{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is ", "shortDescription": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every f"}, "fullDescription": {"text": "Use None as the default and create the collection inside the function: `def __init__(x=None): x = x or []`"}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT007", "name": "localStorage write failures are swallowed silently", "shortDescription": {"text": "localStorage write failures are swallowed silently"}, "fullDescription": {"text": "Handle QuotaExceededError explicitly, show a toast or error state, and guide the user to export/clear old local data. Log non-quota failures for diagnostics."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "SEC012", "name": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the t", "shortDescription": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "fullDescription": {"text": "Validate extracted paths with os.path.realpath() and ensure they stay within the target directory."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC127", "name": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedEr", "shortDescription": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or "}, "fullDescription": {"text": "Either implement the body, or fail closed at module-load time so the deploy can't ship a half-built route. A CI gate that fails build on `raise NotImplementedError` in non-abstract code catches this cleanly."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 0.45, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `get_reg_size` has cognitive complexity 21 (SonarSource scale). Cognitive ", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `get_reg_size` has cognitive complexity 21 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 21."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "SEC136", "name": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns ", "shortDescription": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, retur"}, "fullDescription": {"text": "Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CORE_LARGE_FILES", "name": "Average file size is 677 lines (recommend <300)", "shortDescription": {"text": "Average file size is 677 lines (recommend <300)"}, "fullDescription": {"text": "Refactor large files by extracting related functions into separate modules. Target files with 300+ lines first. Use the Single Responsibility Principle \u2014 each module should have one clear purpose."}, "properties": {"scanner": "repobility-core", "category": "quality", "severity": "medium", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED067", "name": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.", "shortDescription": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-400 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED075", "name": "[MINED075] C Malloc No Check (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED075] C Malloc No Check (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-690 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED062", "name": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model.", "shortDescription": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 12 more): Same pattern found in 12 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED068", "name": "[MINED068] Rust Unsafe Block (and 64 more): Same pattern found in 64 additional files. Review if needed.", "shortDescription": {"text": "[MINED068] Rust Unsafe Block (and 64 more): Same pattern found in 64 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-119 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 addit", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED066", "name": "[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors.", "shortDescription": {"text": "[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 12 more): Same pattern found in 12 addi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED059", "name": "[MINED059] Rust Expect In Prod (and 53 more): Same pattern found in 53 additional files. Review if needed.", "shortDescription": {"text": "[MINED059] Rust Expect In Prod (and 53 more): Same pattern found in 53 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED003", "name": "[MINED003] Rust Unwrap In Prod (and 79 more): Same pattern found in 79 additional files. Review if needed.", "shortDescription": {"text": "[MINED003] Rust Unwrap In Prod (and 79 more): Same pattern found in 79 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.", "shortDescription": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED098", "name": "[MINED098] Global Scope Pollution: Attaching libraries/objects directly to the global window scope (e.g., `window.axios ", "shortDescription": {"text": "[MINED098] Global Scope Pollution: Attaching libraries/objects directly to the global window scope (e.g., `window.axios = axios;`) makes the code harder to test and increases the risk of naming collisions."}, "fullDescription": {"text": "Import the library where you need it instead of attaching to window. For legitimate global registries, use a namespaced object (e.g., `window.__myApp.axios`)."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED080", "name": "[MINED080] Cpp Using Namespace Std (and 56 more): Same pattern found in 56 additional files. Review if needed.", "shortDescription": {"text": "[MINED080] Cpp Using Namespace Std (and 56 more): Same pattern found in 56 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete (and 85 more): Same pattern found in 85 additional files. Review if needed.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete (and 85 more): Same pattern found in 85 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at ", "shortDescription": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compro"}, "fullDescription": {"text": "Replace with: `uses: actions/upload-artifact@<40-char-sha>  # v4` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_all_lifts: Test function `test_all_lifts` runs code but contains no assert / expe", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_all_lifts: Test function `test_all_lifts` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.raw` used but never assigned in __init__: Method `create_database` of class `FileMetadata` reads `self.", "shortDescription": {"text": "[MINED108] `self.raw` used but never assigned in __init__: Method `create_database` of class `FileMetadata` reads `self.raw`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first tim"}, "fullDescription": {"text": "Initialize `self.raw = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "JRN004", "name": "Consent is collected in UI without visible backend audit persistence", "shortDescription": {"text": "Consent is collected in UI without visible backend audit persistence"}, "fullDescription": {"text": "Persist consent as a backend record with subject, actor, purpose, scope, legal text version, timestamp, IP address, user agent, and revocation state."}, "properties": {"scanner": "repobility-journey-contract", "category": "auth", "severity": "high", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "MINED021", "name": "[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain \"../\" \u2014 directory escape.", "shortDescription": {"text": "[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain \"../\" \u2014 directory escape."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-22 / A01:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC078", "name": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsiv", "shortDescription": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a re"}, "fullDescription": {"text": "Add `timeout=10` (or appropriate value) to every requests call."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC085", "name": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. ", "shortDescription": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "fullDescription": {"text": "Use execFile / spawn with separate args array; never pass shell strings."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED039", "name": "[MINED039] Rust Todo Macro: todo!() panics when reached. Unimplemented code path.", "shortDescription": {"text": "[MINED039] Rust Todo Macro: todo!() panics when reached. Unimplemented code path."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED004", "name": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).", "shortDescription": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED041", "name": "[MINED041] Rust Unimplemented Macro: unimplemented!() panics. Same as todo!() but conventionally used for trait stubs.", "shortDescription": {"text": "[MINED041] Rust Unimplemented Macro: unimplemented!() panics. Same as todo!() but conventionally used for trait stubs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `", "shortDescription": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import platform` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf.", "shortDescription": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1370"}, "properties": {"repository": "Vector35/binaryninja-api", "repoUrl": "https://github.com/Vector35/binaryninja-api", "branch": "dev"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140650, "scanner": "repobility-ast-engine", "fingerprint": "eb3b305600aafbea29abac22f3ce217565d6becbb705112c2525e977d9e6efc4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eb3b305600aafbea29abac22f3ce217565d6becbb705112c2525e977d9e6efc4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/merge.py"}, "region": {"startLine": 229}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140649, "scanner": "repobility-ast-engine", "fingerprint": "fdd81a2be47d3c2d38a68345753b9e05f41d9f15bbe6cea7edca0480c1e034dc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fdd81a2be47d3c2d38a68345753b9e05f41d9f15bbe6cea7edca0480c1e034dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/x86/code_generator/parse-iform-types.py"}, "region": {"startLine": 376}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140648, "scanner": "repobility-ast-engine", "fingerprint": "400e57f683edd548e52808d15cc8332fe46e0d78e625f5e733c3aa73b4ddbcab", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|400e57f683edd548e52808d15cc8332fe46e0d78e625f5e733c3aa73b4ddbcab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/x86/code_generator/parse-iform-types.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (list): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140647, "scanner": "repobility-ast-engine", "fingerprint": "b64494874306dbed4e44f1d8c1d635b3d1be215bc60a35a432e7df778318f642", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b64494874306dbed4e44f1d8c1d635b3d1be215bc60a35a432e7df778318f642"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/armv7/thumb2_disasm/arm_pcode_parser/codegencpp.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140641, "scanner": "repobility-ast-engine", "fingerprint": "8fb4214ebb7c5df6a045d6cbe6d390e1ec70f11cf8fc43519fbc2b72fd85d820", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8fb4214ebb7c5df6a045d6cbe6d390e1ec70f11cf8fc43519fbc2b72fd85d820"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/check_docstring_formatting.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140639, "scanner": "repobility-ast-engine", "fingerprint": "5e611bda4c227b00c7b0501d3eb060dff033379b2d72cfab56747f7adf6a649c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5e611bda4c227b00c7b0501d3eb060dff033379b2d72cfab56747f7adf6a649c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/interaction.py"}, "region": {"startLine": 845}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `prepend_parent` (dict): `def prepend_parent(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140638, "scanner": "repobility-ast-engine", "fingerprint": "3b12bd56c21d2c214c49f8b4d88fcb790ef6b9d8580434d515a2900320249ac6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3b12bd56c21d2c214c49f8b4d88fcb790ef6b9d8580434d515a2900320249ac6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/commonil.