{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED124", "name": "[MINED124] requirements.txt: `openbb-yfinance` has no version pin: Unpinned pip requirement means every fresh install ma", "shortDescription": {"text": "[MINED124] requirements.txt: `openbb-yfinance` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducib"}, "fullDescription": {"text": "Replace `openbb-yfinance` with `openbb-yfinance==` and manage upgrades through PRs / Dependabot."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "[MINED109] Mutable default argument in `mock_func` (dict): `def mock_func(... = []/{}/set())` \u2014 Python's default value i", "shortDescription": {"text": "[MINED109] Mutable default argument in `mock_func` (dict): `def mock_func(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every"}, "fullDescription": {"text": "Use None as the default and create the collection inside the function: `def mock_func(x=None): x = x or []`"}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "", "owasp": ""}}, {"id": "AGT015", "name": "Remote install command pipes network code directly to a shell", "shortDescription": {"text": "Remote install command pipes network code directly to a shell"}, "fullDescription": {"text": "Publish a package-manager install path or add checksum/signature verification before execution. For docs, show the inspect-then-run flow and pin the downloaded artifact version."}, "properties": {"scanner": "repobility-agent-runtime", "category": "dependency", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "AGT012", "name": "Agent control bridge may listen on a network interface without visible auth", "shortDescription": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "fullDescription": {"text": "Bind local agent bridges to 127.0.0.1 by default. If remote access is required, require a bearer token or mTLS, enforce origin/CSRF checks for browser clients, and document the threat model."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "SEC136", "name": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns ", "shortDescription": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, retur"}, "fullDescription": {"text": "Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC012", "name": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the t", "shortDescription": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "fullDescription": {"text": "Validate extracted paths with os.path.realpath() and ensure they stay within the target directory."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR002", "name": "[ERR002] Empty Catch Block: Empty catch blocks hide errors.", "shortDescription": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "fullDescription": {"text": "Log the error or rethrow it. Use console.error() at minimum."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `parse_and_fetch_pr_details` has cognitive complexity 18 (SonarSource scal", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `parse_and_fetch_pr_details` has cognitive complexity 18 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 18."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC007", "name": "Generated build artifact directory is present at repository root", "shortDescription": {"text": "Generated build artifact directory is present at repository root"}, "fullDescription": {"text": "Remove generated output from version control, add it to .gitignore and .dockerignore where relevant, and regenerate it in CI or release jobs."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "SEC124", "name": "[SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/exists then open) lets an attacke", "shortDescription": {"text": "[SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/exists then open) lets an attacker swap the file between check and use (symlink attack). `mktemp` is deprecated for the same reason."}, "fullDescription": {"text": "Use `os.open(path, os.O_CREAT | os.O_EXCL | os.O_WRONLY)` for atomic create-only. Use `tempfile.NamedTemporaryFile()` (not `mktemp`). For locking, use `fcntl.flock`."}, "properties": {"scanner": "repobility-threat-engine", "category": "race_condition", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED062", "name": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model.", "shortDescription": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 14 more): Same pattern found in 14 addi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 14 more): Same pattern found in 14 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n ALLOWED = {'images.example.com', 'cdn.example.com'}\n host = urlparse(url).hostname\n if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED009", "name": "[MINED009] Floats For Money (and 13 more): Same pattern found in 13 additional files. Review if needed.", "shortDescription": {"text": "[MINED009] Floats For Money (and 13 more): Same pattern found in 13 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-682 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED065", "name": "[MINED065] Cors Wildcard: Access-Control-Allow-Origin: * exposes the API to any browser origin. Acceptable for public re", "shortDescription": {"text": "[MINED065] Cors Wildcard: Access-Control-Allow-Origin: * exposes the API to any browser origin. Acceptable for public read-only endpoints; dangerous when paired with credentials or write endpoints."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-942,CWE-346 / A05:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED054", "name": "[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.", "shortDescription": {"text": "[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-704 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED058", "name": "[MINED058] React Dangerously Set Html: dangerouslySetInnerHTML bypasses Reacts JSX escaping. Pair with DOMPurify or neve", "shortDescription": {"text": "[MINED058] React Dangerously Set Html: dangerouslySetInnerHTML bypasses Reacts JSX escaping. Pair with DOMPurify or never use with user data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-79 / A03:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED056", "name": "[MINED056] React Key As Index: key={index} in map() \u2014 re-renders the wrong elements on re-order.", "shortDescription": {"text": "[MINED056] React Key As Index: key={index} in map() \u2014 re-renders the wrong elements on re-order."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-682 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED068", "name": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside.", "shortDescription": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-119 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED066", "name": "[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors.", "shortDescription": {"text": "[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 16 more): Same pattern found in 16 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 16 more): Same pattern found in 16 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 11 more): Same pattern found in 11 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 11 more): Same pattern found in 11 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED067", "name": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.", "shortDescription": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-400 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC078", "name": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsiv", "shortDescription": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a re"}, "fullDescription": {"text": "Add `timeout=10` (or appropriate value) to every requests call."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "SEC103", "name": "[SEC103] LDAP injection \u2014 non-constant search filter (and 2 more): Same pattern found in 2 additional files. Review if n", "shortDescription": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders)."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. T", "shortDescription": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantl"}, "fullDescription": {"text": "Replace with: `uses: actions/cache@<40-char-sha> # v5` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "[MINED131] pre-commit hook `https://github.com/Yelp/detect-secrets` pinned to mutable rev `v1.5.0`: `.pre-commit-config.", "shortDescription": {"text": "[MINED131] pre-commit hook `https://github.com/Yelp/detect-secrets` pinned to mutable rev `v1.5.0`: `.pre-commit-config.yaml` references `https://github.com/Yelp/detect-secrets` at `rev: v1.5.0`. If `{rev}` is a branch or version tag, the r"}, "fullDescription": {"text": "Pin to a commit SHA: `rev: <40-char-sha>` and bump it through `pre-commit autoupdate` (which writes to PRs that are reviewed)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED112", "name": "[MINED112] FastAPI POST /open_document has no auth: Handler `post_open_document` is registered with router/app.post(...)", "shortDescription": {"text": "[MINED112] FastAPI POST /open_document has no auth: Handler `post_open_document` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "fullDescription": {"text": "Add Depends(get_current_user) or Security(...) to the handler signature. If the route is truly public, document it with a code comment so the rule knows it's intentional."}, "properties": {"scanner": "repobility-route-auth", "category": "quality", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED110", "name": "[MINED110] Blocking call `input` inside async function `download_data`: `input` is a synchronous (blocking) call. When i", "shortDescription": {"text": "[MINED110] Blocking call `input` inside async function `download_data`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progr"}, "fullDescription": {"text": "Use the async equivalent: `aiohttp` instead of `requests`, `asyncio.sleep` instead of `time.sleep`, `aiofiles` instead of `open`."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.save_class` used but never assigned in __init__: Method `call_home` of class `BaseController` reads `se", "shortDescription": {"text": "[MINED108] `self.save_class` used but never assigned in __init__: Method `call_home` of class `BaseController` reads `self.save_class`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the"}, "fullDescription": {"text": "Initialize `self.save_class = ` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "[MINED106] Phantom test coverage: test_print_goodbye: Test function `test_print_goodbye` runs code but contains no asser", "shortDescription": {"text": "[MINED106] Phantom test coverage: test_print_goodbye: Test function `test_print_goodbye` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "fullDescription": {"text": "Add an explicit assertion that captures the test's intent, or remove the test."