{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "WEB003", "name": "Public web service has no security.txt", "shortDescription": {"text": "Public web service has no security.txt"}, "fullDescription": {"text": "security.txt gives researchers and customers a safe disclosure channel. Public web apps and APIs should publish it under /.well-known/security.txt."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "WEB015", "name": "Public web app has no Content Security Policy", "shortDescription": {"text": "Public web app has no Content Security Policy"}, "fullDescription": {"text": "A Content Security Policy reduces the blast radius of injected scripts if the app is ever served through preview, static hosting, or a web container outside its normal sandbox."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "WEB011", "name": "Public web app has no humans.txt", "shortDescription": {"text": "Public web app has no humans.txt"}, "fullDescription": {"text": "humans.txt is optional, but it gives operators and reviewers a simple place to find ownership, contact, and important public documentation links."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.5, "cwe": "", "owasp": ""}}, {"id": "WEB008", "name": "Public docs site has no llms.txt", "shortDescription": {"text": "Public docs site has no llms.txt"}, "fullDescription": {"text": "AI coding agents increasingly read llms.txt to find canonical docs and API workflows. Without it, agents are more likely to browse pages repeatedly or use stale instructions."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.64, "cwe": "", "owasp": ""}}, {"id": "WEB002", "name": "Public web app has no sitemap", "shortDescription": {"text": "Public web app has no sitemap"}, "fullDescription": {"text": "A sitemap gives search engines, docs crawlers, and AI agents a structured list of public pages. Without one, important docs and product pages are easy to miss."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "WEB001", "name": "Public web app has no robots.txt", "shortDescription": {"text": "Public web app has no robots.txt"}, "fullDescription": {"text": "Public websites should publish a robots.txt file so crawlers and AI agents can discover crawl rules and sitemap locations without guessing."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_LICENSE", "name": "No LICENSE file", "shortDescription": {"text": "No LICENSE file"}, "fullDescription": {"text": "Add a LICENSE file to your repository. Use choosealicense.com to pick the right license (MIT for permissive, Apache 2.0 for patent protection, GPL for copyleft)."}, "properties": {"scanner": "repobility-core", "category": "documentation", "severity": "low", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found in a documentation, catalog, or template-heavy repository", "shortDescription": {"text": "No test files found in a documentation, catalog, or template-heavy repository"}, "fullDescription": {"text": "If this repository ships runnable code, add focused tests for those examples or templates. If it is documentation/catalog content only, mark the finding as accepted or add a .repobilityignore note."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "info", "confidence": 0.35, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `softprops/action-gh-release` pinned to mutable ref `@v0.1.15`", "shortDescription": {"text": "Action `softprops/action-gh-release` pinned to mutable ref `@v0.1.15`"}, "fullDescription": {"text": "`uses: softprops/action-gh-release@v0.1.15` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1252"}, "properties": {"repository": "manjaro-pinephone/plasma-mobile-dev", "repoUrl": "https://github.com/manjaro-pinephone/plasma-mobile-dev", "branch": "master"}, "results": [{"ruleId": "WEB003", "level": "warning", "message": {"text": "Public web service has no security.txt"}, "properties": {"repobilityId": 126092, "scanner": "repobility-web-presence", "fingerprint": "5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app/API but no security.txt file or route was discovered.", "evidence": {"rule_id": "WEB003", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9116", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".well-known/security.