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140637, "scanner": "repobility-ast-engine", "fingerprint": "df9229845bf86faa0f4e76cfae4c1894e6449511c84ffea822ee5ba8dcc1d281", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|df9229845bf86faa0f4e76cfae4c1894e6449511c84ffea822ee5ba8dcc1d281"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/function.py"}, "region": {"startLine": 4017}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `get_ssa_var_possible_values` (list): `def get_ssa_var_possible_values(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140634, "scanner": "repobility-ast-engine", "fingerprint": "fa3e6ca7ad290a18a464353ed5de1d8753b41f07e9f6435b1b63d9bda306734a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fa3e6ca7ad290a18a464353ed5de1d8753b41f07e9f6435b1b63d9bda306734a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/mediumlevelil.py"}, "region": {"startLine": 871}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140632, "scanner": "repobility-ast-engine", "fingerprint": "f0d0a7582c64ff9b38e8b44fcb6e459bd56b85420c273b78cd0343daa46c2bdc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f0d0a7582c64ff9b38e8b44fcb6e459bd56b85420c273b78cd0343daa46c2bdc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/transform.py"}, "region": {"startLine": 1242}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `__init__` (dict): `def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140631, "scanner": "repobility-ast-engine", "fingerprint": "207ca251ab5200e2046f6685405419af8a9bb737e3ad12a375bd698fc06d7ae5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|207ca251ab5200e2046f6685405419af8a9bb737e3ad12a375bd698fc06d7ae5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/transform.py"}, "region": {"startLine": 944}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `decode_with_context` (dict): `def decode_with_context(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140630, "scanner": "repobility-ast-engine", "fingerprint": "ac81db371213b8298b68e0c4b0d62fddb1022b6f59eda31e44f6dfb33c5238be", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac81db371213b8298b68e0c4b0d62fddb1022b6f59eda31e44f6dfb33c5238be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/transform.py"}, "region": {"startLine": 343}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `encode` (dict): `def encode(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140629, "scanner": "repobility-ast-engine", "fingerprint": "90ff91dd0b1c5d3cc268698b72b9794ca659bff14655ae4ee8b90f51b9579529", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|90ff91dd0b1c5d3cc268698b72b9794ca659bff14655ae4ee8b90f51b9579529"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/transform.py"}, "region": {"startLine": 320}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `decode` (dict): `def decode(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140628, "scanner": "repobility-ast-engine", "fingerprint": "1d382e23c48b9ddd0671f699229f340a45a2d3087590deaf400bfdb4e1249e68", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1d382e23c48b9ddd0671f699229f340a45a2d3087590deaf400bfdb4e1249e68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/transform.py"}, "region": {"startLine": 297}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140624, "scanner": "repobility-ast-engine", "fingerprint": "93bae030d230da91eb918a94118494fc83e35c65a212b1c75c2a33c9d60ecfb5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|93bae030d230da91eb918a94118494fc83e35c65a212b1c75c2a33c9d60ecfb5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 839}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140623, "scanner": "repobility-ast-engine", "fingerprint": "5ce316e5366d4c0803d25458858c424e7717d2fd0a18c04ac973699c9391186f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5ce316e5366d4c0803d25458858c424e7717d2fd0a18c04ac973699c9391186f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 864}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140622, "scanner": "repobility-ast-engine", "fingerprint": "8b913682dcd80640250237974c4d9b59048527f790169b0ba1e49bef6befe826", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8b913682dcd80640250237974c4d9b59048527f790169b0ba1e49bef6befe826"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 927}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140621, "scanner": "repobility-ast-engine", "fingerprint": "2d2e6d7b2923008ec63cd6bfa3e7b68ccc96d368de7a507c3e4da9a3fbc217ca", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2d2e6d7b2923008ec63cd6bfa3e7b68ccc96d368de7a507c3e4da9a3fbc217ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 907}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140620, "scanner": "repobility-ast-engine", "fingerprint": "6ac6d53455cc3f85578722d5759875d11e9557ff03ddd50c80368bfd48d11dbc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6ac6d53455cc3f85578722d5759875d11e9557ff03ddd50c80368bfd48d11dbc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 1052}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140619, "scanner": "repobility-ast-engine", "fingerprint": "423ecc93b7feb96a8d0433ff45e68a8ad721e4e16e3388daddd536862736a3fd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|423ecc93b7feb96a8d0433ff45e68a8ad721e4e16e3388daddd536862736a3fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 1095}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140618, "scanner": "repobility-ast-engine", "fingerprint": "c14fd79024e64efc9441bda32ff550aef565ee2683bde574858f5462b3c92abb", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c14fd79024e64efc9441bda32ff550aef565ee2683bde574858f5462b3c92abb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 1087}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140617, "scanner": "repobility-ast-engine", "fingerprint": "f67df1c1e08f85563852b76a80e98c04dc1f457b7273d2906a35e6258fba066b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f67df1c1e08f85563852b76a80e98c04dc1f457b7273d2906a35e6258fba066b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 1076}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140616, "scanner": "repobility-ast-engine", "fingerprint": "796cb3c06c504e9ce3bddac19179df730d4e6c00b0e72a78568d6da1c28b6b9d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|796cb3c06c504e9ce3bddac19179df730d4e6c00b0e72a78568d6da1c28b6b9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/scriptingprovider.py"}, "region": {"startLine": 994}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140614, "scanner": "repobility-ast-engine", "fingerprint": "232631af9501140078a8d910f2917beb5e5e3470f87c2a44aad431a96bb10847", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|232631af9501140078a8d910f2917beb5e5e3470f87c2a44aad431a96bb10847"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/binaryview.py"}, "region": {"startLine": 5911}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `load` (dict): `def load(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140613, "scanner": "repobility-ast-engine", "fingerprint": "218cedeed89ea2e071b9ea55faf63d945d4e993d7addf8cabb7103ab44d3deae", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|218cedeed89ea2e071b9ea55faf63d945d4e993d7addf8cabb7103ab44d3deae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/binaryview.py"}, "region": {"startLine": 3510}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140610, "scanner": "repobility-ast-engine", "fingerprint": "b0ea86f6472855ab1987f66777817447fbfd65b50c6214895de2ad2889a73e3a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b0ea86f6472855ab1987f66777817447fbfd65b50c6214895de2ad2889a73e3a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/bncompleter.py"}, "region": {"startLine": 135}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140609, "scanner": "repobility-ast-engine", "fingerprint": "8fd3afa57ebe266ce9642589c99cef62bd3ee9a0e3a9c20a8c8ab2303be6a1c8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8fd3afa57ebe266ce9642589c99cef62bd3ee9a0e3a9c20a8c8ab2303be6a1c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/bncompleter.py"}, "region": {"startLine": 599}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140608, "scanner": "repobility-ast-engine", "fingerprint": "cf39f4a1cf835ad215f0d1e1e081359147789e7a0cd6301d760550bdc8891588", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf39f4a1cf835ad215f0d1e1e081359147789e7a0cd6301d760550bdc8891588"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/bncompleter.py"}, "region": {"startLine": 426}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140607, "scanner": "repobility-ast-engine", "fingerprint": "0d8d676a9086d6750207d688f0329065ffe825d236d800db01d6e1235a8145de", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0d8d676a9086d6750207d688f0329065ffe825d236d800db01d6e1235a8145de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/bncompleter.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140606, "scanner": "repobility-ast-engine", "fingerprint": "39e1dea3826c9e448edd05bcea87fc3c9e99fcd8cbcb1d5c3dd948b4d94ef4c5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|39e1dea3826c9e448edd05bcea87fc3c9e99fcd8cbcb1d5c3dd948b4d94ef4c5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/bncompleter.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140599, "scanner": "repobility-ast-engine", "fingerprint": "408efa58fae2efd79bf555c96c22fd149dfbe88c854ba3d12d3f3c100c491810", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|408efa58fae2efd79bf555c96c22fd149dfbe88c854ba3d12d3f3c100c491810"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/platform.py"}, "region": {"startLine": 273}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140598, "scanner": "repobility-ast-engine", "fingerprint": "1fe27f0124eb72e7799bb56a1a19b3a1320b7fbff41a823937d7d45dd84d0f79", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1fe27f0124eb72e7799bb56a1a19b3a1320b7fbff41a823937d7d45dd84d0f79"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/platform.py"}, "region": {"startLine": 221}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 140596, "scanner": "repobility-ast-engine", "fingerprint": "c417691b5fd207e1da4394593b7bfaa734ea89b00f825aab8178860dae825bfe", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c417691b5fd207e1da4394593b7bfaa734ea89b00f825aab8178860dae825bfe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/lowlevelil.py"}, "region": {"startLine": 713}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `register_activity` (list): `def register_activity(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 140594, "scanner": "repobility-ast-engine", "fingerprint": "aa4eb076fbbc8c19f724e2165f50b6cf5209ac0cde25bc5fbcbb77332d14b9c4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa4eb076fbbc8c19f724e2165f50b6cf5209ac0cde25bc5fbcbb77332d14b9c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/workflow.py"}, "region": {"startLine": 708}}}]}, {"ruleId": "AGT007", "level": "warning", "message": {"text": "localStorage write failures are swallowed silently"}, "properties": {"repobilityId": 140567, "scanner": "repobility-agent-runtime", "fingerprint": "b1f7d79e731b816b744fc98d9717d4f002c6df060cbd4ff3a9a29f29f4aea30c", "category": "quality", "severity": "medium", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File writes to localStorage and has an empty or ignore-only catch block without QuotaExceededError handling.", "evidence": {"rule_id": "AGT007", "scanner": "repobility-agent-runtime", "references": ["https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API"], "correlation_key": "fp|b1f7d79e731b816b744fc98d9717d4f002c6df060cbd4ff3a9a29f29f4aea30c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api-docs/cppdocs/binaryninja-darkmode.js"}, "region": {"startLine": 48}}}]}, {"ruleId": "SEC012", "level": "warning", "message": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "properties": {"repobilityId": 140529, "scanner": "repobility-threat-engine", "fingerprint": "c94f59f9e9d6468d9c337d77cb8e018e8cf4b4f2642edd113ee70a718d158c39", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".extractall(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC012", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|path_traversal|token|81|sec012"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/download_headless.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "SEC127", "level": "warning", "message": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident."}, "properties": {"repobilityId": 140524, "scanner": "repobility-threat-engine", "fingerprint": "9e69a50d7cc09ff6a487861e31fa5ee72b9fa75a388be8b671005281eccd087f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "def perform_connect(self, host, headers):\n\t\traise NotImplementedError", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC127", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9e69a50d7cc09ff6a487861e31fa5ee72b9fa75a388be8b671005281eccd087f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/websocketprovider.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "SEC127", "level": "warning", "message": {"text": "[SEC127] AI agent stub \u2014 TODO: implement / pass placeholder body: Function body left as TODO/pass/raise NotImplementedError after an AI scaffolding pass. The route appears to exist (and may even pass shallow CI), but invoking it crashes or silently no-ops. AI agents consistently emit these when their context window runs out mid-implementation. Production callers hitting these stubs is a classic AI-generated-incident."}, "properties": {"repobilityId": 140523, "scanner": "repobility-threat-engine", "fingerprint": "1ab36e0d4ebc68632035eb1d63c670379547e3139320f2d19dcddc18806e37da", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "def perform_has_data(self, key: str) -> bool:\n\t\traise NotImplementedError", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC127", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1ab36e0d4ebc68632035eb1d63c670379547e3139320f2d19dcddc18806e37da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/secretsprovider.