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "JRN009", "name": "Secret-like setting is echoed into a password input value", "shortDescription": {"text": "Secret-like setting is echoed into a password input value"}, "fullDescription": {"text": "Never prefill secret fields with stored values. Show a masked status such as configured/not configured, require explicit rotation to replace the value, and return the raw key only once at creation time."}, "properties": {"scanner": "repobility-journey-contract", "category": "auth", "severity": "high", "confidence": 0.83, "cwe": "", "owasp": ""}}, {"id": "SEC135", "name": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without", "shortDescription": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI bu"}, "fullDescription": {"text": "Add the project's auth decorator/middleware: `@login_required` (Django/Flask), `@permission_classes([IsAuthenticated])` (DRF), `Depends(get_current_user)` (FastAPI), `requireAuth` middleware (Express). For genuinely public endpoints, add a `# public-endpoint` marker comment so future scans skip them."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC085", "name": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. ", "shortDescription": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "fullDescription": {"text": "Use execFile / spawn with separate args array; never pass shell strings."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC083", "name": "[SEC083] JS: new RegExp() with non-literal: new RegExp() \u2014 variable input can craft a ReDoS pattern. Ported fr", "shortDescription": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp() \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "fullDescription": {"text": "Use a literal RegExp or whitelist-validate user input before constructing patterns."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED003", "name": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere.", "shortDescription": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 / for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. T", "shortDescription": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import stat` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/843"}, "properties": {"repository": "OpenBB-finance/OpenBB", "repoUrl": "https://github.com/OpenBB-finance/OpenBB", "branch": "main"}, "results": [{"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `openbb-yfinance` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 75944, "scanner": "repobility-supply-chain", "fingerprint": "f3e64a4aaffc22e43a2039609df1eade23bc47a7461dc72d6fc86a158fd46e27", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f3e64a4aaffc22e43a2039609df1eade23bc47a7461dc72d6fc86a158fd46e27"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/openbb-apachebeam/requirements.txt"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `apache-beam` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 75943, "scanner": "repobility-supply-chain", "fingerprint": "c36623cbbe432803098e0567caa914737e741dad6e6f7044573da530a1bf18a3", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c36623cbbe432803098e0567caa914737e741dad6e6f7044573da530a1bf18a3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/openbb-apachebeam/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `openbb-biztoc` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 75942, "scanner": "repobility-supply-chain", "fingerprint": "2b7f5e31415c2f2d545f645bd81e85baaeff823512ead80f2293508eee557a28", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2b7f5e31415c2f2d545f645bd81e85baaeff823512ead80f2293508eee557a28"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/streamlit/requirements.txt"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `openbb` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 75941, "scanner": "repobility-supply-chain", "fingerprint": "a8267d538d507197e213a3ce0341b6c0338f3684c03fc565ba2cbd57c17abf1e", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a8267d538d507197e213a3ce0341b6c0338f3684c03fc565ba2cbd57c17abf1e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/streamlit/requirements.txt"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "[MINED124] requirements.txt: `streamlit` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"repobilityId": 75940, "scanner": "repobility-supply-chain", "fingerprint": "df3e79dc336c12b4b88e63570c1656e9e179bb5d3eca6aa3965a10d49e30d1de", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|df3e79dc336c12b4b88e63570c1656e9e179bb5d3eca6aa3965a10d49e30d1de"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/streamlit/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `mock_func` (dict): `def mock_func(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 75927, "scanner": "repobility-ast-engine", "fingerprint": "739ca52d5f8d9d8aa220a6977af2f47d0b8e694243b3d46d6d002b84dde15138", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|739ca52d5f8d9d8aa220a6977af2f47d0b8e694243b3d46d6d002b84dde15138"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/tests/app/test_command_runner.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75924, "scanner": "repobility-ast-engine", "fingerprint": "09189a38e0733e472947527123be433a262d560fc5e8cc5f4a6d341341124b12", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09189a38e0733e472947527123be433a262d560fc5e8cc5f4a6d341341124b12"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/core/plotly_ta/ta_class.py"}, "region": {"startLine": 524}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75923, "scanner": "repobility-ast-engine", "fingerprint": "d5d486daf254152893b19f169482f8c2e25f30d9b886425a5eaf78da117f1f1a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d5d486daf254152893b19f169482f8c2e25f30d9b886425a5eaf78da117f1f1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/core/plotly_ta/ta_class.py"}, "region": {"startLine": 344}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75922, "scanner": "repobility-ast-engine", "fingerprint": "1a93611af60321bb416b9c69ea3a0030f7cc665301e387236d5cb8f01c134d45", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1a93611af60321bb416b9c69ea3a0030f7cc665301e387236d5cb8f01c134d45"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/core/plotly_ta/data_classes.py"}, "region": {"startLine": 211}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75921, "scanner": "repobility-ast-engine", "fingerprint": "257ce8e89bb2c7486eec2ac11762685e9d587505db4fa29cbc628cc6d30d38c6", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|257ce8e89bb2c7486eec2ac11762685e9d587505db4fa29cbc628cc6d30d38c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/core/plotly_ta/data_classes.py"}, "region": {"startLine": 200}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75920, "scanner": "repobility-ast-engine", "fingerprint": "6d6b85270d16600817f0d4a560c2f20a908446e393f81784de6df163e976d0f9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6d6b85270d16600817f0d4a560c2f20a908446e393f81784de6df163e976d0f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/helpers.py"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75919, "scanner": "repobility-ast-engine", "fingerprint": "2528259a6e63ec22433c29b6f4e30079c7417d022c1ea2a23308e50faedb1157", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2528259a6e63ec22433c29b6f4e30079c7417d022c1ea2a23308e50faedb1157"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/generic_charts.py"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75918, "scanner": "repobility-ast-engine", "fingerprint": "cc9abdad461c25495aee2d5319ed61a0e6653221f45cc1b1f3906f914a42a2ab", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cc9abdad461c25495aee2d5319ed61a0e6653221f45cc1b1f3906f914a42a2ab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/generic_charts.py"}, "region": {"startLine": 554}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75917, "scanner": "repobility-ast-engine", "fingerprint": "a38fcb7b97f5556d6a1a36d9c71a03be0d7be488ef45867f8e356c3cb5c123ae", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a38fcb7b97f5556d6a1a36d9c71a03be0d7be488ef45867f8e356c3cb5c123ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/generic_charts.py"}, "region": {"startLine": 398}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75916, "scanner": "repobility-ast-engine", "fingerprint": "ed0acbff48d77a4efca80a71c4d84d16fa988a53b63f6e19ec7caf7fd18ff6dd", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ed0acbff48d77a4efca80a71c4d84d16fa988a53b63f6e19ec7caf7fd18ff6dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/generic_charts.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "[MINED109] Mutable default argument in `bar_increasing_decreasing` (list): `def bar_increasing_decreasing(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"repobilityId": 75915, "scanner": "repobility-ast-engine", "fingerprint": "0bdaf8e058eb89c98647c8c93ede9f009c808c80189667b5593c603dba14e83f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0bdaf8e058eb89c98647c8c93ede9f009c808c80189667b5593c603dba14e83f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/generic_charts.py"}, "region": {"startLine": 509}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75914, "scanner": "repobility-ast-engine", "fingerprint": "b84ec363e0be0a460ccc36b2d25f3d55fcc4d05454bcd0ab6f5597a55d51edc3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b84ec363e0be0a460ccc36b2d25f3d55fcc4d05454bcd0ab6f5597a55d51edc3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/core/backend.py"}, "region": {"startLine": 337}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75913, "scanner": "repobility-ast-engine", "fingerprint": "fd987432ffd1e17a49b62188e1fa3025a6383d0e7d7e539e4f67ee7e0888e32e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fd987432ffd1e17a49b62188e1fa3025a6383d0e7d7e539e4f67ee7e0888e32e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/core/openbb_figure.py"}, "region": {"startLine": 966}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75912, "scanner": "repobility-ast-engine", "fingerprint": "33861c45b9263fdcd697b79b4eddf80c003860c83d6241eb344bb60a63599fb1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|33861c45b9263fdcd697b79b4eddf80c003860c83d6241eb344bb60a63599fb1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/core/openbb_figure.py"}, "region": {"startLine": 