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB015", "level": "warning", "message": {"text": "Public web app has no Content Security Policy"}, "properties": {"repobilityId": 126091, "scanner": "repobility-web-presence", "fingerprint": "7eb70cae3ff63d8ed7c31706185d32b37655333b40b58ca826d740b08fb1ad63", "category": "quality", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no CSP header, framework header config, Helmet policy, or CSP meta tag was discovered.", "evidence": {"rule_id": "WEB015", "scanner": "repobility-web-presence", "references": ["https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|7eb70cae3ff63d8ed7c31706185d32b37655333b40b58ca826d740b08fb1ad63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "index.html"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB011", "level": "note", "message": {"text": "Public web app has no humans.txt"}, "properties": {"repobilityId": 126090, "scanner": "repobility-web-presence", "fingerprint": "bdd551fbe1ab6405480e0d5755632562c2096cb9e9a6a071ef60e4c27a6873f1", "category": "quality", "severity": "low", "confidence": 0.5, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Repository looks like a public web app but no humans.txt file or route was discovered.", "evidence": {"rule_id": "WEB011", "scanner": "repobility-web-presence", "references": ["https://github.com/Lissy93/web-check"], "correlation_key": "fp|bdd551fbe1ab6405480e0d5755632562c2096cb9e9a6a071ef60e4c27a6873f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "humans.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB008", "level": "note", "message": {"text": "Public docs site has no llms.txt"}, "properties": {"repobilityId": 126089, "scanner": "repobility-web-presence", "fingerprint": "cdce8ed8706710d39c3e7272dad572dd639cff74fd3d2ac62d8f6f522b891d76", "category": "quality", "severity": "low", "confidence": 0.64, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Repository looks public and documentation-heavy but no llms.txt file or route was discovered.", "evidence": {"rule_id": "WEB008", "scanner": "repobility-web-presence", "references": ["https://llmstxt.org/"], "correlation_key": "fp|cdce8ed8706710d39c3e7272dad572dd639cff74fd3d2ac62d8f6f522b891d76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "llms.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB002", "level": "note", "message": {"text": "Public web app has no sitemap"}, "properties": {"repobilityId": 126088, "scanner": "repobility-web-presence", "fingerprint": "fccbe72d13ca3ba9197ec37b0daa0802fb6d5ebff54b3eb9f09b59b0f8d0acdf", "category": "quality", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no sitemap file or route was discovered.", "evidence": {"rule_id": "WEB002", "scanner": "repobility-web-presence", "references": ["https://www.sitemaps.org/protocol.html", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|fccbe72d13ca3ba9197ec37b0daa0802fb6d5ebff54b3eb9f09b59b0f8d0acdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sitemap.xml"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB001", "level": "note", "message": {"text": "Public web app has no robots.txt"}, "properties": {"repobilityId": 126087, "scanner": "repobility-web-presence", "fingerprint": "cae3f2223945958e14d8eb90f7965fa26b47011cc5be29c2855a4054937e29c4", "category": "quality", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no robots.txt file or route was discovered.", "evidence": {"rule_id": "WEB001", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9309", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|cae3f2223945958e14d8eb90f7965fa26b47011cc5be29c2855a4054937e29c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "robots.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "CORE_NO_LICENSE", "level": "note", "message": {"text": "No LICENSE file"}, "properties": {"repobilityId": 126062, "scanner": "repobility-core", "fingerprint": "9314e9238cd99885865b92490d1aaa96ca62b1390c9377878d5f3d99227e1c3c", "category": "documentation", "severity": "low", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_LICENSE", "scanner": "repobility-core", "correlation_key": "repo|documentation|core_no_license"}}}, {"ruleId": "CORE_NO_TESTS", "level": "none", "message": {"text": "No test files found in a documentation, catalog, or template-heavy repository"}, "properties": {"repobilityId": 126061, "scanner": "repobility-core", "fingerprint": "69cfb3536a8ccff500ccafcd681fc8d4bc9f4eda6689da02ddec81654bd9fd15", "category": "testing", "severity": "info", "confidence": 0.35, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Repository shape is documentation, catalog, skill, or template-heavy rather than a conventional runnable application.", "evidence": {"reason": "Repository shape is documentation, catalog, skill, or template-heavy rather than a conventional runnable application.", "rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "confidence": 0.35, "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `softprops/action-gh-release` pinned to mutable ref `@v0.1.15`"}, "properties": {"repobilityId": 126086, "scanner": "repobility-supply-chain", "fingerprint": "a2ac764ceccb1cf3aa256d59e5f3620d9aeaf19cfd552f954861de1d5f860b40", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a2ac764ceccb1cf3aa256d59e5f3620d9aeaf19cfd552f954861de1d5f860b40"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_dev.yaml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `manjaro-arm/rootfs` pinned