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 140517, "scanner": "repobility-threat-engine", "fingerprint": "ac0cddaff17ca1d905330fa3cb0fa66b071f46c1aeb9c8e47cae6598ffc54dfe", "category": "error_handling", "severity": "medium", "confidence": 0.45, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Pattern matched with no mitigating context found | [R34 auto-suppress: documentation/example path]", "evidence": {"match": "except Exception:\n\t\tpass", "reason": "Pattern matched with no mitigating context found | [R34 auto-suppress: documentation/example path]", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 0.45, "correlation_key": "fp|ac0cddaff17ca1d905330fa3cb0fa66b071f46c1aeb9c8e47cae6598ffc54dfe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/examples/multitool.py"}, "region": {"startLine": 35}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 140471, "scanner": "repobility-threat-engine", "fingerprint": "b4b2763fa7f7500029c59c65243c0c6a0dc9f63278f0958c5c73ff6c111bfc6a", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new Function(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|flowgraph.cpp|156|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "flowgraph.cpp"}, "region": {"startLine": 156}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 140470, "scanner": "repobility-threat-engine", "fingerprint": "6ca9ea70c757777a90476e2cce6807536fea5eddd0bcdd701d9f9bedfdc5d148", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new Function(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|component.cpp|137|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "component.cpp"}, "region": {"startLine": 137}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 140469, "scanner": "repobility-threat-engine", "fingerprint": "9083b68edd8380c26c5ff3ace655033e96123bc42bc9b39fc9d88cd3c9f9c638", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|295|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/mips/mips/unittest/unitTest.py"}, "region": {"startLine": 295}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `get_reg_size` has cognitive complexity 21 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: if=21."}, "properties": {"repobilityId": 140463, "scanner": "repobility-threat-engine", "fingerprint": "92021772dcdcee0db869984366aab9e58a8b5b39f1ecc67100fb1e750b502cd2", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 21 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "get_reg_size", "breakdown": {"if": 21}, "complexity": 21, "correlation_key": "fp|92021772dcdcee0db869984366aab9e58a8b5b39f1ecc67100fb1e750b502cd2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/arm64/misc/neon_intrins.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 140461, "scanner": "repobility-threat-engine", "fingerprint": "a3e6b968ad9625b35b1acb1d2a15a7cdfed85b96ac19d5f293c19922df7d5e17", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "try:\n                    values = bytes.fromhex(type.target.attributes[name])\n                    de", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a3e6b968ad9625b35b1acb1d2a15a7cdfed85b96ac19d5f293c19922df7d5e17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/examples/encoded_strings.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 140460, "scanner": "repobility-threat-engine", "fingerprint": "6da240121316d41dbf9efe870e052d1d5ee3cd6775be9ab6031fd299f33de723", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "} catch (e) {\n            return null;\n        }", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|6da240121316d41dbf9efe870e052d1d5ee3cd6775be9ab6031fd299f33de723"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api-docs/cppdocs/binaryninja-darkmode.js"}, "region": {"startLine": 38}}}]}, {"ruleId": "CORE_LARGE_FILES", "level": "warning", "message": {"text": "Average file size is 677 lines (recommend <300)"}, "properties": {"repobilityId": 140451, "scanner": "repobility-core", "fingerprint": "eed4560e358009ca7f0c35ac4448df0262b679418116bbef369ff2ea76900355", "category": "quality", "severity": "medium", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_LARGE_FILES", "scanner": "repobility-core", "correlation_key": "fp|eed4560e358009ca7f0c35ac4448df0262b679418116bbef369ff2ea76900355"}}}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140566, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dc4b57262f55bd4c8ac17877fb70245960355cfc838b5c1a12e05c5b587fc22e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|dc4b57262f55bd4c8ac17877fb70245960355cfc838b5c1a12e05c5b587fc22e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/workflow_objc/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140565, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e8ea5483415b42792863db43690e0c9fca32ab39d30dad6edb544c404ec84bea", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/warp/src/container/disk.rs", "duplicate_line": 173, "correlation_key": "fp|e8ea5483415b42792863db43690e0c9fca32ab39d30dad6edb544c404ec84bea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/src/container/memory.rs"}, "region": {"startLine": 170}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140564, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0150c366514373b8fb14d23d6cf58362dfeae717cc6a468fc4be8d24b3b2b6b6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/svd/build.rs", "duplicate_line": 24, "correlation_key": "fp|0150c366514373b8fb14d23d6cf58362dfeae717cc6a468fc4be8d24b3b2b6b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/build.rs"}, "region": {"startLine": 25}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140563, "scanner": "repobility-ai-code-hygiene", "fingerprint": "89be7c42ee7aeae6d46c1d0a969bd613d919652f56b516864f77de3eacbcae5c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|89be7c42ee7aeae6d46c1d0a969bd613d919652f56b516864f77de3eacbcae5c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/build.rs"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140562, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d601b19d65f9bdefe44cf56238d840c6deb2d3aa9b91414ee74bb89b383d8111", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/bntl_utils/build.rs", "duplicate_line": 1, "correlation_key": "fp|d601b19d65f9bdefe44cf56238d840c6deb2d3aa9b91414ee74bb89b383d8111"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140561, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b5bfab74fd83fc65fe3fbe7f9db4c7b889bd198fd98caf5291f05f8005a2515e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/idb_import/src/settings.rs", "duplicate_line": 26, "correlation_key": "fp|b5bfab74fd83fc65fe3fbe7f9db4c7b889bd198fd98caf5291f05f8005a2515e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/svd/src/settings.rs"}, "region": {"startLine": 58}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140560, "scanner": "repobility-ai-code-hygiene", "fingerprint": "847261fcb61408b898cc5664edd7d362bf627a497ab802200e1fde2391dfcfa3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|847261fcb61408b898cc5664edd7d362bf627a497ab802200e1fde2391dfcfa3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/svd/build.rs"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140559, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5590c0619d6e139bd20615db87c5d442e04eb500978b9b3c88eb5085e6445987", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/bntl_utils/build.rs", "duplicate_line": 1, "correlation_key": "fp|5590c0619d6e139bd20615db87c5d442e04eb500978b9b3c88eb5085e6445987"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/svd/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140558, "scanner": "repobility-ai-code-hygiene", "fingerprint": "12c33837817c97dede6ed02a7fc81d59ea6a678312aa5828a97ccea2622bcc8e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/rtti/itanium.cpp", "duplicate_line": 405, "correlation_key": "fp|12c33837817c97dede6ed02a7fc81d59ea6a678312aa5828a97ccea2622bcc8e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/rtti/microsoft.cpp"}, "region": {"startLine": 402}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140557, "scanner": "repobility-ai-code-hygiene", "fingerprint": "748b74f9cb5eaaa9d4f593b5613bec56d68f0b53f3d41e514b4682c9cdee0f80", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/dwarf/dwarf_import/src/lib.rs", "duplicate_line": 38, "correlation_key": "fp|748b74f9cb5eaaa9d4f593b5613bec56d68f0b53f3d41e514b4682c9cdee0f80"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/pdb-ng/src/parser.rs"}, "region": {"startLine": 411}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140556, "scanner": "repobility-ai-code-hygiene", "fingerprint": "910135e557387d399014eb3dd56a509e60b581c82f6412a6868b88bc12f868b3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|910135e557387d399014eb3dd56a509e60b581c82f6412a6868b88bc12f868b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/pdb-ng/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140555, "scanner": "repobility-ai-code-hygiene", "fingerprint": "016f16206d66f80673485aa7649541731d77c002a580d4152eef6023b0c6983e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|016f16206d66f80673485aa7649541731d77c002a580d4152eef6023b0c6983e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/idb_import/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140554, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1bd33074f79c9dd16b33238af465bb1d4f0f8799f1b9388e907d3cfe14ec4334", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/efi_resolver/src/DxeResolver.cpp", "duplicate_line": 6, "correlation_key": "fp|1bd33074f79c9dd16b33238af465bb1d4f0f8799f1b9388e907d3cfe14ec4334"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/efi_resolver/src/PeiResolver.cpp"}, "region": {"startLine": 203}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140553, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dc07109991a85572d030791ee6344f18ed2b511569174714ee6bad418ba001b9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/bntl_utils/cli/build.rs", "duplicate_line": 1, "correlation_key": "fp|dc07109991a85572d030791ee6344f18ed2b511569174714ee6bad418ba001b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/dwarf/shared/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140552, "scanner": "repobility-ai-code-hygiene", "fingerprint": "71b3088da548799e8e41a13e4d9f325c2b20a1a166adb8e62444767bda9ab23d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/bntl_utils/cli/build.rs", "duplicate_line": 1, "correlation_key": "fp|71b3088da548799e8e41a13e4d9f325c2b20a1a166adb8e62444767bda9ab23d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/dwarf/dwarfdump/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140551, "scanner": "repobility-ai-code-hygiene", "fingerprint": "938d4313ac9a487afcd42e7b5cb1451c35651375af9962067dbb2577f7451314", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 6, "correlation_key": "fp|938d4313ac9a487afcd42e7b5cb1451c35651375af9962067dbb2577f7451314"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/dwarf/dwarf_import/build.rs"}, "region": {"startLine": 11}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140550, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5c4af670f5a55f1a386552b15a6dade86abd90d7157826a1029a7e50eb911753", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|5c4af670f5a55f1a386552b15a6dade86abd90d7157826a1029a7e50eb911753"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/dwarf/dwarf_export/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140549, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9d6708c6bb83ac6133e30967f0733802a4c32de93e1ef72a22222c86036cb951", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "plugins/bntl_utils/cli/src/create.rs", "duplicate_line": 53, "correlation_key": "fp|9d6708c6bb83ac6133e30967f0733802a4c32de93e1ef72a22222c86036cb951"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/bntl_utils/src/command/create.rs"}, "region": {"startLine": 151}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140548, "scanner": "repobility-ai-code-hygiene", "fingerprint": "38ac1552089ebf929709d3a827b4787588b830ca3aa2d0fa548bc26ebdc78e19", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|38ac1552089ebf929709d3a827b4787588b830ca3aa2d0fa548bc26ebdc78e19"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/bntl_utils/build.rs"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140547, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c9034e5b6928e77ad30822007d9f639d8759af36e35afbfca4cb337bff118749", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/efi/platform_efi.cpp", "duplicate_line": 14, "correlation_key": "fp|c9034e5b6928e77ad30822007d9f639d8759af36e35afbfca4cb337bff118749"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/windows/platform_windows.cpp"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140546, "scanner": "repobility-ai-code-hygiene", "fingerprint": "001d8cb263bfe89b96c8a12a175ca37d7730c2580e989aff0725d40c88a6ab39", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/mac-kernel/platform_mac_kernel.cpp", "duplicate_line": 71, "correlation_key": "fp|001d8cb263bfe89b96c8a12a175ca37d7730c2580e989aff0725d40c88a6ab39"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/windows-kernel/platform_windows_kernel.cpp"}, "region": {"startLine": 78}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140545, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2a015ac9d4c28b471c5f5749253507369424b9498b976697adc48a8418639fcd", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/efi/platform_efi.cpp", "duplicate_line": 14, "correlation_key": "fp|2a015ac9d4c28b471c5f5749253507369424b9498b976697adc48a8418639fcd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/windows-kernel/platform_windows_kernel.cpp"}, "region": {"startLine": 10}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140544, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a20d91dce0e9130913e684d1abcfffeaaebf7ce414e006968a2e03e71dc79734", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/mac-kernel/platform_mac_kernel.cpp", "duplicate_line": 13, "correlation_key": "fp|a20d91dce0e9130913e684d1abcfffeaaebf7ce414e006968a2e03e71dc79734"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/mac/platform_mac.cpp"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140543, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ca23ef3cbe20430cfb2ae896aee6fa8410762f14e1739296f2ff55657015c4d5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/freebsd/platform_freebsd.cpp", "duplicate_line": 