874}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75911, "scanner": "repobility-ast-engine", "fingerprint": "ba403901d432ecefb962c8b015c7fa5a81da1491d9eb34eb8fab2a7c5e0bade8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ba403901d432ecefb962c8b015c7fa5a81da1491d9eb34eb8fab2a7c5e0bade8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charting.py"}, "region": {"startLine": 771}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75910, "scanner": "repobility-ast-engine", "fingerprint": "7a77d6adb56065bf52e67b5d32dffa3fbbba021e737cdc52989d96fc4536b645", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a77d6adb56065bf52e67b5d32dffa3fbbba021e737cdc52989d96fc4536b645"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charting.py"}, "region": {"startLine": 758}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75909, "scanner": "repobility-ast-engine", "fingerprint": "b2d1cc77792ecad14b3799e3bf16241b9d2b3ee18240235a6eba4662b2ea151e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b2d1cc77792ecad14b3799e3bf16241b9d2b3ee18240235a6eba4662b2ea151e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charting.py"}, "region": {"startLine": 647}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75908, "scanner": "repobility-ast-engine", "fingerprint": "9221fe6c1e8829fcb1767b3370cffd909a2b72c0785ea3d03a71f292f58632b0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9221fe6c1e8829fcb1767b3370cffd909a2b72c0785ea3d03a71f292f58632b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charting.py"}, "region": {"startLine": 532}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75905, "scanner": "repobility-ast-engine", "fingerprint": "f1a0f7449db4e0ecf496266e2d833084b2805c22bc71f693d75844db47326f61", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f1a0f7449db4e0ecf496266e2d833084b2805c22bc71f693d75844db47326f61"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/utils.py"}, "region": {"startLine": 955}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75904, "scanner": "repobility-ast-engine", "fingerprint": "922b636f893fd3be3dd889a1c1f79697a7f943bd10e344e8ab705a9e6ccafad3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|922b636f893fd3be3dd889a1c1f79697a7f943bd10e344e8ab705a9e6ccafad3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/utils.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75903, "scanner": "repobility-ast-engine", "fingerprint": "05ada4e72de42e38c4a6ce84cd1e721d8e93a863bd163e7a88f0c1fc7919cfcf", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|05ada4e72de42e38c4a6ce84cd1e721d8e93a863bd163e7a88f0c1fc7919cfcf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/utils.py"}, "region": {"startLine": 92}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75902, "scanner": "repobility-ast-engine", "fingerprint": "3663b472e7ea85dc08b2309f71e0103df193437fc053919cac97eff328355b98", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3663b472e7ea85dc08b2309f71e0103df193437fc053919cac97eff328355b98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/utils.py"}, "region": {"startLine": 57}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75901, "scanner": "repobility-ast-engine", "fingerprint": "05c5f069daaf3482cebec39461c5f0291aa5f8bf3791d583ba2985e3f284bf26", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|05c5f069daaf3482cebec39461c5f0291aa5f8bf3791d583ba2985e3f284bf26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/choices.py"}, "region": {"startLine": 339}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75900, "scanner": "repobility-ast-engine", "fingerprint": "2a942ee3b9f529b697e2aaa1ce4fa0021f1ff250c7505ff4598a765fb6789544", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a942ee3b9f529b697e2aaa1ce4fa0021f1ff250c7505ff4598a765fb6789544"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/base_platform_controller.py"}, "region": {"startLine": 273}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75876, "scanner": "repobility-ast-engine", "fingerprint": "cf5e256717fddf884e84433de0d4b8561ad9e0f09c8d106a916d19fa29600094", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cf5e256717fddf884e84433de0d4b8561ad9e0f09c8d106a916d19fa29600094"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/integration/test_commands.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75850, "scanner": "repobility-ast-engine", "fingerprint": "54c9479f696ed58271d9e98bfc04b4f6d50f665cdd221dda5f309500d09e25ee", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|54c9479f696ed58271d9e98bfc04b4f6d50f665cdd221dda5f309500d09e25ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/session.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 75847, "scanner": "repobility-ast-engine", "fingerprint": "043c96ddb324ed03038e5ddb30c1c11f39d9dda89c2eeb53a07a67f5e69dfc69", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|043c96ddb324ed03038e5ddb30c1c11f39d9dda89c2eeb53a07a67f5e69dfc69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cookiecutter/openbb_cookiecutter/cli.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 75845, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 75844, "scanner": "repobility-agent-runtime", "fingerprint": "58d3aa1570fa4b6a7c9e62b195279b6e9e628694c0ee571b37eb01e99a50e0ea", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|58d3aa1570fa4b6a7c9e62b195279b6e9e628694c0ee571b37eb01e99a50e0ea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/installation.md"}, "region": {"startLine": 70}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 75843, "scanner": "repobility-agent-runtime", "fingerprint": "73a7e97f9a7590b15bd3055792aec864b49c75b1dd3966a4f3c6ea1e2e3eb88d", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|73a7e97f9a7590b15bd3055792aec864b49c75b1dd3966a4f3c6ea1e2e3eb88d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/mcp_server/openbb_mcp_server/utils/app_import.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 75842, "scanner": "repobility-agent-runtime", "fingerprint": "ea71b5c594bc1494e00a14b81493a929e797a424670c2f5aedee60ef4668a8d8", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|ea71b5c594bc1494e00a14b81493a929e797a424670c2f5aedee60ef4668a8d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/routes/backends.tsx"}, "region": {"startLine": 83}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 75841, "scanner": "repobility-agent-runtime", "fingerprint": "28e3d683c3faf849f33643c3d69f778aa61b45cb9d4e1d816b76982709b45da7", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|28e3d683c3faf849f33643c3d69f778aa61b45cb9d4e1d816b76982709b45da7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/README.md"}, "region": {"startLine": 47}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 75811, "scanner": "repobility-threat-engine", "fingerprint": "5a82cd627634b09479476448b92f29bca0c3a8c53f7307d006081541bb370351", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "try:\n resp = await session.get(url)\n if resp.status !=", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5a82cd627634b09479476448b92f29bca0c3a8c53f7307d006081541bb370351"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/government_us/openbb_government_us/models/weather_bulletin.py"}, "region": {"startLine": 94}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 75810, "scanner": "repobility-threat-engine", "fingerprint": "c56caabc01b7ebc53063198a09d430cca30d5e4d3653bc75067546d192c70669", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "try:\n result = await amake_request(\n url,", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c56caabc01b7ebc53063198a09d430cca30d5e4d3653bc75067546d192c70669"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/fmp/openbb_fmp/models/government_trades.py"}, "region": {"startLine": 192}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 75809, "scanner": "repobility-threat-engine", "fingerprint": "a6bf215663c1dbe4a59e505ff991de101549e1b19f89c0b1a30a45273158ee6c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "try:\n with apps_file.open(\"r\", encoding=\"utf-8\") as f:\n apps_json = json.load(f)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a6bf215663c1dbe4a59e505ff991de101549e1b19f89c0b1a30a45273158ee6c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/cftc/openbb_cftc/cftc_router.py"}, "region": {"startLine": 146}}}]}, {"ruleId": "SEC012", "level": "warning", "message": {"text": "[SEC012] ZipSlip \u2014 Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory."}, "properties": {"repobilityId": 75808, "scanner": "repobility-threat-engine", "fingerprint": "38b99b64a9788559522f8d604b191217b6879e6ce8641f942dc681297d962635", "category": "path_traversal", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".extractall(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC012", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|path_traversal|token|148|sec012"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/cboe/openbb_cboe/models/options_chains.py"}, "region": {"startLine": 148}}}]}, {"ruleId": "ERR002", "level": "warning", "message": {"text": "[ERR002] Empty Catch Block: Empty catch blocks hide errors."}, "properties": {"repobilityId": 75795, "scanner": "repobility-threat-engine", "fingerprint": "b4837ea8d51f547fe4fcf117cd4f2559453d7e6cfff25156d75e79dbfac927a2", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".catch(() => {})", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR002", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b4837ea8d51f547fe4fcf117cd4f2559453d7e6cfff25156d75e79dbfac927a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/BackendLogsPage.tsx"}, "region": {"startLine": 158}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 75790, "scanner": "repobility-threat-engine", "fingerprint": "dc09e9eb3787b1c3443ceae7d1140c918890dbe25b7765e67d1a4f70cd326f78", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".exec(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|41|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/BackendLogsPage.tsx"}, "region": {"startLine": 41}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 75777, "scanner": "repobility-threat-engine", "fingerprint": "80cccc5d7076018a0ad8332170a940b810eb66a0c900ec121982390f37d76c6a", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|80cccc5d7076018a0ad8332170a940b810eb66a0c900ec121982390f37d76c6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cookiecutter/openbb_cookiecutter/template/hooks/post_gen_project.