to mutable ref `@master`"}, "properties": {"repobilityId": 126085, "scanner": "repobility-supply-chain", "fingerprint": "6cbb0a8977a95783b32c95799252e9169543f9bf58f6bcec814bc24503fab061", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6cbb0a8977a95783b32c95799252e9169543f9bf58f6bcec814bc24503fab061"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_dev.yaml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `boredland/get-time-action` pinned to mutable ref `@2.0.0`"}, "properties": {"repobilityId": 126084, "scanner": "repobility-supply-chain", "fingerprint": "7cddf9286942d467a4bb2fb9e56e049ddd209974f575309cc40f20952e84d65b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7cddf9286942d467a4bb2fb9e56e049ddd209974f575309cc40f20952e84d65b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_dev.yaml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `author/action-rollback` pinned to mutable ref `@stable`"}, "properties": {"repobilityId": 126083, "scanner": "repobility-supply-chain", "fingerprint": "9ec323bd1633117fbbad50d418342da5e5507d6ae75198c5ace6b8efe9eaa205", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9ec323bd1633117fbbad50d418342da5e5507d6ae75198c5ace6b8efe9eaa205"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 98}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-release-asset` pinned to mutable ref `@v1.0.2`"}, "properties": {"repobilityId": 126082, "scanner": "repobility-supply-chain", "fingerprint": "9b4122cded38f7ff6e5d18a3bc1cd867dcec756a68a6f3236b8c4101dc9c33d2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9b4122cded38f7ff6e5d18a3bc1cd867dcec756a68a6f3236b8c4101dc9c33d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 87}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-release-asset` pinned to mutable ref `@v1.0.2`"}, "properties": {"repobilityId": 126081, "scanner": "repobility-supply-chain", "fingerprint": "81db039f3aa83f1b44bd7b83ae932059a48b0a6ef757dfbe9879bb38a30678ed", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|81db039f3aa83f1b44bd7b83ae932059a48b0a6ef757dfbe9879bb38a30678ed"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 77}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-release-asset` pinned to mutable ref `@v1.0.2`"}, "properties": {"repobilityId": 126080, "scanner": "repobility-supply-chain", "fingerprint": "a9a71c86b35c9e670b2bb0d6431f6c4d5d85fefee6483d7221c9e2ae101489ee", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a9a71c86b35c9e670b2bb0d6431f6c4d5d85fefee6483d7221c9e2ae101489ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `manjaro-arm/rootfs` pinned to mutable ref `@master`"}, "properties": {"repobilityId": 126079, "scanner": "repobility-supply-chain", "fingerprint": "be1ccb62aed0077740837ce28e229bdc135724448d463f3b62212a32acf7c4f7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|be1ccb62aed0077740837ce28e229bdc135724448d463f3b62212a32acf7c4f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `boredland/get-time-action` pinned to mutable ref `@2.0.0`"}, "properties": {"repobilityId": 126078, "scanner": "repobility-supply-chain", "fingerprint": "86d1e05428feaf2ad6d522eb7790ae81557e9d6227de6c38771e34c30b30d525", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|86d1e05428feaf2ad6d522eb7790ae81557e9d6227de6c38771e34c30b30d525"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `styfle/cancel-workflow-action` pinned to mutable ref `@0.9.0`"}, "properties": {"repobilityId": 126077, "scanner": "repobility-supply-chain", "fingerprint": "827703621f6213c154eda22d0d1369a8d8713cadc80f856a5c2e1d13e9f673be", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|827703621f6213c154eda22d0d1369a8d8713cadc80f856a5c2e1d13e9f673be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/create-release` pinned to mutable ref `@v1.1.4`"}, "properties": {"repobilityId": 126076, "scanner": "repobility-supply-chain", "fingerprint": "9a96f46e291bb78ba603f7fe695a3d9be698f2c62922a91e24102fb42c247f5a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9a96f46e291bb78ba603f7fe695a3d9be698f2c62922a91e24102fb42c247f5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `boredland/get-time-action` pinned to mutable ref `@2.0.0`"}, "properties": {"repobilityId": 126075, "scanner": "repobility-supply-chain", "fingerprint": "30ac3a6b007deba978d9a79e383f4eaac0a946560275e4fbffacb4195ee035f7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|30ac3a6b007deba978d9a79e383f4eaac0a946560275e4fbffacb4195ee035f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `styfle/cancel-workflow-action` pinned to mutable ref `@0.9.0`"}, "properties": {"repobilityId": 