/utils_tests/test_tree.py:87
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_csp_basic_with_nonce_but_unused` in tests/middleware/test_csp.py:48
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_direct_construction_deprecated` in tests/mail/test_backends.py:689
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_fields_cache_reset_on_copy` in tests/model_regress/tests.py:273
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_flatten_context_with_context_copy` in tests/template_tests/test_context.py:162
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_IPAddressField_deprecated` in tests/invalid_models_tests/test_deprecated_fields.py:11
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_list_select_related_true_deprecated` in tests/modeladmin/tests.py:1031
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_manifest_hash_v1` in tests/staticfiles_tests/test_storage.py:590
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_multivalue_deep_copy` in tests/forms_tests/tests/test_forms.py:4026
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_mutable_copy` in tests/httpwrappers/tests.py:134
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_renamed_subclass_deprecated` in tests/deprecation/tests.py:143
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_sanitize_address_deprecated` in tests/mail/test_deprecated.py:59
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_select_related_no_arguments_deprecated` in tests/select_related/tests.py:131
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Legacy-named symbol `test_wsgirequest_copy` in tests/requests_tests/tests.py:258
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 12 places
Functions with the same first-5-line body hash:
django/test/client.py:options, django/test/client.py:put, django/test/client.py:patch, django/test/client.py:delete
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or docu…
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
docs/_ext/djangodocs.py:run, docs/_ext/djangodocs.py:run
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/middleware/cache.py:cache, django/middleware/cache.py:cache
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/middleware/common.py:process_response, django/middleware/common.py:process_response
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/dispatch/dispatcher.py:asend_and_wrap_exception, django/dispatch/dispatcher.py:asend_and_wrap_exception
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document …
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/test/client.py:read, django/test/client.py:readline
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/test/client.py:to_bytes, django/test/client.py:to_bytes
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/test/client.py:generic, django/test/client.py:generic
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/test/testcases.py:test, django/test/testcases.py:test
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/test/testcases.py:tearDownClass, django/test/testcases.py:tearDownClass
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/test/testcases.py:get_base_dir, django/test/testcases.py:get_base_dir
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash:
django/test/testcases.py:get_base_url, django/test/testcases.py:get_base_url
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash:
django/dispatch/dispatcher.py:asend, django/dispatch/dispatcher.py:asend, django/dispatch/dispatcher.py:asend
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document w…
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash:
django/test/client.py:get, django/test/client.py:get, django/test/client.py:get
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash:
django/test/client.py:post, django/test/client.py:post, django/test/client.py:post
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash:
django/test/client.py:head, django/test/client.py:head, django/test/client.py:head
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash:
django/test/client.py:trace, django/test/client.py:trace, django/test/client.py:trace
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 4 places
Functions with the same first-5-line body hash:
django/dispatch/dispatcher.py:sync_send, django/dispatch/dispatcher.py:sync_send, django/dispatch/dispatcher.py:sync_send, django/dispatch/dispatcher.py:sync_send
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see http…
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 4 places
Functions with the same first-5-line body hash:
django/test/client.py:request, django/test/client.py:request, django/test/client.py:request, django/test/client.py:request
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate …
integrityduplicatedry
low
9-layer
quality
integrity
conf 1.00
Near-duplicate function bodies in 5 places
Functions with the same first-5-line body hash:
django/test/testcases.py:setUpClass, django/test/testcases.py:setUpClass, django/test/testcases.py:setUpClass, django/test/testcases.py:setUpClass
This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-cod…
integrityduplicatedry
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: default_role_error
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:396
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: depart_console_dummy
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:244
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: depart_desc_parameterlist
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:148
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: depart_table
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:123
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: depart_versionmodified
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:172
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: django_check_file
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/lint.py:20
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: G
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:114
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: h
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:118
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: H
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:122
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: html_page_context_hook
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:386
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: i
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:126
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: is_multiline_block_to_exclude