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `parse_and_fetch_pr_details` has cognitive complexity 18 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, else=1, except=1, for=2, if=3, nested_bonus=10."}, "properties": {"repobilityId": 75756, "scanner": "repobility-threat-engine", "fingerprint": "45447b8dbc786a6104aeab845cbf19dfcd93dd07d46885b8b632a612d43c0617", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 18 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "parse_and_fetch_pr_details", "breakdown": {"if": 3, "for": 2, "else": 1, "except": 1, "continue": 1, "nested_bonus": 10}, "complexity": 18, "correlation_key": "fp|45447b8dbc786a6104aeab845cbf19dfcd93dd07d46885b8b632a612d43c0617"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/scripts/summarize_changelog.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `process_changelog` has cognitive complexity 15 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, except=2, for=2, if=4, nested_bonus=6."}, "properties": {"repobilityId": 75755, "scanner": "repobility-threat-engine", "fingerprint": "d908d9c9973d7035a698cf0248f2ee8cf2cc5d520e6b023af4e04453843bf1c4", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 15 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "process_changelog", "breakdown": {"if": 4, "for": 2, "except": 2, "continue": 1, "nested_bonus": 6}, "complexity": 15, "correlation_key": "fp|d908d9c9973d7035a698cf0248f2ee8cf2cc5d520e6b023af4e04453843bf1c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/scripts/process_changelog.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75840, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ce9646b7f55f3a936cc4d5c518c010482cde279a9b325f948d1e52f048ca506c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/generic_charts.py", "duplicate_line": 207, "correlation_key": "fp|ce9646b7f55f3a936cc4d5c518c010482cde279a9b325f948d1e52f048ca506c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/price_historical.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75839, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1905f6f049fde1f0f0433c17116116aa59c2d6c0d1c14d0ca9b19b865b97c904", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/obbject_extensions/charting/openbb_charting/charting.py", "duplicate_line": 145, "correlation_key": "fp|1905f6f049fde1f0f0433c17116116aa59c2d6c0d1c14d0ca9b19b865b97c904"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charts/generic_charts.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75838, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5626a51e2609e5144808ef310a22dbbc5e8b3553b9cf911d85f00b3398c431d9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/extensions/econometrics/openbb_econometrics/econometrics_views.py", "duplicate_line": 13, "correlation_key": "fp|5626a51e2609e5144808ef310a22dbbc5e8b3553b9cf911d85f00b3398c431d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/obbject_extensions/charting/openbb_charting/charting.py"}, "region": {"startLine": 375}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75837, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f9195f32d520d7dc9a57c2a1b1b86e5451aaff564f2f0d24ab281c426a0ea23c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/extensions/mcp_server/openbb_mcp_server/utils/app_import.py", "duplicate_line": 20, "correlation_key": "fp|f9195f32d520d7dc9a57c2a1b1b86e5451aaff564f2f0d24ab281c426a0ea23c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/platform_api/openbb_platform_api/utils/api.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75836, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2beaf0f4d1a171d55a50f54e82c48125526c093e67939484436f78c17b055098", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/extensions/mcp_server/openbb_mcp_server/app/app.py", "duplicate_line": 352, "correlation_key": "fp|2beaf0f4d1a171d55a50f54e82c48125526c093e67939484436f78c17b055098"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/mcp_server/openbb_mcp_server/utils/fastapi.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75835, "scanner": "repobility-ai-code-hygiene", "fingerprint": "86cac507ab76ed4919b375ca78f6ba171cf870fc45d3b6c16b2bb07ce786b900", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/extensions/derivatives/openbb_derivatives/derivatives_views.py", "duplicate_line": 170, "correlation_key": "fp|86cac507ab76ed4919b375ca78f6ba171cf870fc45d3b6c16b2bb07ce786b900"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/fixedincome/openbb_fixedincome/fixedincome_views.py"}, "region": {"startLine": 169}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75834, "scanner": "repobility-ai-code-hygiene", "fingerprint": "31ca014da33d9479c56450021392a2dd63a1a51ede32c933245b9676951a5eab", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/company_news.py", "duplicate_line": 37, "correlation_key": "fp|31ca014da33d9479c56450021392a2dd63a1a51ede32c933245b9676951a5eab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/world_news.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75833, "scanner": "repobility-ai-code-hygiene", "fingerprint": "709589cbc09c4c136a5647fb17f6ed89f29d283e61dbd3f68985170a4d820b2e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/share_price_index.py", "duplicate_line": 13, "correlation_key": "fp|709589cbc09c4c136a5647fb17f6ed89f29d283e61dbd3f68985170a4d820b2e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/unemployment.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75832, "scanner": "repobility-ai-code-hygiene", "fingerprint": "20503611c95586912513a830d341f2e6ee98450c35be70af48ed2567640e587b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/federal_funds_rate.py", "duplicate_line": 35, "correlation_key": "fp|20503611c95586912513a830d341f2e6ee98450c35be70af48ed2567640e587b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/sofr.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75831, "scanner": "repobility-ai-code-hygiene", "fingerprint": "016fbb4cb7d4c6a107fb1658746446903b8f7750fbb9d1c4d1ab67825af47ee3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/search_attributes.py", "duplicate_line": 12, "correlation_key": "fp|016fbb4cb7d4c6a107fb1658746446903b8f7750fbb9d1c4d1ab67825af47ee3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/search_financial_attributes.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75830, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6f3699688f151197fab7ed751e810765e12bea888d2883557621be56d9567ca5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/federal_funds_rate.py", "duplicate_line": 35, "correlation_key": "fp|6f3699688f151197fab7ed751e810765e12bea888d2883557621be56d9567ca5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/overnight_bank_funding_rate.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75829, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d8b3b642570a7bcf8d55a6d00ced15ec6feec07675293f4dd3394cf58cfa2e37", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/currency_snapshots.py", "duplicate_line": 48, "correlation_key": "fp|d8b3b642570a7bcf8d55a6d00ced15ec6feec07675293f4dd3394cf58cfa2e37"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/market_snapshots.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75828, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4e2095c74d7d9114136a9606babdb4f97f2066507e16a0b6c0b809e30f9eff43", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/historical_attributes.py", "duplicate_line": 31, "correlation_key": "fp|4e2095c74d7d9114136a9606babdb4f97f2066507e16a0b6c0b809e30f9eff43"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/latest_attributes.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75827, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8fb9b4872bdb7fbaef439c90912764701eead1ec0d67612917083964d41812e1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/equity_quote.py", "duplicate_line": 98, "correlation_key": "fp|8fb9b4872bdb7fbaef439c90912764701eead1ec0d67612917083964d41812e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/index_snapshots.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75826, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5ecae9aaa47d1e932c102498ed3cbf0303571f15ae6c4e29e7b62fdcc9969452", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/equity_quote.py", "duplicate_line": 98, "correlation_key": "fp|5ecae9aaa47d1e932c102498ed3cbf0303571f15ae6c4e29e7b62fdcc9969452"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/index_historical.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75825, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2a9cc7ce0cf6ef9786620a3f83c9fadb09feda7083000e2b2b47e55d29c57d18", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/historical_dividends.py", "duplicate_line": 12, "correlation_key": "fp|2a9cc7ce0cf6ef9786620a3f83c9fadb09feda7083000e2b2b47e55d29c57d18"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/historical_market_cap.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75824, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9fc7efa113860ca27ecb1f386771c531ba06fd57c2933c8bf6fe25e3a0c6ecb7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/historical_dividends.py", "duplicate_line": 12, "correlation_key": "fp|9fc7efa113860ca27ecb1f386771c531ba06fd57c2933c8bf6fe25e3a0c6ecb7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/historical_employees.py"}, "region": {"startLine": 12}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75823, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0cf8bb43a9df963a756b3d276f7befe4918bfedd83004164dec4e8224fe33013", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/crypto_historical.py", "duplicate_line": 33, "correlation_key": "fp|0cf8bb43a9df963a756b3d276f7befe4918bfedd83004164dec4e8224fe33013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/futures_historical.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75822, "scanner": "repobility-ai-code-hygiene", "fingerprint": "58973c4b2a3460286666be2b66d55e1dd3d2a17da23c6817637f8188e7179a7d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/fred_release_table.py", "duplicate_line": 23, "correlation_key": "fp|58973c4b2a3460286666be2b66d55e1dd3d2a17da23c6817637f8188e7179a7d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/futures_curve.