126074, "scanner": "repobility-supply-chain", "fingerprint": "3796ba148fefb61c36406ebb7ea6d07ee028a87aaae4c32d1cd396d2929473b1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3796ba148fefb61c36406ebb7ea6d07ee028a87aaae4c32d1cd396d2929473b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build.yaml"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `author/action-rollback` pinned to mutable ref `@stable`"}, "properties": {"repobilityId": 126073, "scanner": "repobility-supply-chain", "fingerprint": "384173e621f4ffb3396799f079032c82455a6a52f953c40c27bee4f290118da8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|384173e621f4ffb3396799f079032c82455a6a52f953c40c27bee4f290118da8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 97}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-release-asset` pinned to mutable ref `@v1.0.2`"}, "properties": {"repobilityId": 126072, "scanner": "repobility-supply-chain", "fingerprint": "3fbe8f7c4b0106d8e11184b578a670ddadbbe6dee2b5e09ad928d1318d02ac37", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3fbe8f7c4b0106d8e11184b578a670ddadbbe6dee2b5e09ad928d1318d02ac37"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-release-asset` pinned to mutable ref `@v1.0.2`"}, "properties": {"repobilityId": 126071, "scanner": "repobility-supply-chain", "fingerprint": "a3fb86279a184a81a3203d5bc668c45affc9db94d195029b29f108cd732ec15c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a3fb86279a184a81a3203d5bc668c45affc9db94d195029b29f108cd732ec15c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 76}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-release-asset` pinned to mutable ref `@v1.0.2`"}, "properties": {"repobilityId": 126070, "scanner": "repobility-supply-chain", "fingerprint": "ca84f7588032a18fc8c44c51b9da1fd20dc63d39077344be35e6fb0714028504", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ca84f7588032a18fc8c44c51b9da1fd20dc63d39077344be35e6fb0714028504"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `manjaro-arm/rootfs` pinned to mutable ref `@master`"}, "properties": {"repobilityId": 126069, "scanner": "repobility-supply-chain", "fingerprint": "0b9e828b28a5c8e52fd00e2cca8a6fd089069931796189f50e880cd4c3f92258", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0b9e828b28a5c8e52fd00e2cca8a6fd089069931796189f50e880cd4c3f92258"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `boredland/get-time-action` pinned to mutable ref `@2.0.0`"}, "properties": {"repobilityId": 126068, "scanner": "repobility-supply-chain", "fingerprint": "35f474c9d0e8e2fb283027eb3d70e7b53bb4061ea3b43bcc1698283421aa9f3e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|35f474c9d0e8e2fb283027eb3d70e7b53bb4061ea3b43bcc1698283421aa9f3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `styfle/cancel-workflow-action` pinned to mutable ref `@0.9.1`"}, "properties": {"repobilityId": 126067, "scanner": "repobility-supply-chain", "fingerprint": "11c139917f6a276c0fd13ae8b7a63766894074d52246c62e0936caa7be4c066a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|11c139917f6a276c0fd13ae8b7a63766894074d52246c62e0936caa7be4c066a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/create-release` pinned to mutable ref `@v1.1.4`"}, "properties": {"repobilityId": 126066, "scanner": "repobility-supply-chain", "fingerprint": "034dfc90b7ca34dd40f3094bb4264c6dbec263952a71ef811b3de5a903d2a5af", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|034dfc90b7ca34dd40f3094bb4264c6dbec263952a71ef811b3de5a903d2a5af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `boredland/get-time-action` pinned to mutable ref `@2.0.0`"}, "properties": {"repobilityId": 126065, "scanner": "repobility-supply-chain", "fingerprint": "9c448adf0005be6bfef1161905a2ac662b09eef8ed9fb17fc869049c866d57b5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9c448adf0005be6bfef1161905a2ac662b09eef8ed9fb17fc869049c866d57b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `styfle/cancel-workflow-action` pinned to mutable ref `@0.9.1`"}, "properties": {"repobilityId": 126064, "scanner": "repobility-supply-chain", "fingerprint": "403c961ec62dfcfad357be4c5c7bcfdb2f69230f00ba48258ada9a84f80cb3f7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|403c961ec62dfcfad357be4c5c7bcfdb2f69230f00ba48258ada9a84f80cb3f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/image_build_ppp.yaml"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v2`"}, "properties": {"repobilityId": 126063, "scanner": "repobility-supply-chain", "fingerprint": "8da461afd08188a29186363eb24f1c5501f34638ba5a6c88ed47b57ccbe7395c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8da461afd08188a29186363eb24f1c5501f34638ba5a6c88ed47b57ccbe7395c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/count_downloads.yaml"}, "region": {"startLine": 14}}}]}]}]}