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/lint.py:62
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: O
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:130
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: P
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:145
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: parse_django_admin_node
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:184
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: s
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:158
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: T
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:162
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: u
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
django/utils/dateformat.py:173
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: version_github_linkcode_resolve
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/conf.py:453
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_ClassDef
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/github_links.py:30
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_console_dummy
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:239
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_console_html
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:249
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_desc_parameterlist
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:128
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_FunctionDef
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/github_links.py:27
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_ImportFrom
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/github_links.py:33
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_table
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:116
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: visit_versionmodified
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:165
dead-code
low
9-layer
software
dead-code
conf 1.00
Possibly dead Python function: warner
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/_ext/djangodocs.py:277
dead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `_reject` (body is just `pass`/`return`) — django/views/decorators/csrf.py:18
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `activate` (body is just `pass`/`return`) — django/utils/translation/trans_null.py:32
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `append` (body is just `pass`/`return`) — django/test/runner.py:160
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `authenticate` (body is just `pass`/`return`) — django/contrib/auth/backends.py:16
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `check_supported` (body is just `pass`/`return`) — django/contrib/postgres/indexes.py:39
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `clear_expired` (body is just `pass`/`return`) — django/contrib/sessions/backends/cache.py:140
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `clear_expired` (body is just `pass`/`return`) — django/contrib/sessions/backends/signed_cookies.py:98
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `clear` (body is just `pass`/`return`) — django/core/cache/backends/dummy.py:33
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `close` (body is just `pass`/`return`) — django/core/files/base.py:141
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `database_forwards` (body is just `pass`/`return`) — django/db/migrations/operations/models.py:835
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `db_check` (body is just `pass`/`return`) — django/db/models/fields/related.py:1305
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `DO_NOTHING` (body is just `pass`/`return`) — django/db/models/deletion.py:80
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `dummy` (body is just `pass`/`return`) — django/utils/decorators.py:20
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `end_serialization` (body is just `pass`/`return`) — django/core/serializers/python.py:25
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `flush` (body is just `pass`/`return`) — django/http/response.py:346
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `get_object` (body is just `pass`/`return`) — django/contrib/syndication/views.py:122
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `harden_runtime` (body is just `pass`/`return`) — django/contrib/auth/hashers.py:698
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `id_for_label` (body is just `pass`/`return`) — django/contrib/auth/forms.py:46
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `ignore` (body is just `pass`/`return`) — django/db/backends/dummy/base.py:28
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `local_setter_noop` (body is just `pass`/`return`) — django/db/models/sql/compiler.py:1343
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `log_message` (body is just `pass`/`return`) — django/test/testcases.py:1656
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `no_limit_value` (body is just `pass`/`return`) — django/db/backends/oracle/operations.py:321
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `no_limit_value` (body is just `pass`/`return`) — django/db/backends/postgresql/operations.py:183
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `noop` (body is just `pass`/`return`) — django/db/migrations/operations/special.py:217
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `print_results` (body is just `pass`/`return`) — django/test/utils.py:985
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `return_None` (body is just `pass`/`return`) — django/db/models/fields/__init__.py:123
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `set_attributes_from_rel` (body is just `pass`/`return`) — django/contrib/contenttypes/fields.py:554
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `state_forwards` (body is just `pass`/`return`) — django/contrib/postgres/operations.py:20
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
quality
integrity
conf 1.00
Stub function `validate` (body is just `pass`/`return`) — django/forms/fields.py:856
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /
`django/contrib/admindocs/urls.py` declares `ANY /` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /(?P<url>.*)$
`django/contrib/admin/sites.py` declares `ANY /(?P<url>.*)$` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /<path:url>