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75821, "scanner": "repobility-ai-code-hygiene", "fingerprint": "119ff205d0235a554b4b2c2725e1c086094f38e2314da9f454aaae1b9a8317d4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/forward_eps_estimates.py", "duplicate_line": 23, "correlation_key": "fp|119ff205d0235a554b4b2c2725e1c086094f38e2314da9f454aaae1b9a8317d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/forward_sales_estimates.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75820, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6816671f472884b9d3205316b41bbe1ac48622e6f5bce519e17dd91c82e13c0a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/crypto_historical.py", "duplicate_line": 32, "correlation_key": "fp|6816671f472884b9d3205316b41bbe1ac48622e6f5bce519e17dd91c82e13c0a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/currency_historical.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75819, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a29be3b8829d9453f5d49e55e6f1c2ffbe95e854109f008a41e623708434cf3b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/ameribor.py", "duplicate_line": 22, "correlation_key": "fp|a29be3b8829d9453f5d49e55e6f1c2ffbe95e854109f008a41e623708434cf3b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/commercial_paper.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75818, "scanner": "repobility-ai-code-hygiene", "fingerprint": "825734babb9f2bc3ae4f4c267604b16043471119054592d071a505d458949f54", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "openbb_platform/core/openbb_core/provider/standard_models/bond_prices.py", "duplicate_line": 10, "correlation_key": "fp|825734babb9f2bc3ae4f4c267604b16043471119054592d071a505d458949f54"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/bond_reference.py"}, "region": {"startLine": 10}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75817, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bafe3ba498077204bf600b75516e32657713b953958497af5d1efd3c0f84383a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "desktop/src/components/BackendLogsPage.tsx", "duplicate_line": 16, "correlation_key": "fp|bafe3ba498077204bf600b75516e32657713b953958497af5d1efd3c0f84383a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/JupyterLogsPage.tsx"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75816, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f53365791b69de27a8083b92e1a421e64886df47b58270b72bc0371de4e941fb", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "desktop/src/components/AddExtensionSelector.tsx", "duplicate_line": 28, "correlation_key": "fp|f53365791b69de27a8083b92e1a421e64886df47b58270b72bc0371de4e941fb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/InstallComponents.tsx"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 75815, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fa1319f43097f2f3b6c0ae980687ee4287b9d1edb555020d0fac237582d39b12", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "cli/openbb_cli/controllers/base_controller.py", "duplicate_line": 551, "correlation_key": "fp|fa1319f43097f2f3b6c0ae980687ee4287b9d1edb555020d0fac237582d39b12"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/choices.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC007", "level": "note", "message": {"text": "Generated build artifact directory is present at repository root"}, "properties": {"repobilityId": 75814, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9ce25f11f897b8a8b2478fd0136724866f111b604484c20a5c690bce80d94da1", "category": "quality", "severity": "low", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository root contains a common generated artifact directory.", "evidence": {"rule_id": "AIC007", "scanner": "repobility-ai-code-hygiene", "directory": "build", "references": ["https://git-scm.com/docs/gitignore", "https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|9ce25f11f897b8a8b2478fd0136724866f111b604484c20a5c690bce80d94da1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC124", "level": "note", "message": {"text": "[SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/exists then open) lets an attacker swap the file between check and use (symlink attack). `mktemp` is deprecated for the same reason."}, "properties": {"repobilityId": 75772, "scanner": "repobility-threat-engine", "fingerprint": "6bcb1ba57c02d881e4e2116dd22ec1e4c18e53c039b5465bb2cc3325fcf7002d", "category": "race_condition", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "os.path.isfile(path):\n os.remove(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC124", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|6bcb1ba57c02d881e4e2116dd22ec1e4c18e53c039b5465bb2cc3325fcf7002d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cookiecutter/openbb_cookiecutter/template/hooks/post_gen_project.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `_process_class` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, elif=1, for=1, if=2, nested_bonus=3, recursion=1."}, "properties": {"repobilityId": 75757, "scanner": "repobility-threat-engine", "fingerprint": "853e6402903d6529d09d9e875885c8f97249ffa48a6dd541d1074f8d75d50591", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "_process_class", "breakdown": {"if": 2, "for": 1, "elif": 1, "continue": 1, "recursion": 1, "nested_bonus": 3}, "complexity": 9, "correlation_key": "fp|853e6402903d6529d09d9e875885c8f97249ffa48a6dd541d1074f8d75d50591"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_class_processor.py"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 75807, "scanner": "repobility-threat-engine", "fingerprint": "d721b12cd770ee082a4e9d710188f3847e736b578cc34b2cb6ace0c0add796fa", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d721b12cd770ee082a4e9d710188f3847e736b578cc34b2cb6ace0c0add796fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/sec/openbb_sec/utils/statement_schema/_types.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 75806, "scanner": "repobility-threat-engine", "fingerprint": "d0cb33881728996376be755c6a3285212f8997f4368a7289b1b205304e9b56db", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d0cb33881728996376be755c6a3285212f8997f4368a7289b1b205304e9b56db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/mcp_server/openbb_mcp_server/models/category_index.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 14 more): Same pattern found in 14 additional files. Review if needed."}, "properties": {"repobilityId": 75805, "scanner": "repobility-threat-engine", "fingerprint": "14ce4ae7a22d633b8fe645d2ab2c7e5422f6d980891ae5a572bf746a645a7bfd", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 14 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 14 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|14ce4ae7a22d633b8fe645d2ab2c7e5422f6d980891ae5a572bf746a645a7bfd"}}}, {"ruleId": "MINED009", "level": "none", "message": {"text": "[MINED009] Floats For Money (and 13 more): Same pattern found in 13 additional files. Review if needed."}, "properties": {"repobilityId": 75801, "scanner": "repobility-threat-engine", "fingerprint": "a6c150fd19ee8a6a4f52493b058de23406e2ec69b2c10ad802b1468fd82a5c1f", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 13 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|a6c150fd19ee8a6a4f52493b058de23406e2ec69b2c10ad802b1468fd82a5c1f", "aggregated_count": 13}}}, {"ruleId": "MINED065", "level": "none", "message": {"text": "[MINED065] Cors Wildcard: Access-Control-Allow-Origin: * exposes the API to any browser origin. Acceptable for public read-only endpoints; dangerous when paired with credentials or write endpoints."}, "properties": {"repobilityId": 75797, "scanner": "repobility-threat-engine", "fingerprint": "d6d1317106f99b1fa09aead289a901ea54c3620e61e760844d1739b9dbef53d8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cors-wildcard", "owasp": "A05:2021", "cwe_ids": ["CWE-942", "CWE-346"], "languages": ["python", "javascript", "typescript", "yaml", "json"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348052+00:00", "triaged_in_corpus": 12, "observations_count": 63910, "ai_coder_pattern_id": 46}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d6d1317106f99b1fa09aead289a901ea54c3620e61e760844d1739b9dbef53d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/api/rest_api.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED054", "level": "none", "message": {"text": "[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely."}, "properties": {"repobilityId": 75796, "scanner": "repobility-threat-engine", "fingerprint": "3930e43df8e3979045ebc4aa72c7cdd89884cb548c29c8f84a3204eb2b6a24cc", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-as-any", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348028+00:00", "triaged_in_corpus": 12, "observations_count": 341218, "ai_coder_pattern_id": 98}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3930e43df8e3979045ebc4aa72c7cdd89884cb548c29c8f84a3204eb2b6a24cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/routeTree.gen.ts"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED058", "level": "none", "message": {"text": "[MINED058] React Dangerously Set Html: dangerouslySetInnerHTML bypasses Reacts JSX escaping. Pair with DOMPurify or never use with user data."}, "properties": {"repobilityId": 75794, "scanner": "repobility-threat-engine", "fingerprint": "ec4b0599049eac2ff5b18a8af78f6c11ba90e06badb093369c0ced1ae1048472", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "react-dangerously-set-html", "owasp": "A03:2021", "cwe_ids": ["CWE-79"], "languages": ["javascript", "typescript"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348037+00:00", "triaged_in_corpus": 12, "observations_count": 255650, "ai_coder_pattern_id": 49}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ec4b0599049eac2ff5b18a8af78f6c11ba90e06badb093369c0ced1ae1048472"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/BackendLogsPage.tsx"}, "region": {"startLine": 253}}}]}, {"ruleId": "MINED056", "level": "none", "message": {"text": "[MINED056] React Key As Index: key={index} in map() \u2014 re-renders the wrong elements on re-order."