10, "correlation_key": "fp|ca23ef3cbe20430cfb2ae896aee6fa8410762f14e1739296f2ff55657015c4d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/mac/platform_mac.cpp"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140542, "scanner": "repobility-ai-code-hygiene", "fingerprint": "60553ee494210e28bc4f583ac5016bca14b0078be7cf93e06f4c730961b54009", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/decree/platform_decree.cpp", "duplicate_line": 7, "correlation_key": "fp|60553ee494210e28bc4f583ac5016bca14b0078be7cf93e06f4c730961b54009"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/mac/platform_mac.cpp"}, "region": {"startLine": 9}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140541, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ae3e5ee67e7bf2c08f901c3119eaa922c2fe48eb7ea5c8fb3b1d2e46ce498bb1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/freebsd/platform_freebsd.cpp", "duplicate_line": 10, "correlation_key": "fp|ae3e5ee67e7bf2c08f901c3119eaa922c2fe48eb7ea5c8fb3b1d2e46ce498bb1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/mac-kernel/platform_mac_kernel.cpp"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140540, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b44d111b1c93d105f570ca90502b5776053166ec792178f51e60445e70e5c55a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/decree/platform_decree.cpp", "duplicate_line": 7, "correlation_key": "fp|b44d111b1c93d105f570ca90502b5776053166ec792178f51e60445e70e5c55a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/mac-kernel/platform_mac_kernel.cpp"}, "region": {"startLine": 9}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140539, "scanner": "repobility-ai-code-hygiene", "fingerprint": "55f96113dfce4a71d198de1bf5b2563896540c09a327c1a0fd203de8bdcfbd4c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "platform/decree/platform_decree.cpp", "duplicate_line": 7, "correlation_key": "fp|55f96113dfce4a71d198de1bf5b2563896540c09a327c1a0fd203de8bdcfbd4c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "platform/freebsd/platform_freebsd.cpp"}, "region": {"startLine": 7}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140538, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8d598867fa9b9583417d678b227cb3ab03a1d55fb0637e7fb563f7241b121c2c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "lang/c/pseudoc.h", "duplicate_line": 26, "correlation_key": "fp|8d598867fa9b9583417d678b227cb3ab03a1d55fb0637e7fb563f7241b121c2c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "lang/rust/pseudorust.h"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 140537, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e2147f74a02d087a30d304b896c1d6fa935eb48349482514253e6b6b4a925d4f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "arch/msp430/build.rs", "duplicate_line": 1, "correlation_key": "fp|e2147f74a02d087a30d304b896c1d6fa935eb48349482514253e6b6b4a925d4f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/riscv/build.rs"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=2, for=2, if=2, nested_bonus=5."}, "properties": {"repobilityId": 140465, "scanner": "repobility-threat-engine", "fingerprint": "b4bd28652d97df4b8486559c474aca220b2348f8bb60f5feaeefb34a722401bb", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "main", "breakdown": {"if": 2, "for": 2, "except": 2, "nested_bonus": 5}, "complexity": 11, "correlation_key": "fp|b4bd28652d97df4b8486559c474aca220b2348f8bb60f5feaeefb34a722401bb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/examples/download_everything.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `detect_base_address` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: for=1, if=8, ternary=1."}, "properties": {"repobilityId": 140464, "scanner": "repobility-threat-engine", "fingerprint": "97fa888d72c4e98cb40ab48800e01aeb5efc26b2335f13a006271fb38ae5aedb", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "detect_base_address", "breakdown": {"if": 8, "for": 1, "ternary": 1}, "complexity": 10, "correlation_key": "fp|97fa888d72c4e98cb40ab48800e01aeb5efc26b2335f13a006271fb38ae5aedb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/basedetection.py"}, "region": {"startLine": 162}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 140536, "scanner": "repobility-threat-engine", "fingerprint": "4efd036113e4d20ebbb3f5f07127acffb20ef1e99a005e298811f9ac8ed67bea", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4efd036113e4d20ebbb3f5f07127acffb20ef1e99a005e298811f9ac8ed67bea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sphinx_rtd/static/js/theme.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 140533, "scanner": "repobility-threat-engine", "fingerprint": "06b1f0f9bbb5b364534b7f8c8da8c296d83bebc246aab941e9d802c4a45e6c19", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|06b1f0f9bbb5b364534b7f8c8da8c296d83bebc246aab941e9d802c4a45e6c19"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/verify_hashes.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 140532, "scanner": "repobility-threat-engine", "fingerprint": "c8cae33cd653695324727dd8bac3145c38cd8abd7f41f809929f66847c29caca", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c8cae33cd653695324727dd8bac3145c38cd8abd7f41f809929f66847c29caca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/download_headless.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 140528, "scanner": "repobility-threat-engine", "fingerprint": "008cf5cb4a6d001a21b9b079a6ea304b3e2a8e1a8ed47e19e1e699385013451b", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|008cf5cb4a6d001a21b9b079a6ea304b3e2a8e1a8ed47e19e1e699385013451b", "aggregated_count": 1}}}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 140527, "scanner": "repobility-threat-engine", "fingerprint": "bed26dffdbcd00c014b840214807fc9f825b2a1e64d4cb739a0452f109dc3903", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bed26dffdbcd00c014b840214807fc9f825b2a1e64d4cb739a0452f109dc3903"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "view/kernelcache/core/transformers/liblzfse/lzfse_encode.c"}, "region": {"startLine": 152}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 140526, "scanner": "repobility-threat-engine", "fingerprint": "3a966c198bbb811f2b793fc108ba27e4daf28fa846cd046a4d2a108163d98bd7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3a966c198bbb811f2b793fc108ba27e4daf28fa846cd046a4d2a108163d98bd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "view/kernelcache/core/transformers/liblzfse/lzfse_decode.c"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED075", "level": "none", "message": {"text": "[MINED075] C Malloc No Check: malloc/calloc/realloc return value used without checking for NULL."}, "properties": {"repobilityId": 140525, "scanner": "repobility-threat-engine", "fingerprint": "5f37dd57a8df3936eb6e8a4caf6ee9cc28422ec8716b1f0066e4dd5d55fd6c3f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-malloc-no-check", "owasp": null, "cwe_ids": ["CWE-690"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348076+00:00", "triaged_in_corpus": 12, "observations_count": 11735, "ai_coder_pattern_id": 131}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5f37dd57a8df3936eb6e8a4caf6ee9cc28422ec8716b1f0066e4dd5d55fd6c3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "rapidjson/allocators.h"}, "region": {"startLine": 237}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 140522, "scanner": "repobility-threat-engine", "fingerprint": "f7e4895b6d3049b9b1443d4872dec824612132c08cc4b5c8b3f12d34249e6af8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f7e4895b6d3049b9b1443d4872dec824612132c08cc4b5c8b3f12d34249e6af8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/install_api.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 140521, "scanner": "repobility-threat-engine", "fingerprint": "49658cbd3017aa2f5f772a7f428c7f26dd3a213694f740584c14d86a91d71116", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|49658cbd3017aa2f5f772a7f428c7f26dd3a213694f740584c14d86a91d71116"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/examples/version_switcher.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 140520, "scanner": "repobility-threat-engine", "fingerprint": "d60a76f62c3e9b3f820b4720528e2572f839636a93e5554f181610a788409f94", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d60a76f62c3e9b3f820b4720528e2572f839636a93e5554f181610a788409f94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/verify_hashes.py"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 140519, "scanner": "repobility-threat-engine", "fingerprint": "aa82749c7a8b2c6166d0b05101ff984b3ca7b05c84527c335336e907447f9f7a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|aa82749c7a8b2c6166d0b05101ff984b3ca7b05c84527c335336e907447f9f7a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/download_headless.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 140518, "scanner": "repobility-threat-engine", "fingerprint": "0fabb4567964cba32767f615f1e1dc0f2a4844d5c0ca1190c610fe895a8f9cb8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0fabb4567964cba32767f615f1e1dc0f2a4844d5c0ca1190c610fe895a8f9cb8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/commonil.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 140513, "scanner": "repobility-threat-engine", "fingerprint": "e2d4145574c564c48560b44d2cfd71670bdc51bd9c304f22afffd4115dc6bf25", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e2d4145574c564c48560b44d2cfd71670bdc51bd9c304f22afffd4115dc6bf25"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/commonil.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 140512, "scanner": "repobility-threat-engine", "fingerprint": "0e06a2961622e781a7ce17eb9968ef9e3ac2b55e170a1c7f6386cb5993c4f5f5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0e06a2961622e781a7ce17eb9968ef9e3ac2b55e170a1c7f6386cb5993c4f5f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/basedetection.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "properties": {"repobilityId": 140511, "scanner": "repobility-threat-engine", "fingerprint": "cd4ff08cbb509778875d04bc81c4d5dddf6eb913fbf65972cae2187283af5035", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 12 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|cd4ff08cbb509778875d04bc81c4d5dddf6eb913fbf65972cae2187283af5035", "aggregated_count": 12}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 140510, "scanner": "repobility-threat-engine", "fingerprint": "ace5a91d7e8db02f493882fee5ecd5f8cf67c49b8c10315448127b4bde933ca8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ace5a91d7e8db02f493882fee5ecd5f8cf67c49b8c10315448127b4bde933ca8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/commonil.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 140509, "scanner": "repobility-threat-engine", "fingerprint": "c8cf341d7b240622248fc7019ecb4aa00b0b401b57e9e9b48f3ecd2716c4e9c2", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c8cf341d7b240622248fc7019ecb4aa00b0b401b57e9e9b48f3ecd2716c4e9c2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/examples/multitool.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 140508, "scanner": "repobility-threat-engine", "fingerprint": "7293923b93c03f807c3abf94099d7eef3adbd5e5cac7613330a7ec37a861afd5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7293923b93c03f807c3abf94099d7eef3adbd5e5cac7613330a7ec37a861afd5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/basedetection.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block (and 64 more): Same pattern found in 64 additional files. Review if needed."}, "properties": {"repobilityId": 140505, "scanner": "repobility-threat-engine", "fingerprint": "5e386119022c70f57b6d5ff6d9e274beb66acc7b6c5c758b89ab4b7d78dacadf", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 64 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|5e386119022c70f57b6d5ff6d9e274beb66acc7b6c5c758b89ab4b7d78dacadf", "aggregated_count": 64}}}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 140504, "scanner": "repobility-threat-engine", "fingerprint": "26d9bd611b2852751235f71307461def879ac4dd321be7247444a9b0cfea85a5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|26d9bd611b2852751235f71307461def879ac4dd321be7247444a9b0cfea85a5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/src/plugin/ffi/function.rs"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 140503, "scanner": "repobility-threat-engine", "fingerprint": "a30e9dc64be5f2f23526069be774cdafd51a4308057858ce65657ea9f7dfd547", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a30e9dc64be5f2f23526069be774cdafd51a4308057858ce65657ea9f7dfd547"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/src/plugin/ffi/file.rs"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 140502, "scanner": "repobility-threat-engine", "fingerprint": "5fee3bfa5af5d96319a90ee035150d42f4e28d51825d8cc04e916e7ec466e0c5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5fee3bfa5af5d96319a90ee035150d42f4e28d51825d8cc04e916e7ec466e0c5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/src/plugin/ffi.rs"}, "region": {"startLine": 121}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 140501, "scanner": "repobility-threat-engine", "fingerprint": "2cd220107759c389357ea1e0b2a749255d62455820f15b6cc9e05e77d2c17c58", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|2cd220107759c389357ea1e0b2a749255d62455820f15b6cc9e05e77d2c17c58"}}}, {"ruleId": "MINED066", "level": "none", "message": {"text": "[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors."}, "properties": {"repobilityId": 140496, "scanner": "repobility-threat-engine", "fingerprint": "12ea21ff9ec1237ccf88c76dcde30eb97b3aa07162618eb646a9a6c50a01d58b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-panic-macro", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348055+00:00", "triaged_in_corpus": 12, "observations_count": 48611, "ai_coder_pattern_id": 113}, "scanner": "repobility-threat-engine", "correlation_key": "fp|12ea21ff9ec1237ccf88c76dcde30eb97b3aa07162618eb646a9a6c50a01d58b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "rust/src/data_buffer.rs"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED066", "level": "none", "message": {"text": "[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors."}, "properties": {"repobilityId": 140495, "scanner": "repobility-threat-engine", "fingerprint": "0c7bce12d5d1665b817e8166b3112c4e964ed326511c201c68cae65fd1cf8540", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-panic-macro", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348055+00:00", "triaged_in_corpus": 12, "observations_count": 48611, "ai_coder_pattern_id": 113}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0c7bce12d5d1665b817e8166b3112c4e964ed326511c201c68cae65fd1cf8540"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/bntl_utils/cli/src/create.rs"}, "region": {"startLine": 30}}}]}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "properties": {"repobilityId": 140494, "scanner": "repobility-threat-engine", "fingerprint": "2dd7741d048fa4125233f4d38169b7b6bfcf254bfbcc6b391ac104e43dd71249", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 12 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 12 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|2dd7741d048fa4125233f4d38169b7b6bfcf254bfbcc6b391ac104e43dd71249"}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 140490, "scanner": "repobility-threat-engine", "fingerprint": "0c333dc88d2673beda07ea322592a5e2658418eeef4b48e34ddf9f62e680bdd2", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|0c333dc88d2673beda07ea322592a5e2658418eeef4b48e34ddf9f62e680bdd2", "aggregated_count": 3}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 140489, "scanner": "repobility-threat-engine", "fingerprint": "57eb94d65f149e0a1c101088a44800c3220a46c84f5b4dbcd327ce8f23841d90", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|57eb94d65f149e0a1c101088a44800c3220a46c84f5b4dbcd327ce8f23841d90"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "view/kernelcache/core/ffi_global.h"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 140488, "scanner": "repobility-threat-engine", "fingerprint": "e1a8c421fbd42da16bc5f11af2f3aed2512ea48071e4557c50cabd746fa7c6ee", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e1a8c421fbd42da16bc5f11af2f3aed2512ea48071e4557c50cabd746fa7c6ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/linux-setup.sh"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 140487, "scanner": "repobility-threat-engine", "fingerprint": "433b26c17862d87bd7be057174e0d96526187faf94563db5a21728fa46d1809c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|433b26c17862d87bd7be057174e0d96526187faf94563db5a21728fa46d1809c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "json/json-forwards.h"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod (and 53 more): Same pattern found in 53 additional files. Review if needed."}, "properties": {"repobilityId": 140480, "scanner": "repobility-threat-engine", "fingerprint": "fe0a102c8b8bbd6062487160d90799d507a1b170ed3c9bef6b47ed94ed145946", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 53 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|fe0a102c8b8bbd6062487160d90799d507a1b170ed3c9bef6b47ed94ed145946", "aggregated_count": 53}}}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 140479, "scanner": "repobility-threat-engine", "fingerprint": "8692db3f5644c4468836d8e678cbbdb9ceb3f583d6c2078c90bb38d13510bfda", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8692db3f5644c4468836d8e678cbbdb9ceb3f583d6c2078c90bb38d13510bfda"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/bntl_utils/build.rs"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 140478, "scanner": "repobility-threat-engine", "fingerprint": "588c4648fdf1a0faab48a64220aae7aa9d6fea77f44e42974e80dae282c670b4", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|588c4648fdf1a0faab48a64220aae7aa9d6fea77f44e42974e80dae282c670b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/riscv/build.rs"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED059", "level": "none", "message": {"text": "[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message."}, "properties": {"repobilityId": 140477, "scanner": "repobility-threat-engine", "fingerprint": "8981777b8701acce0d00367d1e3c2e81171bff200cab1ff0ecd2a8b1d78e5337", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-expect-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348039+00:00", "triaged_in_corpus": 12, "observations_count": 175379, "ai_coder_pattern_id": 112}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8981777b8701acce0d00367d1e3c2e81171bff200cab1ff0ecd2a8b1d78e5337"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/msp430/build.rs"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED003", "level": "none", "message": {"text": "[MINED003] Rust Unwrap In Prod (and 79 more): Same pattern found in 79 additional files. Review if needed."}, "properties": {"repobilityId": 140476, "scanner": "repobility-threat-engine", "fingerprint": "12f2725b37507bd50b07ce74ecca3a62184b99dfd21656c2ff4fcbb87dbb4bce", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 79 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|12f2725b37507bd50b07ce74ecca3a62184b99dfd21656c2ff4fcbb87dbb4bce", "aggregated_count": 79}}}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 140472, "scanner": "repobility-threat-engine", "fingerprint": "c80ff157c0dd4f06d29a253eef2e040bc846fc539581945c90fe13c6ec14dd22", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|c80ff157c0dd4f06d29a253eef2e040bc846fc539581945c90fe13c6ec14dd22"}}}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 140468, "scanner": "repobility-threat-engine", "fingerprint": "3c023506f2f188af489c7b4c9c56df6199434f99078436cdd2963b37b485ffac", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3c023506f2f188af489c7b4c9c56df6199434f99078436cdd2963b37b485ffac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/mips/mips/unittest/unitTest.py"}, "region": {"startLine": 280}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 140467, "scanner": "repobility-threat-engine", "fingerprint": "b7693f8fa8616faedb81b35ec6fbaa658f358a79cab8b5a4082a202a1c4768c7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b7693f8fa8616faedb81b35ec6fbaa658f358a79cab8b5a4082a202a1c4768c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/armv7/thumb2_disasm/arm_pcode_parser/filter.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 58 more): Same pattern found in 58 additional files. Review if needed."}, "properties": {"repobilityId": 140466, "scanner": "repobility-threat-engine", "fingerprint": "22f461c791073aa366f63fb109eb764d2b4b27e2f3b53d00ef6d37d429cfdfb3", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 58 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "get_reg_size", "breakdown": {"if": 21}, "aggregated": true, "complexity": 21, "correlation_key": "fp|22f461c791073aa366f63fb109eb764d2b4b27e2f3b53d00ef6d37d429cfdfb3", "aggregated_count": 58}}}, {"ruleId": "MINED098", "level": "none", "message": {"text": "[MINED098] Global Scope Pollution: Attaching libraries/objects directly to the global window scope (e.g., `window.axios = axios;`) makes the code harder to test and increases the risk of naming collisions."}, "properties": {"repobilityId": 140462, "scanner": "repobility-threat-engine", "fingerprint": "89337c545f14951b867ad6f99ab13d9440194b88a9daf9c99d5a77919d9e0c42", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "global-scope-pollution", "owasp": null, "cwe_ids": [], "languages": ["javascript"], "precision": 1.0, "promoted_at": "2026-05-18T15:01:13.611213+00:00", "triaged_in_corpus": 12, "observations_count": 173528, "ai_coder_pattern_id": 55}, "scanner": "repobility-threat-engine", "correlation_key": "fp|89337c545f14951b867ad6f99ab13d9440194b88a9daf9c99d5a77919d9e0c42"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "api-docs/cppdocs/binaryninja-darkmode.js"}, "region": {"startLine": 245}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std (and 56 more): Same pattern found in 56 additional files. Review if needed."}, "properties": {"repobilityId": 140459, "scanner": "repobility-threat-engine", "fingerprint": "b925e521a3e3059b722a094f79da4a9b2ca1da359f2468c7f7ced94f30e2d883", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 56 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|b925e521a3e3059b722a094f79da4a9b2ca1da359f2468c7f7ced94f30e2d883", "aggregated_count": 56}}}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 140458, "scanner": "repobility-threat-engine", "fingerprint": "251e6c80b67dcef816364dce9867135c8bf1272a70528765c6bca025ce9a993b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|251e6c80b67dcef816364dce9867135c8bf1272a70528765c6bca025ce9a993b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/powerpc/disassembler.cpp"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 140457, "scanner": "repobility-threat-engine", "fingerprint": "a24621002ed942abf566ece96481b1b1af7d770b533440ded282bfde57c98d96", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a24621002ed942abf566ece96481b1b1af7d770b533440ded282bfde57c98d96"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/arm64/sysregs_enum.h"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 140456, "scanner": "repobility-threat-engine", "fingerprint": "134e7d000a869b5c4d79a0f729a39d1d6e811bc23e99d97422425fb9197ffd99", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|134e7d000a869b5c4d79a0f729a39d1d6e811bc23e99d97422425fb9197ffd99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "activity.cpp"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete (and 85 more): Same pattern found in 85 additional files. Review if needed."}, "properties": {"repobilityId": 140455, "scanner": "repobility-threat-engine", "fingerprint": "1bb53acdaf572eb79b17fb1d9d25dd82ebf28461a1c0f6f9e70ee6e08294f3e1", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 85 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|1bb53acdaf572eb79b17fb1d9d25dd82ebf28461a1c0f6f9e70ee6e08294f3e1", "aggregated_count": 85}}}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 140454, "scanner": "repobility-threat-engine", "fingerprint": "aebe3bf8326a57ef30b8250612cc15d21357aae505dc4d82d90034b23837dc4b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|aebe3bf8326a57ef30b8250612cc15d21357aae505dc4d82d90034b23837dc4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "binaryviewtype.cpp"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 140453, "scanner": "repobility-threat-engine", "fingerprint": "62bdbb5090be07fb13bc42cd7ebd2401679a22129e8b5b1536d1788a5d44571d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|62bdbb5090be07fb13bc42cd7ebd2401679a22129e8b5b1536d1788a5d44571d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backgroundtask.cpp"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 140452, "scanner": "repobility-threat-engine", "fingerprint": "3ee772a2cfdfa9cc34f42aa980fb68ad053eab4d01f891338e005dc2c22bff26", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3ee772a2cfdfa9cc34f42aa980fb68ad053eab4d01f891338e005dc2c22bff26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "activity.cpp"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140668, "scanner": "repobility-supply-chain", "fingerprint": "35bb02698bc3f5878865ca83f12fa2349bc6af6d1e46a49296598d2ed7b25449", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|35bb02698bc3f5878865ca83f12fa2349bc6af6d1e46a49296598d2ed7b25449"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `baptiste0928/cargo-install` pinned to mutable ref `@v3`: `uses: baptiste0928/cargo-install@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140667, "scanner": "repobility-supply-chain", "fingerprint": "7c3c6cc4f8fc81914a8ff744c05b2daa9de6f6f7d261b2c5559b9a94083e86f1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7c3c6cc4f8fc81914a8ff744c05b2daa9de6f6f7d261b2c5559b9a94083e86f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 65}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140666, "scanner": "repobility-supply-chain", "fingerprint": "a30a96d2509a8a54021e5a189b0a8f1bd435aa00c6e96c56dfb2d6613d935fbf", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a30a96d2509a8a54021e5a189b0a8f1bd435aa00c6e96c56dfb2d6613d935fbf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `crate-ci/typos` pinned to mutable ref `@v1.29.4`: `uses: crate-ci/typos@v1.29.4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140665, "scanner": "repobility-supply-chain", "fingerprint": "331b40da322fcf6b36cd28b48039606e975762c631a716e21c64b76fa0bd5de5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|331b40da322fcf6b36cd28b48039606e975762c631a716e21c64b76fa0bd5de5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140664, "scanner": "repobility-supply-chain", "fingerprint": "13033af096cdc429f635819632f31b24dcbdff9096ef55e44ec9cfbcb56c1691", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|13033af096cdc429f635819632f31b24dcbdff9096ef55e44ec9cfbcb56c1691"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions-rust-lang/rustfmt` pinned to mutable ref `@v1`: `uses: actions-rust-lang/rustfmt@v1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140663, "scanner": "repobility-supply-chain", "fingerprint": "422cfb17806a5cfbfcc84c6aa078c9f6803fc0e303d4eafc9b4e4d6d5d17ecd8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|422cfb17806a5cfbfcc84c6aa078c9f6803fc0e303d4eafc9b4e4d6d5d17ecd8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions-rust-lang/setup-rust-toolchain` pinned to mutable ref `@v1`: `uses: actions-rust-lang/setup-rust-toolchain@v1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140662, "scanner": "repobility-supply-chain", "fingerprint": "8c08d70ac0147fa7f9532d05ab7b36cbc1fd4c40ea47a030363e72990aac05e8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8c08d70ac0147fa7f9532d05ab7b36cbc1fd4c40ea47a030363e72990aac05e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 41}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140661, "scanner": "repobility-supply-chain", "fingerprint": "dde96d917c9a09db3107d399d256e5adc866e6374187d3de226f351992c4e027", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|dde96d917c9a09db3107d399d256e5adc866e6374187d3de226f351992c4e027"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `clechasseur/rs-clippy-check` pinned to mutable ref `@v4`: `uses: clechasseur/rs-clippy-check@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140660, "scanner": "repobility-supply-chain", "fingerprint": "547de7e5583ce602e3e546aebbd7e0c859225c744cb39572ac350a1244d88a1f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|547de7e5583ce602e3e546aebbd7e0c859225c744cb39572ac350a1244d88a1f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions-rust-lang/setup-rust-toolchain` pinned to mutable ref `@v1`: `uses: actions-rust-lang/setup-rust-toolchain@v1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140659, "scanner": "repobility-supply-chain", "fingerprint": "e52189bd05f126102996632aad0b5b51f739f9adccb270257d88bdafff5bcca8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e52189bd05f126102996632aad0b5b51f739f9adccb270257d88bdafff5bcca8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140658, "scanner": "repobility-supply-chain", "fingerprint": "539745254aaad36a1152a7f58f3e43ac1705823834302286d2aba30d2f2be596", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|539745254aaad36a1152a7f58f3e43ac1705823834302286d2aba30d2f2be596"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions-rust-lang/setup-rust-toolchain` pinned to mutable ref `@v1`: `uses: actions-rust-lang/setup-rust-toolchain@v1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140657, "scanner": "repobility-supply-chain", "fingerprint": "419abee0a34471e84286a5942739e000cb0d33d11bce8a852dd83168fd42b31c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|419abee0a34471e84286a5942739e000cb0d33d11bce8a852dd83168fd42b31c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust_testing.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 140656, "scanner": "repobility-supply-chain", "fingerprint": "534d168a603c188062d6143acd3c845e7e15d83515876479ed728268ccb1ee08", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|534d168a603c188062d6143acd3c845e7e15d83515876479ed728268ccb1ee08"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/rust_testing.yml"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_all_lifts: Test function `test_all_lifts` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140645, "scanner": "repobility-ast-engine", "fingerprint": "1ee485af9d61a561885bb1bc1603f8af21de8d87cf711d4197cd496753b9f8d4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1ee485af9d61a561885bb1bc1603f8af21de8d87cf711d4197cd496753b9f8d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/arm64/arm64test.py"}, "region": {"startLine": 12911}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_all: Test function `test_all` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140644, "scanner": "repobility-ast-engine", "fingerprint": "d6e55f7459a5b16a1da60882dfdf4942abe41be9f0fc9f502d367364f399f5e3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d6e55f7459a5b16a1da60882dfdf4942abe41be9f0fc9f502d367364f399f5e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/powerpc/test_lifting.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_all: Test function `test_all` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140643, "scanner": "repobility-ast-engine", "fingerprint": "7d627656b46aba9668a5bcf1728adf3514b9766b6341b7e0b4131b4b14b5ceeb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7d627656b46aba9668a5bcf1728adf3514b9766b6341b7e0b4131b4b14b5ceeb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/armv7/test_lift.py"}, "region": {"startLine": 212}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_all: Test function `test_all` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140642, "scanner": "repobility-ast-engine", "fingerprint": "e405e2092052fa82b037666c2602ff428b711942884532da6ec9183053c5d6d0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e405e2092052fa82b037666c2602ff428b711942884532da6ec9183053c5d6d0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/x86/test_lifting.py"}, "region": {"startLine": 200}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bit: Test function `test_bit` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140640, "scanner": "repobility-ast-engine", "fingerprint": "b592ec47bbb710173d8925a0b759f3caf5e2ec28c0bb3fad84c0d61625643f84", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b592ec47bbb710173d8925a0b759f3caf5e2ec28c0bb3fad84c0d61625643f84"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/highlevelil.py"}, "region": {"startLine": 4279}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bit: Test function `test_bit` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140633, "scanner": "repobility-ast-engine", "fingerprint": "d14cd2ab00d8132345fe3293843d22f9d96e313d81073084c884e9ef420c8e9c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d14cd2ab00d8132345fe3293843d22f9d96e313d81073084c884e9ef420c8e9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/mediumlevelil.py"}, "region": {"startLine": 5827}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_inner: Test function `test_inner` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140627, "scanner": "repobility-ast-engine", "fingerprint": "7d3cb0337bc2346b5592cb6e36c08dd4a3a5dcd0d54e8210af850383563a6ab8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7d3cb0337bc2346b5592cb6e36c08dd4a3a5dcd0d54e8210af850383563a6ab8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/deprecation.py"}, "region": {"startLine": 284}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bit: Test function `test_bit` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 140595, "scanner": "repobility-ast-engine", "fingerprint": "f944757d246256db3864e8fc56231307a99eb5ac37a7795cdfb3c426cd431d40", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f944757d246256db3864e8fc56231307a99eb5ac37a7795cdfb3c426cd431d40"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/lowlevelil.py"}, "region": {"startLine": 5593}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.raw` used but never assigned in __init__: Method `create_database` of class `FileMetadata` reads `self.raw`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140593, "scanner": "repobility-ast-engine", "fingerprint": "c9e183dfc3f21d1cd2b270e8293343815422d159e750aec0b634b5a6b73a6f9c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c9e183dfc3f21d1cd2b270e8293343815422d159e750aec0b634b5a6b73a6f9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 652}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.raw` used but never assigned in __init__: Method `create_database` of class `FileMetadata` reads `self.raw`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140592, "scanner": "repobility-ast-engine", "fingerprint": "7ec5d205d0b6cd41f6205786c8befa391f504abfb36a4e2c8f920c9cf7c55ef9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7ec5d205d0b6cd41f6205786c8befa391f504abfb36a4e2c8f920c9cf7c55ef9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 648}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.raw` used but never assigned in __init__: Method `create_database` of class `FileMetadata` reads `self.raw`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140591, "scanner": "repobility-ast-engine", "fingerprint": "025188e777a1e37755d8b8b49c5843f2ae6f29a7003710b07bda8d3b3721773b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|025188e777a1e37755d8b8b49c5843f2ae6f29a7003710b07bda8d3b3721773b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 646}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.revert_undo_actions` used but never assigned in __init__: Method `undoable_transaction` of class `FileMetadata` reads `self.revert_undo_actions`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140590, "scanner": "repobility-ast-engine", "fingerprint": "9029aafdd6b8d369bbec63583a4f06da56bbe799a1ce3f437fb7d76f19937cb3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9029aafdd6b8d369bbec63583a4f06da56bbe799a1ce3f437fb7d76f19937cb3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 411}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.commit_undo_actions` used but never assigned in __init__: Method `undoable_transaction` of class `FileMetadata` reads `self.commit_undo_actions`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140589, "scanner": "repobility-ast-engine", "fingerprint": "c18c809e271331da125706aea8ae0d5a8b86d979d36290596d6a787d8a85618d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c18c809e271331da125706aea8ae0d5a8b86d979d36290596d6a787d8a85618d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 409}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.begin_undo_actions` used but never assigned in __init__: Method `undoable_transaction` of class `FileMetadata` reads `self.begin_undo_actions`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140588, "scanner": "repobility-ast-engine", "fingerprint": "275bceab617d7779f3ac7d616ff5ab1bfa66422296ee60d55618ca3b968f27fb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|275bceab617d7779f3ac7d616ff5ab1bfa66422296ee60d55618ca3b968f27fb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 406}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.project_file` used but never assigned in __init__: Method `project` of class `FileMetadata` reads `self.project_file`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140587, "scanner": "repobility-ast-engine", "fingerprint": "aa0c0cf6337cddbf448f4ee847916e2650155c1ea95debbef14d1a6f16871912", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa0c0cf6337cddbf448f4ee847916e2650155c1ea95debbef14d1a6f16871912"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 356}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `is_container_entry` of class `FileMetadata` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140586, "scanner": "repobility-ast-engine", "fingerprint": "342f0167d64cb8a5c8db3a838d0e25546076d8c6087ccde64819f0771af50334", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|342f0167d64cb8a5c8db3a838d0e25546076d8c6087ccde64819f0771af50334"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 241}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.virtual_path` used but never assigned in __init__: Method `is_container_entry` of class `FileMetadata` reads `self.virtual_path`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140585, "scanner": "repobility-ast-engine", "fingerprint": "e5cb995f27e493bbbf49f3efa2bbb8fb380af25157c1bd5171dcf35453340dd5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e5cb995f27e493bbbf49f3efa2bbb8fb380af25157c1bd5171dcf35453340dd5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 240}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.navigation` used but never assigned in __init__: Method `__del__` of class `FileMetadata` reads `self.navigation`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140584, "scanner": "repobility-ast-engine", "fingerprint": "8d9a1c21716833e43b9435533b660265d0de7592d1774d38bbcf33fcd4048fdd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8d9a1c21716833e43b9435533b660265d0de7592d1774d38bbcf33fcd4048fdd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 149}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filename` used but never assigned in __init__: Method `__repr__` of class `FileMetadata` reads `self.filename`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140583, "scanner": "repobility-ast-engine", "fingerprint": "24a02834ea4dda00325e501d04608fecc4c125643d3585f25917d8056d2b2f55", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|24a02834ea4dda00325e501d04608fecc4c125643d3585f25917d8056d2b2f55"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.navigate` used but never assigned in __init__: Method `_navigate` of class `NavigationHandler` reads `self.navigate`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140582, "scanner": "repobility-ast-engine", "fingerprint": "80472ffc79e19519984859cffa747740e3618fbb294a33f58fc7a00d0724c618", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|80472ffc79e19519984859cffa747740e3618fbb294a33f58fc7a00d0724c618"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.get_current_offset` used but never assigned in __init__: Method `_get_current_offset` of class `NavigationHandler` reads `self.get_current_offset`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140581, "scanner": "repobility-ast-engine", "fingerprint": "abc373e94df712ad5f4fba4b373812c0cf0ef6ad826b3b817986de7eb41b7ef6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|abc373e94df712ad5f4fba4b373812c0cf0ef6ad826b3b817986de7eb41b7ef6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.get_current_view` used but never assigned in __init__: Method `_get_current_view` of class `NavigationHandler` reads `self.get_current_view`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140580, "scanner": "repobility-ast-engine", "fingerprint": "003d46ecf540f70358b4cb1370d6b7202f15e538f948731e0d9f4197aa06c0e9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|003d46ecf540f70358b4cb1370d6b7202f15e538f948731e0d9f4197aa06c0e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cb` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._cb`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140579, "scanner": "repobility-ast-engine", "fingerprint": "343d99479dd67e64de25a02f4585bfe1bd019f467dac307e07ae41262dbdb7ba", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|343d99479dd67e64de25a02f4585bfe1bd019f467dac307e07ae41262dbdb7ba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._navigate` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._navigate`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140578, "scanner": "repobility-ast-engine", "fingerprint": "f275338d8c80d416e583b51073a0fbf5d7a9acdbf23e47de131fe04cf27e27ab", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f275338d8c80d416e583b51073a0fbf5d7a9acdbf23e47de131fe04cf27e27ab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cb` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._cb`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140577, "scanner": "repobility-ast-engine", "fingerprint": "e425920fd196a15bd406eb0c79c9c5dcbe72cfffaa3ff4f243b0117b8ad5d31b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e425920fd196a15bd406eb0c79c9c5dcbe72cfffaa3ff4f243b0117b8ad5d31b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 47}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_current_offset` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._get_current_offset`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140576, "scanner": "repobility-ast-engine", "fingerprint": "4e00a27298a7086690a62bf310d07d29f5352e714e53b5d59d928a53058f6d0e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4e00a27298a7086690a62bf310d07d29f5352e714e53b5d59d928a53058f6d0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cb` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._cb`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140575, "scanner": "repobility-ast-engine", "fingerprint": "cf1a7dfd4d61c2bdb0542dd410e420826b134ea41262b89f2edb50bce148c9df", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf1a7dfd4d61c2bdb0542dd410e420826b134ea41262b89f2edb50bce148c9df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_current_view` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._get_current_view`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140574, "scanner": "repobility-ast-engine", "fingerprint": "639b9694e967f51d39d9fc42653a68307996a3c7bdb589b0c030ea84db3223ad", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|639b9694e967f51d39d9fc42653a68307996a3c7bdb589b0c030ea84db3223ad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cb` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._cb`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140573, "scanner": "repobility-ast-engine", "fingerprint": "02d0af4d3cd0940245ceb3ce8c491155a566cc08f1ae1b729e252de29c18290a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|02d0af4d3cd0940245ceb3ce8c491155a566cc08f1ae1b729e252de29c18290a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cb` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._cb`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140572, "scanner": "repobility-ast-engine", "fingerprint": "eec4a6a9ba96eed6094a98fc73b920b2d6cb3cbb1b48eba8cb060e4fde89617a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eec4a6a9ba96eed6094a98fc73b920b2d6cb3cbb1b48eba8cb060e4fde89617a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._cb` used but never assigned in __init__: Method `_register` of class `NavigationHandler` reads `self._cb`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140571, "scanner": "repobility-ast-engine", "fingerprint": "a07ee0af72e741b4b92a75bc561b69c060ee3874a01fb848608e1819d92e3cb0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a07ee0af72e741b4b92a75bc561b69c060ee3874a01fb848608e1819d92e3cb0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/filemetadata.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.keys` used but never assigned in __init__: Method `__getattr__` of class `_AssociatedDataStore` reads `self.keys`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140570, "scanner": "repobility-ast-engine", "fingerprint": "2d3d9aa1445d0239f70d11c37b63fc2f46f50dc11e521a609acad20e523667e9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2d3d9aa1445d0239f70d11c37b63fc2f46f50dc11e521a609acad20e523667e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/associateddatastore.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.keys` used but never assigned in __init__: Method `get` of class `_AssociatedDataStore` reads `self.keys`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 140569, "scanner": "repobility-ast-engine", "fingerprint": "0ce71868caa38013b33be994d1f0f28cc1207dcc73288d329f4f4ce2a1412874", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0ce71868caa38013b33be994d1f0f28cc1207dcc73288d329f4f4ce2a1412874"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/associateddatastore.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "JRN004", "level": "error", "message": {"text": "Consent is collected in UI without visible backend audit persistence"}, "properties": {"repobilityId": 140568, "scanner": "repobility-journey-contract", "fingerprint": "cf4cc9503b78994bd4075c9f50a3ae4c5bfc2ff20bf223ffcfa1bb30b4e9b903", "category": "auth", "severity": "high", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Frontend consent wording was found, but backend consent/audit metadata was not visible.", "evidence": {"rule_id": "JRN004", "scanner": "repobility-journey-contract", "references": ["https://repobility.com/library/authorization/"], "correlation_key": "code|auth|token|8072|jrn004", "backend_consent_model": false, "backend_audit_signal_count": 2}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "docs/about/rust-binaryninjacore.html"}, "region": {"startLine": 8072}}}]}, {"ruleId": "MINED021", "level": "error", "message": {"text": "[MINED021] Path Traversal Os Join: os.path.join(user_dir, filename) where filename can contain \"../\" \u2014 directory escape."}, "properties": {"repobilityId": 140535, "scanner": "repobility-threat-engine", "fingerprint": "4ef1b983dd437ed42f0611e76142b81790c38af753831c887092ab850910fec2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "path-traversal-os-join", "owasp": "A01:2021", "cwe_ids": ["CWE-22"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347947+00:00", "triaged_in_corpus": 15, "observations_count": 45678, "ai_coder_pattern_id": 31}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4ef1b983dd437ed42f0611e76142b81790c38af753831c887092ab850910fec2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/install_api.py"}, "region": {"startLine": 181}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 140534, "scanner": "repobility-threat-engine", "fingerprint": "0e62208e11c6c4ea161a4a98b71f0e14f8c6495dc85b4913acf15a4f5154112e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0e62208e11c6c4ea161a4a98b71f0e14f8c6495dc85b4913acf15a4f5154112e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/install_api.py"}, "region": {"startLine": 125}}}]}, {"ruleId": "SEC078", "level": "error", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 140531, "scanner": "repobility-threat-engine", "fingerprint": "183009b40d7631eff5b89f00e7bf34071414c5306957d54d8e2a23d245cdc0f1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|183009b40d7631eff5b89f00e7bf34071414c5306957d54d8e2a23d245cdc0f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/verify_hashes.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "SEC078", "level": "error", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 140530, "scanner": "repobility-threat-engine", "fingerprint": "25d38d5061800159a582ff749c684ff260e9dfec0a5cce98e1cd90c8d0f2fb60", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|25d38d5061800159a582ff749c684ff260e9dfec0a5cce98e1cd90c8d0f2fb60"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/download_headless.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 140516, "scanner": "repobility-threat-engine", "fingerprint": "d9f2362badc396530e68998d78a770eac7cbc1a768d1181f0b343f01c6d68d94", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d9f2362badc396530e68998d78a770eac7cbc1a768d1181f0b343f01c6d68d94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/verify_hashes.py"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 140515, "scanner": "repobility-threat-engine", "fingerprint": "5d374858307de5e7e8cf4d2405a4b9a538169ccb28f242cac820209598180cd0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5d374858307de5e7e8cf4d2405a4b9a538169ccb28f242cac820209598180cd0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/download_headless.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 140514, "scanner": "repobility-threat-engine", "fingerprint": "9fe1a69a3b26bd602f53545b55900e99b275da29e1c65fd86462414bece0c685", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9fe1a69a3b26bd602f53545b55900e99b275da29e1c65fd86462414bece0c685"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/examples/multitool.py"}, "region": {"startLine": 35}}}]}, {"ruleId": "SEC085", "level": "error", "message": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "properties": {"repobilityId": 140507, "scanner": "repobility-threat-engine", "fingerprint": "aadf1160e77d70377a689f1bf1686edffca8769fa367489e62d4171ad8d84650", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "exec(viewport", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC085", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|aadf1160e77d70377a689f1bf1686edffca8769fa367489e62d4171ad8d84650"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/ui/shared/source.cpp"}, "region": {"startLine": 138}}}]}, {"ruleId": "SEC085", "level": "error", "message": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "properties": {"repobilityId": 140506, "scanner": "repobility-threat-engine", "fingerprint": "1981f51832f32f04471840a1ebb1214b87b84ceed609d39ac422b3a27eeab3d1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "exec(m_view", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC085", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1981f51832f32f04471840a1ebb1214b87b84ceed609d39ac422b3a27eeab3d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/ui/shared/search.cpp"}, "region": {"startLine": 276}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 140500, "scanner": "repobility-threat-engine", "fingerprint": "fa61569f63904a0a90e85e1fb91e92ece5df2af3f5e12cce59b453a637f9c3d8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.update(new_n - self.n)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|fa61569f63904a0a90e85e1fb91e92ece5df2af3f5e12cce59b453a637f9c3d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/examples/upload_everything.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 140499, "scanner": "repobility-threat-engine", "fingerprint": "547007d7e1310d8c465f5559efe97422053045cd285b851de9aa4196654aa4e8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "self.update(new_n - self.n)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|547007d7e1310d8c465f5559efe97422053045cd285b851de9aa4196654aa4e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/examples/multitool.py"}, "region": {"startLine": 272}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 140498, "scanner": "repobility-threat-engine", "fingerprint": "99cef6e561eb41eb98136e172bbb68e661ecba84ebb146fba5060d19bf589fa6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "symbol_builder.create()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|99cef6e561eb41eb98136e172bbb68e661ecba84ebb146fba5060d19bf589fa6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/src/convert/symbol.rs"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED039", "level": "error", "message": {"text": "[MINED039] Rust Todo Macro: todo!() panics when reached. Unimplemented code path."