`django/contrib/flatpages/urls.py` declares `ANY /<path:url>` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /^models/(?P<app_label>[^.]+)\.(?P<model_name>[^/]+)/$
`django/contrib/admindocs/urls.py` declares `ANY /^models/(?P<app_label>[^.]+)\.(?P<model_name>[^/]+)/$` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or do…
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /autocomplete/
`django/contrib/admin/sites.py` declares `ANY /autocomplete/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /bookmarklets/
`django/contrib/admindocs/urls.py` declares `ANY /bookmarklets/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /filters/
`django/contrib/admindocs/urls.py` declares `ANY /filters/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /jsi18n/
`django/contrib/admin/sites.py` declares `ANY /jsi18n/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /login/
`django/contrib/auth/urls.py` declares `ANY /login/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /logout/
`django/contrib/auth/urls.py` declares `ANY /logout/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /models/
`django/contrib/admindocs/urls.py` declares `ANY /models/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /password_change/
`django/contrib/auth/urls.py` declares `ANY /password_change/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /password_change/done/
`django/contrib/auth/urls.py` declares `ANY /password_change/done/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /password_reset/
`django/contrib/auth/urls.py` declares `ANY /password_reset/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /password_reset/done/
`django/contrib/auth/urls.py` declares `ANY /password_reset/done/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /r/<path:content_type_id>/<path:object_id>/
`django/contrib/admin/sites.py` declares `ANY /r/<path:content_type_id>/<path:object_id>/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who …
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /reset/<uidb64>/<token>/
`django/contrib/auth/urls.py` declares `ANY /reset/<uidb64>/<token>/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /reset/done/
`django/contrib/auth/urls.py` declares `ANY /reset/done/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /setlang/
`django/conf/urls/i18n.py` declares `ANY /setlang/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /tags/
`django/contrib/admindocs/urls.py` declares `ANY /tags/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /templates/<path:template>/
`django/contrib/admindocs/urls.py` declares `ANY /templates/<path:template>/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /views/
`django/contrib/admindocs/urls.py` declares `ANY /views/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
api
wiring
conf 1.00
Unused endpoint: ANY /views/<view>/
`django/contrib/admindocs/urls.py` declares `ANY /views/<view>/` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
wiringunused-endpoint
low
9-layer
quality
complexity
conf 1.00
Very large file: django/contrib/admin/checks.py (1407 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/contrib/admin/options.py (2880 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/backends/base/schema.py (2089 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/migrations/autodetector.py (2066 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/base.py (2566 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/expressions.py (2235 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/fields/__init__.py (2984 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/fields/related.py (2159 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/fields/related_descriptors.py (1712 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/query.py (3032 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/sql/compiler.py (2271 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/db/models/sql/query.py (2892 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/forms/models.py (1719 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/template/defaulttags.py (1692 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/test/client.py (1755 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: django/test/testcases.py (1897 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/admin_changelist/tests.py (2235 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/admin_filters/tests.py (2056 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/admin_inlines/tests.py (2590 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/admin_scripts/tests.py (3343 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/admin_views/tests.py (9800 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/admin_widgets/tests.py (2105 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/aggregation/tests.py (2871 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/aggregation_regress/tests.py (2013 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/annotations/tests.py (1601 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/auth_tests/test_auth_backends.py (1498 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/auth_tests/test_forms.py (1775 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/auth_tests/test_management.py (1822 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/auth_tests/test_views.py (1791 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/cache/tests.py (3153 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/constraints/tests.py (1505 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/csrf_tests/tests.py (1493 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/db_functions/datetime/test_extract_trunc.py (1950 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/expressions/tests.py (3054 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/expressions_case/tests.py (1679 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/expressions_window/tests.py (2038 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/file_storage/tests.py (1280 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/fixtures/tests.py (1365 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low
9-layer
quality
complexity
conf 1.00
Very large file: tests/forms_tests/tests/test_forms.py (5715 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
Showing first 300 of 479. Refine filters or use the
legacy findings page for deep search.
{# ── 2026-05-17 Round 14: AI-agent bridge footer ──────────────────────
Discoverability: the /agents/voting/ guide + MCP manifest exist but
aren't linked from anywhere users actually land. Small, opt-in footer. #}