}, "properties": {"repobilityId": 75793, "scanner": "repobility-threat-engine", "fingerprint": "0fca0d283bd27dbdcdf94f22a5b564a7f6e49411982ba3cea73ad64330e70872", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "react-key-as-index", "owasp": null, "cwe_ids": ["CWE-682"], "languages": ["typescript", "tsx", "javascript", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348032+00:00", "triaged_in_corpus": 12, "observations_count": 299917, "ai_coder_pattern_id": 135}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0fca0d283bd27dbdcdf94f22a5b564a7f6e49411982ba3cea73ad64330e70872"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/BackendLogsPage.tsx"}, "region": {"startLine": 250}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 75789, "scanner": "repobility-threat-engine", "fingerprint": "980049cd1e5583f2caec24cc910a77bf388ba2f3b1630c99defc872da9a7e726", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|980049cd1e5583f2caec24cc910a77bf388ba2f3b1630c99defc872da9a7e726"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src-tauri/src/utils/autostart/windows_autostart.rs"}, "region": {"startLine": 69}}}]}, {"ruleId": "MINED068", "level": "none", "message": {"text": "[MINED068] Rust Unsafe Block: unsafe { ... } block. Compiler safety guarantees disabled inside."}, "properties": {"repobilityId": 75788, "scanner": "repobility-threat-engine", "fingerprint": "5bdfdc49e4281f168f3cfe38e63faac79b66d3d4f2b05169ecceb1fca76f243d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unsafe-block", "owasp": null, "cwe_ids": ["CWE-119"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348060+00:00", "triaged_in_corpus": 12, "observations_count": 42383, "ai_coder_pattern_id": 116}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5bdfdc49e4281f168f3cfe38e63faac79b66d3d4f2b05169ecceb1fca76f243d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src-tauri/src/utils/app_termination.rs"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 75787, "scanner": "repobility-threat-engine", "fingerprint": "f5f0ee0407b51d0ac20b895b10fb0fb2d25d496c71c3de2200e03e778c4fe3f2", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|f5f0ee0407b51d0ac20b895b10fb0fb2d25d496c71c3de2200e03e778c4fe3f2", "aggregated_count": 2}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 75786, "scanner": "repobility-threat-engine", "fingerprint": "16c614ebd815410cdc4c42f6b5c4341e1db52fb336f595275d3db61dfb462162", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|16c614ebd815410cdc4c42f6b5c4341e1db52fb336f595275d3db61dfb462162"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/routes/__root.tsx"}, "region": {"startLine": 147}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 75785, "scanner": "repobility-threat-engine", "fingerprint": "3e0d700ca33eb65e33efd23d8c45a181af290f767b83d83e985ae5ee472ad159", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3e0d700ca33eb65e33efd23d8c45a181af290f767b83d83e985ae5ee472ad159"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/ShowVersion.tsx"}, "region": {"startLine": 12}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 75784, "scanner": "repobility-threat-engine", "fingerprint": "26b64472b0d2dba7d4f53cec43b6b85fd3753d09c48dedfd002cfa0391ebccc9", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|26b64472b0d2dba7d4f53cec43b6b85fd3753d09c48dedfd002cfa0391ebccc9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src-tauri/scripts/copy_openssl.cjs"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED066", "level": "none", "message": {"text": "[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors."}, "properties": {"repobilityId": 75783, "scanner": "repobility-threat-engine", "fingerprint": "3579a29384ff91ce718c89416d931e3de48939c818eec8103e53edb19cd1bb1b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-panic-macro", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348055+00:00", "triaged_in_corpus": 12, "observations_count": 48611, "ai_coder_pattern_id": 113}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3579a29384ff91ce718c89416d931e3de48939c818eec8103e53edb19cd1bb1b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src-tauri/build.rs"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 75782, "scanner": "repobility-threat-engine", "fingerprint": "deede2eb215d875636a96303401dd81bf1c025789980c14394da92c4eaa2dcca", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|deede2eb215d875636a96303401dd81bf1c025789980c14394da92c4eaa2dcca", "aggregated_count": 1}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 75781, "scanner": "repobility-threat-engine", "fingerprint": "fb6687e2515603d5512870706488958f357ba6f5ff739c0df1066aa56e9c9009", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fb6687e2515603d5512870706488958f357ba6f5ff739c0df1066aa56e9c9009"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/quantitative/openbb_quantitative/performance/performance_router.py"}, "region": {"startLine": 224}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 75780, "scanner": "repobility-threat-engine", "fingerprint": "76c861966458b85eebba1de5f6006f13174f0fc6016acdf66be95ad319efc032", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|76c861966458b85eebba1de5f6006f13174f0fc6016acdf66be95ad319efc032"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/utils/update_exchange_data.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 75779, "scanner": "repobility-threat-engine", "fingerprint": "4972121a73b1b5aed31e1d5c10481afa0849c2ae07a45de3ef3aacaec5cb11c3", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4972121a73b1b5aed31e1d5c10481afa0849c2ae07a45de3ef3aacaec5cb11c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src-tauri/build.rs"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 75776, "scanner": "repobility-threat-engine", "fingerprint": "3ed4a11ec48650075e843160edf55362aa121897a652d0286a1dc826dd94d954", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|3ed4a11ec48650075e843160edf55362aa121897a652d0286a1dc826dd94d954", "aggregated_count": 1}}}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 16 more): Same pattern found in 16 additional files. Review if needed."}, "properties": {"repobilityId": 75771, "scanner": "repobility-threat-engine", "fingerprint": "8e1eba7fa867ff7498b2ea9a585b6900e4d928baa557d7b985b5e1fa147dd7d6", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 16 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 16 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|8e1eba7fa867ff7498b2ea9a585b6900e4d928baa557d7b985b5e1fa147dd7d6"}}}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 75767, "scanner": "repobility-threat-engine", "fingerprint": "54aaca8a46c5ab394227934d1d5af74567905366ae087c6da0ff59ca0d935a9e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|54aaca8a46c5ab394227934d1d5af74567905366ae087c6da0ff59ca0d935a9e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/utils/exchange_utils.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 75766, "scanner": "repobility-threat-engine", "fingerprint": "74430af1c298120d30dcc877051290278cbb903a540de6e7ae831a155a9bcbd7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|74430af1c298120d30dcc877051290278cbb903a540de6e7ae831a155a9bcbd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/utils/country_utils.py"}, "region": {"startLine": 135}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 75765, "scanner": "repobility-threat-engine", "fingerprint": "213339d33f457a31b569ba2c86775c440244144b57bb447de2ff31d4cecc9331", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|213339d33f457a31b569ba2c86775c440244144b57bb447de2ff31d4cecc9331"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/config/console.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 11 more): Same pattern found in 11 additional files. Review if needed."}, "properties": {"repobilityId": 75764, "scanner": "repobility-threat-engine", "fingerprint": "782b35fe2be2b25845698f37beaaef3524528d1bc7dfc5351c5dbeac247431c5", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 11 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|782b35fe2be2b25845698f37beaaef3524528d1bc7dfc5351c5dbeac247431c5", "aggregated_count": 11}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 75763, "scanner": "repobility-threat-engine", "fingerprint": "bef089c7505bf72487a69f77e2b63a0e0ff56ac4ca9037dc4602712f5faf7cee", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bef089c7505bf72487a69f77e2b63a0e0ff56ac4ca9037dc4602712f5faf7cee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/app/static/utils/decorators.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 75762, "scanner": "repobility-threat-engine", "fingerprint": "4028e81585ff6b4639e81b7e476d35da35c09a58b7dda03aaf10ce015dd33113", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4028e81585ff6b4639e81b7e476d35da35c09a58b7dda03aaf10ce015dd33113"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cookiecutter/openbb_cookiecutter/template/hooks/post_gen_project.py"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 75761, "scanner": "repobility-threat-engine", "fingerprint": "e76076edc19d4f90dbb2f36264a20c3420c82f54ad0781c6c843ae2c97ad7e3a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e76076edc19d4f90dbb2f36264a20c3420c82f54ad0781c6c843ae2c97ad7e3a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_class_processor.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 75760, "scanner": "repobility-threat-engine", "fingerprint": "f302b6cfd5ee7a971fb8d65ddf1ef06267c027340a2db4e17622f5289ed08212", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f302b6cfd5ee7a971fb8d65ddf1ef06267c027340a2db4e17622f5289ed08212"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/scripts/summarize_changelog.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 75759, "scanner": "repobility-threat-engine", "fingerprint": "90315f7666f9068c933a7799df7dacb047e2d1152e7a6d10cb584d953982c805", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'timeout\\s*=' detected on same line", "evidence": {"match": "requests.get(", "reason": "Safe pattern 'timeout\\s*=' detected on same line", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "fp|90315f7666f9068c933a7799df7dacb047e2d1152e7a6d10cb584d953982c805"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/scripts/summarize_changelog.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 244 more): Same pattern found in 244 additional files. Review if needed."