}, "properties": {"repobilityId": 140497, "scanner": "repobility-threat-engine", "fingerprint": "c927927d568913ee5f7af4bfc4cce8f475d3cbb9838b8ea7a2791d630b5998d6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-todo-macro", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347989+00:00", "triaged_in_corpus": 15, "observations_count": 1561, "ai_coder_pattern_id": 114}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c927927d568913ee5f7af4bfc4cce8f475d3cbb9838b8ea7a2791d630b5998d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/src/container/memory.rs"}, "region": {"startLine": 50}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 140493, "scanner": "repobility-threat-engine", "fingerprint": "0951c09ce8b3021f13d293cb711fb9301bc838929ce4ff8a8b455af9dda9b8f9", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Url(Q", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|0951c09ce8b3021f13d293cb711fb9301bc838929ce4ff8a8b455af9dda9b8f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/ui/shared/source.cpp"}, "region": {"startLine": 169}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 140492, "scanner": "repobility-threat-engine", "fingerprint": "2ece3ee2217babfbb8a55fb21bdd5d8316090857e4f7b9feefb08f2676bb2ad1", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Url(B", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|2ece3ee2217babfbb8a55fb21bdd5d8316090857e4f7b9feefb08f2676bb2ad1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/bntl_utils/cli/src/input.rs"}, "region": {"startLine": 45}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 140491, "scanner": "repobility-threat-engine", "fingerprint": "9f2d3456d34b07ee9210eb08435d91bfb683b001b2bf3ba3a1c50b9709c999f0", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Url(m", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9f2d3456d34b07ee9210eb08435d91bfb683b001b2bf3ba3a1c50b9709c999f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "pluginmanager.cpp"}, "region": {"startLine": 135}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 140486, "scanner": "repobility-threat-engine", "fingerprint": "250dd0264c26a8b8330c2f97a580365ec7671396e5f467bb1b94031676da136d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|250dd0264c26a8b8330c2f97a580365ec7671396e5f467bb1b94031676da136d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "view/kernelcache/core/transformers/libDER/oids.h"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 140485, "scanner": "repobility-threat-engine", "fingerprint": "3832ecc4dbba0974ab8b4ed1173a1174303ad9143188ed182745d6ffe5c6ebf5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3832ecc4dbba0974ab8b4ed1173a1174303ad9143188ed182745d6ffe5c6ebf5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/examples/triage/file_info.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 140484, "scanner": "repobility-threat-engine", "fingerprint": "837ff01c5064846deca5ded935d9a3645ad08c4aad0c7a42a66648e51dd3afad", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|837ff01c5064846deca5ded935d9a3645ad08c4aad0c7a42a66648e51dd3afad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/triage/fileinfo.cpp"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED041", "level": "error", "message": {"text": "[MINED041] Rust Unimplemented Macro: unimplemented!() panics. Same as todo!() but conventionally used for trait stubs."}, "properties": {"repobilityId": 140481, "scanner": "repobility-threat-engine", "fingerprint": "037482c90f8c6e11b83dbcf350dc1b4139719bf560148882db5badf335c00349", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unimplemented-macro", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347994+00:00", "triaged_in_corpus": 15, "observations_count": 1422, "ai_coder_pattern_id": 115}, "scanner": "repobility-threat-engine", "correlation_key": "fp|037482c90f8c6e11b83dbcf350dc1b4139719bf560148882db5badf335c00349"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/msp430/src/flag.rs"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 140475, "scanner": "repobility-threat-engine", "fingerprint": "53b10ea2d096bc0a2c52eaa23191b354211a3edd02e66ea77f3103c7dc5478b3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|53b10ea2d096bc0a2c52eaa23191b354211a3edd02e66ea77f3103c7dc5478b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/bntl_utils/build.rs"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 140474, "scanner": "repobility-threat-engine", "fingerprint": "437d353f1f555dab7b34f50f1ed018e20f942131a8ff03f41419183a92865090", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|437d353f1f555dab7b34f50f1ed018e20f942131a8ff03f41419183a92865090"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/riscv/build.rs"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 140473, "scanner": "repobility-threat-engine", "fingerprint": "29df86f8bc2b53e84f963efb8306cb864a76989da0472fb76e2a8c7f3e50fe7e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|29df86f8bc2b53e84f963efb8306cb864a76989da0472fb76e2a8c7f3e50fe7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/msp430/build.rs"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140655, "scanner": "repobility-ast-engine", "fingerprint": "3f271e34cef2591bfe870760dd8845498451399d25ecd9a9963910a47897b21e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3f271e34cef2591bfe870760dd8845498451399d25ecd9a9963910a47897b21e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "plugins/warp/api/python/warp.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140654, "scanner": "repobility-ast-engine", "fingerprint": "b6c0e0a68cc77b8bf6edaa787bd8b8b549414b273fc442b46355da98304c455f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b6c0e0a68cc77b8bf6edaa787bd8b8b549414b273fc442b46355da98304c455f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/examples/typelibexplorer.py"}, "region": {"startLine": 217}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140653, "scanner": "repobility-ast-engine", "fingerprint": "3682185c96169de04b299fe837c682451d88d0813a1d57e20520abac6c26a266", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3682185c96169de04b299fe837c682451d88d0813a1d57e20520abac6c26a266"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/examples/wf_unflatten.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140652, "scanner": "repobility-ast-engine", "fingerprint": "14db4773446820e558b51b604c59fa5841e651d15375f9e905b7393037e8f14f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|14db4773446820e558b51b604c59fa5841e651d15375f9e905b7393037e8f14f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/examples/pseudo_python.py"}, "region": {"startLine": 301}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `email` used but not imported: The file uses `email.something(...)` but never imports `email`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140651, "scanner": "repobility-ast-engine", "fingerprint": "556a106231d56f464af6d49274155c91b09ee7ab2a1c17fdd766d4897034bdbb", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|556a106231d56f464af6d49274155c91b09ee7ab2a1c17fdd766d4897034bdbb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/collaboration/user.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `ast` used but not imported: The file uses `ast.something(...)` but never imports `ast`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140646, "scanner": "repobility-ast-engine", "fingerprint": "1830d8d835e4833fa067aea740168c500df238d0f34ebe1c6354d9f2bc370353", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1830d8d835e4833fa067aea740168c500df238d0f34ebe1c6354d9f2bc370353"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/armv7/thumb2_disasm/arm_pcode_parser/codegencpp.py"}, "region": {"startLine": 818}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140636, "scanner": "repobility-ast-engine", "fingerprint": "bdfcf7078f974c36db3a689a998b7cdc9f2b8053eb213d8ca8074b0a290cbbf4", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bdfcf7078f974c36db3a689a998b7cdc9f2b8053eb213d8ca8074b0a290cbbf4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/function.py"}, "region": {"startLine": 4026}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140635, "scanner": "repobility-ast-engine", "fingerprint": "ea1466ea63285da445a83716317961031e025781b2ecbd639f245df7866b805c", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ea1466ea63285da445a83716317961031e025781b2ecbd639f245df7866b805c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/function.py"}, "region": {"startLine": 2857}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140626, "scanner": "repobility-ast-engine", "fingerprint": "1f61490a5fc8c3f2e8b3f32cbff4bcee4ca1ec89f1fffac6b4d2a3a3207c8962", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1f61490a5fc8c3f2e8b3f32cbff4bcee4ca1ec89f1fffac6b4d2a3a3207c8962"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/lineardisassembly.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `time` used but not imported: The file uses `time.something(...)` but never imports `time`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140625, "scanner": "repobility-ast-engine", "fingerprint": "11ded2e127a605df060a53e6c152fa957ea5c09a04e80f3903d1ed66414dfb4b", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|11ded2e127a605df060a53e6c152fa957ea5c09a04e80f3903d1ed66414dfb4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/update.py"}, "region": {"startLine": 261}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140615, "scanner": "repobility-ast-engine", "fingerprint": "5040c66564473ac37a3bc88cf2be932439a49a2e98c5ba7997ea3e8ca5895818", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5040c66564473ac37a3bc88cf2be932439a49a2e98c5ba7997ea3e8ca5895818"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/typeprinter.py"}, "region": {"startLine": 454}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140612, "scanner": "repobility-ast-engine", "fingerprint": "34f4f15442cc1d8297442dd6efb218bea16b35ad736e8485eb5ad557649b403e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|34f4f15442cc1d8297442dd6efb218bea16b35ad736e8485eb5ad557649b403e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/binaryview.py"}, "region": {"startLine": 11115}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140611, "scanner": "repobility-ast-engine", "fingerprint": "90224e31cffeb8a8faa94b7aa7fe062fc639c2ea21b08cb44cad2b20bf25b2fc", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|90224e31cffeb8a8faa94b7aa7fe062fc639c2ea21b08cb44cad2b20bf25b2fc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/binaryview.py"}, "region": {"startLine": 3768}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140605, "scanner": "repobility-ast-engine", "fingerprint": "7a0a466c76e014770cfbffecfd3e7dc907ac31ec06c6e08997814ad463707a45", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a0a466c76e014770cfbffecfd3e7dc907ac31ec06c6e08997814ad463707a45"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/callingconvention.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140604, "scanner": "repobility-ast-engine", "fingerprint": "c50ee3824102ced056d82c011d3481f70019dc9b59665613bdef136b176e500b", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c50ee3824102ced056d82c011d3481f70019dc9b59665613bdef136b176e500b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/types.py"}, "region": {"startLine": 276}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140603, "scanner": "repobility-ast-engine", "fingerprint": "a91267796b67eb40aced7929c6662ad3d481f437b6f60243c635ffeea13dd367", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a91267796b67eb40aced7929c6662ad3d481f437b6f60243c635ffeea13dd367"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/types.py"}, "region": {"startLine": 2593}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `enum` used but not imported: The file uses `enum.something(...)` but never imports `enum`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140602, "scanner": "repobility-ast-engine", "fingerprint": "e3f64d6b8bfc91d89ab10986ab365f06430040526c0c326e0dbc3758c25c2cc2", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e3f64d6b8bfc91d89ab10986ab365f06430040526c0c326e0dbc3758c25c2cc2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/types.py"}, "region": {"startLine": 2758}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `struct` used but not imported: The file uses `struct.something(...)` but never imports `struct`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140601, "scanner": "repobility-ast-engine", "fingerprint": "6952442c6a209b0384a9cb0739793c26ac9fb97f965a2e89a1487478401ee9dd", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6952442c6a209b0384a9cb0739793c26ac9fb97f965a2e89a1487478401ee9dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/typeparser.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140600, "scanner": "repobility-ast-engine", "fingerprint": "6cfa4778debc4be0faf599611a746a73c096234d16557aba1d2958a5b221918d", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6cfa4778debc4be0faf599611a746a73c096234d16557aba1d2958a5b221918d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/pluginmanager.py"}, "region": {"startLine": 255}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `platform` used but not imported: The file uses `platform.something(...)` but never imports `platform`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 140597, "scanner": "repobility-ast-engine", "fingerprint": "7288df706b50068a49753857c96cefaf7df59c094dd67b5fcba1c49fbb57c1b6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7288df706b50068a49753857c96cefaf7df59c094dd67b5fcba1c49fbb57c1b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "python/platform.py"}, "region": {"startLine": 621}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 140483, "scanner": "repobility-threat-engine", "fingerprint": "e8127176fbe2168278bff9cf0b843a2e70eb2dbf4f946816e4fdabb3a178beca", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e8127176fbe2168278bff9cf0b843a2e70eb2dbf4f946816e4fdabb3a178beca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/powerpc/decode/priv.h"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 140482, "scanner": "repobility-threat-engine", "fingerprint": "2c5ce4e9bff07765e7c02f3c1a9dded2ae01912b1b8c453f68971aaaaeb6ab02", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2c5ce4e9bff07765e7c02f3c1a9dded2ae01912b1b8c453f68971aaaaeb6ab02"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "arch/powerpc/decode/priv.c"}, "region": {"startLine": 25}}}]}]}]}