}, "properties": {"repobilityId": 75758, "scanner": "repobility-threat-engine", "fingerprint": "d01d80e2713b9d9f3473bd67a193a93de5f24f9e56c660bf5377f588213bd9d4", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 244 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "process_changelog", "breakdown": {"if": 4, "for": 2, "except": 2, "continue": 1, "nested_bonus": 6}, "aggregated": true, "complexity": 15, "correlation_key": "fp|d01d80e2713b9d9f3473bd67a193a93de5f24f9e56c660bf5377f588213bd9d4", "aggregated_count": 244}}}, {"ruleId": "SEC103", "level": "none", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 75754, "scanner": "repobility-threat-engine", "fingerprint": "0edbeffb250228c25ea7248a70ed5a8dd2a5b09f7f3943fdb9d9c2db8f28df16", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|0edbeffb250228c25ea7248a70ed5a8dd2a5b09f7f3943fdb9d9c2db8f28df16"}}}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75969, "scanner": "repobility-supply-chain", "fingerprint": "b7b4ad9c0add70bf3aecb6a6ed19bc835ec6547c870be2969c5177adb16df1cb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b7b4ad9c0add70bf3aecb6a6ed19bc835ec6547c870be2969c5177adb16df1cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-win64.yml"}, "region": {"startLine": 98}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75968, "scanner": "repobility-supply-chain", "fingerprint": "98131ecd8ca9e475b8a05e324e2a92ae0b47c190730e91c6a5b46ef764c959db", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|98131ecd8ca9e475b8a05e324e2a92ae0b47c190730e91c6a5b46ef764c959db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-win64.yml"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75967, "scanner": "repobility-supply-chain", "fingerprint": "24307e13e70d92525d8f4f46dd88bfab2e9c178fdfca149eb1fb06a5899bee79", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|24307e13e70d92525d8f4f46dd88bfab2e9c178fdfca149eb1fb06a5899bee79"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-win64.yml"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75966, "scanner": "repobility-supply-chain", "fingerprint": "1b2aeaa0432ccecc1147f9477191b0289524ea379387e8f64c0b2fbd1ec2b79d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1b2aeaa0432ccecc1147f9477191b0289524ea379387e8f64c0b2fbd1ec2b79d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-win64.yml"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75965, "scanner": "repobility-supply-chain", "fingerprint": "47f15cc070e1bfc767c3c23551439732a032df5dd8ecc4e86dbc50b9807b6b34", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|47f15cc070e1bfc767c3c23551439732a032df5dd8ecc4e86dbc50b9807b6b34"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-win64.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75964, "scanner": "repobility-supply-chain", "fingerprint": "52dc8778744e04615d2e68bf9bc74972c1447776d391c622b996f00c44b404fa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|52dc8778744e04615d2e68bf9bc74972c1447776d391c622b996f00c44b404fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-win64.yml"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75963, "scanner": "repobility-supply-chain", "fingerprint": "f0b25a328b667f998884ff39fdd401120f1860169ec5b88aa5c20f9de10799da", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f0b25a328b667f998884ff39fdd401120f1860169ec5b88aa5c20f9de10799da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-winARM.yml"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75962, "scanner": "repobility-supply-chain", "fingerprint": "fe902be639bc00c60450a368c8865b65063a9ca5fb0e45d45e3267138f8daca5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fe902be639bc00c60450a368c8865b65063a9ca5fb0e45d45e3267138f8daca5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-winARM.yml"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75961, "scanner": "repobility-supply-chain", "fingerprint": "699ff5dfcf033475b3bec183c00a2bbd6fb422837b8563cde60e63834591bf0d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|699ff5dfcf033475b3bec183c00a2bbd6fb422837b8563cde60e63834591bf0d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-winARM.yml"}, "region": {"startLine": 72}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75960, "scanner": "repobility-supply-chain", "fingerprint": "32859a5d8d83f5d7485364e35f71ceb492bcd6e3266ee872b75d8744c5e07366", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|32859a5d8d83f5d7485364e35f71ceb492bcd6e3266ee872b75d8744c5e07366"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-winARM.yml"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75959, "scanner": "repobility-supply-chain", "fingerprint": "623d22a45178c91ec671a5d209c7d3f2bf8339bb6bf6fb64392a78fc3393c9aa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|623d22a45178c91ec671a5d209c7d3f2bf8339bb6bf6fb64392a78fc3393c9aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-winARM.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75958, "scanner": "repobility-supply-chain", "fingerprint": "51e1104eb79ec11a518f4ba38a3e4bf42d28736ad1015919b6c9cacf913d8429", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|51e1104eb79ec11a518f4ba38a3e4bf42d28736ad1015919b6c9cacf913d8429"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-unit-desktop-winARM.yml"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v6`: `uses: actions/upload-artifact@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75957, "scanner": "repobility-supply-chain", "fingerprint": "279e5dbda189ee78de94e98fe76c0f86d4a72eb178ae2e5c2dcb8a74b5e74ec2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|279e5dbda189ee78de94e98fe76c0f86d4a72eb178ae2e5c2dcb8a74b5e74ec2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osx64.yml"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75956, "scanner": "repobility-supply-chain", "fingerprint": "b333245455fee6c3a3ca9d4762aca0e1d02ff3d916fc6515274215a60960f475", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b333245455fee6c3a3ca9d4762aca0e1d02ff3d916fc6515274215a60960f475"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osx64.yml"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75955, "scanner": "repobility-supply-chain", "fingerprint": "9de0d9f7ad6ecf8dd02cf1e10f4de77c36996e71f00247f5963163975de6fd22", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9de0d9f7ad6ecf8dd02cf1e10f4de77c36996e71f00247f5963163975de6fd22"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osx64.yml"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75954, "scanner": "repobility-supply-chain", "fingerprint": "d40df9970541ef743baf496c90ca2b46b7cc6939b4100ed7390d4eb99fea5bec", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d40df9970541ef743baf496c90ca2b46b7cc6939b4100ed7390d4eb99fea5bec"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osx64.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75953, "scanner": "repobility-supply-chain", "fingerprint": "5a5e9a51829e68a07f6165d51994366a0ff1dfe7a6d0fb2a9d02ba0375281c7b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5a5e9a51829e68a07f6165d51994366a0ff1dfe7a6d0fb2a9d02ba0375281c7b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osx64.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v6`: `uses: actions/upload-artifact@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75952, "scanner": "repobility-supply-chain", "fingerprint": "9751885f876bcfc162077f5b55ac9042e2785d210915ca628e6a031346f6f11d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9751885f876bcfc162077f5b55ac9042e2785d210915ca628e6a031346f6f11d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osxARM.yml"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75951, "scanner": "repobility-supply-chain", "fingerprint": "864e48b90f5438c307bb4f8f9065487945f28ce945ddbf0952f042300b9b0529", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|864e48b90f5438c307bb4f8f9065487945f28ce945ddbf0952f042300b9b0529"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osxARM.yml"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75950, "scanner": "repobility-supply-chain", "fingerprint": "c8cbff64284a181214c30adb5a400b25c4d0405aa517def10063a455a8727156", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c8cbff64284a181214c30adb5a400b25c4d0405aa517def10063a455a8727156"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osxARM.yml"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75949, "scanner": "repobility-supply-chain", "fingerprint": "6d456f3978293d5e859948138428f447c9ad289e689f0334247399b435a0a9a9", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6d456f3978293d5e859948138428f447c9ad289e689f0334247399b435a0a9a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osxARM.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75948, "scanner": "repobility-supply-chain", "fingerprint": "9c2132b15443d3b7fb519c0368fdf7bf9eee8323d5063650eb3f107743e7df9c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9c2132b15443d3b7fb519c0368fdf7bf9eee8323d5063650eb3f107743e7df9c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build-desktop-osxARM.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `github/codeql-action/analyze` pinned to mutable ref `@v4`: `uses: github/codeql-action/analyze@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75947, "scanner": "repobility-supply-chain", "fingerprint": "013d673795cf6c16e45ff2e72b131bc17e3e22cde317f2156cb4e175ee2f5b38", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|013d673795cf6c16e45ff2e72b131bc17e3e22cde317f2156cb4e175ee2f5b38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/codeql.yml"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `github/codeql-action/init` pinned to mutable ref `@v4`: `uses: github/codeql-action/init@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75946, "scanner": "repobility-supply-chain", "fingerprint": "d12795d074bc7433aadc276c08f472afe999791ac8998b55ca7eaf06779e8237", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d12795d074bc7433aadc276c08f472afe999791ac8998b55ca7eaf06779e8237"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/codeql.yml"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 75945, "scanner": "repobility-supply-chain", "fingerprint": "0c6c4be53741486d540618a350f6e9cc6b0307d8acf47851b6d9c2edf34b5c73", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0c6c4be53741486d540618a350f6e9cc6b0307d8acf47851b6d9c2edf34b5c73"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/codeql.yml"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/Yelp/detect-secrets` pinned to mutable rev `v1.5.0`: `.pre-commit-config.yaml` references `https://github.com/Yelp/detect-secrets` at `rev: v1.5.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75939, "scanner": "repobility-supply-chain", "fingerprint": "b5b1aa81d00ba0d73b91358a681bc2fe7f195ef5ff40929eb588283716f0c3d9", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b5b1aa81d00ba0d73b91358a681bc2fe7f195ef5ff40929eb588283716f0c3d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 83}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/kynan/nbstripout` pinned to mutable rev `0.8.1`: `.pre-commit-config.yaml` references `https://github.com/kynan/nbstripout` at `rev: 0.8.1`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75938, "scanner": "repobility-supply-chain", "fingerprint": "995527878844af754af5a4657d08a0246b131eea600cd17539f2fd9ca9c5c495", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|995527878844af754af5a4657d08a0246b131eea600cd17539f2fd9ca9c5c495"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/mirrors-mypy` pinned to mutable rev `v1.15.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/mirrors-mypy` at `rev: v1.15.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75937, "scanner": "repobility-supply-chain", "fingerprint": "b602da54567e3288bb595d39aa773c4aef2ad754b67ea836d2457bf4bd4c3e65", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b602da54567e3288bb595d39aa773c4aef2ad754b67ea836d2457bf4bd4c3e65"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/codespell-project/codespell` pinned to mutable rev `v2.4.1`: `.pre-commit-config.yaml` references `https://github.com/codespell-project/codespell` at `rev: v2.4.1`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75936, "scanner": "repobility-supply-chain", "fingerprint": "80c1ffb9ed0eb5e8754e4139a7aa1015b313733401a6422f1463606ac805c051", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|80c1ffb9ed0eb5e8754e4139a7aa1015b313733401a6422f1463606ac805c051"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pycqa/pydocstyle` pinned to mutable rev `6.3.0`: `.pre-commit-config.yaml` references `https://github.com/pycqa/pydocstyle` at `rev: 6.3.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75935, "scanner": "repobility-supply-chain", "fingerprint": "8058d87168797432ef3ab2ae6b41ac7ebfd114f2c54b009a4e519676db607eaa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8058d87168797432ef3ab2ae6b41ac7ebfd114f2c54b009a4e519676db607eaa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/charliermarsh/ruff-pre-commit` pinned to mutable rev `v0.12.12`: `.pre-commit-config.yaml` references `https://github.com/charliermarsh/ruff-pre-commit` at `rev: v0.12.12`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75934, "scanner": "repobility-supply-chain", "fingerprint": "8475c2fc62a59696369e063903f10c6aca0e5fe1eecd559bd595959af19ba217", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8475c2fc62a59696369e063903f10c6aca0e5fe1eecd559bd595959af19ba217"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/psf/black` pinned to mutable rev `25.1.0`: `.pre-commit-config.yaml` references `https://github.com/psf/black` at `rev: 25.1.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75933, "scanner": "repobility-supply-chain", "fingerprint": "c13d2280d2b20b4159a7898b5c8ab84e1b66807d05be01e658b332e0711e76a6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c13d2280d2b20b4159a7898b5c8ab84e1b66807d05be01e658b332e0711e76a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "[MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v5.0.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/pre-commit-hooks` at `rev: v5.0.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"repobilityId": 75932, "scanner": "repobility-supply-chain", "fingerprint": "e88ca6179ba78210ec4631162dc79427153728df4d7989f89994951904044b6b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e88ca6179ba78210ec4631162dc79427153728df4d7989f89994951904044b6b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI POST /open_document has no auth: Handler `post_open_document` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 75931, "scanner": "repobility-route-auth", "fingerprint": "dfcec5e2b14e31944ffa675cfe04c4a5a4e2660f04ed5c7e8ca3211983ee0764", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|dfcec5e2b14e31944ffa675cfe04c4a5a4e2660f04ed5c7e8ca3211983ee0764"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/nasdaq/openbb_nasdaq/app.py"}, "region": {"startLine": 257}}}]}, {"ruleId": "MINED112", "level": "error", "message": {"text": "[MINED112] FastAPI POST /fomc_documents_download has no auth: Handler `fomc_documents_download` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body."}, "properties": {"repobilityId": 75930, "scanner": "repobility-route-auth", "fingerprint": "2c58bfc47f75183829484dda5b6c1af3d9f84a357422989628304e0eb213259e", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "fastapi-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 10455}, "scanner": "repobility-route-auth", "correlation_key": "fp|2c58bfc47f75183829484dda5b6c1af3d9f84a357422989628304e0eb213259e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/federal_reserve/openbb_federal_reserve/router.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED110", "level": "error", "message": {"text": "[MINED110] Blocking call `input` inside async function `download_data`: `input` is a synchronous (blocking) call. When invoked inside an `async def` it stalls the event loop, preventing every other coroutine in the process from making progress."}, "properties": {"repobilityId": 75925, "scanner": "repobility-ast-engine", "fingerprint": "3f785ffc7e4e6910ca50d83e034de7dbda3254613b265ee6c0e9899dc0201031", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "asyncio-blocking-call", "owasp": null, "cwe_ids": ["CWE-833"], "languages": ["python"], "observations_count": 31606}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3f785ffc7e4e6910ca50d83e034de7dbda3254613b265ee6c0e9899dc0201031"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/sec/openbb_sec/utils/form4.py"}, "region": {"startLine": 528}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.save_class` used but never assigned in __init__: Method `call_home` of class `BaseController` reads `self.save_class`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75899, "scanner": "repobility-ast-engine", "fingerprint": "6538096330c9f1bd64dd1d06d87b4a159feb1ed2c4571c05cdf1cc518393c97b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6538096330c9f1bd64dd1d06d87b4a159feb1ed2c4571c05cdf1cc518393c97b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/base_controller.py"}, "region": {"startLine": 247}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_input` used but never assigned in __init__: Method `switch` of class `BaseController` reads `self.parse_input`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75898, "scanner": "repobility-ast-engine", "fingerprint": "8fc2a4e3a4789933c32857b270d0205b9628b735286ec4a357567f28bc9d68d7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8fc2a4e3a4789933c32857b270d0205b9628b735286ec4a357567f28bc9d68d7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/base_controller.py"}, "region": {"startLine": 181}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.save_class` used but never assigned in __init__: Method `load_class` of class `BaseController` reads `self.save_class`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75897, "scanner": "repobility-ast-engine", "fingerprint": "9c457ecf8c9d962f3e36fdf3617f507d32aca164cab72954e597aaca22c12af2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9c457ecf8c9d962f3e36fdf3617f507d32aca164cab72954e597aaca22c12af2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/controllers/base_controller.py"}, "region": {"startLine": 138}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._build_paths` used but never assigned in __init__: Method `_build_paths` of class `ArgparseClassProcessor` reads `self._build_paths`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75896, "scanner": "repobility-ast-engine", "fingerprint": "bc45654dd096ab07f994a76fede80c5c5618c75ea816fa7c5177ec878c3b9506", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bc45654dd096ab07f994a76fede80c5c5618c75ea816fa7c5177ec878c3b9506"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_class_processor.py"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_by_key` used but never assigned in __init__: Method `get` of class `Registry` reads `self._get_by_key`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75895, "scanner": "repobility-ast-engine", "fingerprint": "6e02bff0d9a83f408913a98f3afdb8d3dd1e95d40e1b4f2b06e22fc56aac7a55", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6e02bff0d9a83f408913a98f3afdb8d3dd1e95d40e1b4f2b06e22fc56aac7a55"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/obbject_registry.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_by_index` used but never assigned in __init__: Method `get` of class `Registry` reads `self._get_by_index`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75894, "scanner": "repobility-ast-engine", "fingerprint": "59f72a63fd0bc68a667b9de3f35efb59ce63bc3ba45c4f975a8029d398b9734a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|59f72a63fd0bc68a667b9de3f35efb59ce63bc3ba45c4f975a8029d398b9734a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/obbject_registry.py"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._contains_obbject` used but never assigned in __init__: Method `register` of class `Registry` reads `self._contains_obbject`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75893, "scanner": "repobility-ast-engine", "fingerprint": "ac578fc748456ced26a18b05d0ea2d43a85a2824e51c4b9b69a4189bcad73a89", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac578fc748456ced26a18b05d0ea2d43a85a2824e51c4b9b69a4189bcad73a89"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/obbject_registry.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_args_and_execute` used but never assigned in __init__: Method `translate` of class `ArgparseTranslator` reads `self.parse_args_and_execute`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75892, "scanner": "repobility-ast-engine", "fingerprint": "bb7a8c2a8d555f85b7341e5ba6fda355fbc9031610ef85efd93b11ab71093a8f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bb7a8c2a8d555f85b7341e5ba6fda355fbc9031610ef85efd93b11ab71093a8f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 527}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.execute_func` used but never assigned in __init__: Method `parse_args_and_execute` of class `ArgparseTranslator` reads `self.execute_func`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75891, "scanner": "repobility-ast-engine", "fingerprint": "e00c693b297f19a6a4821be4e61c61f9037ffe8e6296a31f39e1f90d56109e00", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e00c693b297f19a6a4821be4e61c61f9037ffe8e6296a31f39e1f90d56109e00"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 516}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._update_with_custom_types` used but never assigned in __init__: Method `execute_func` of class `ArgparseTranslator` reads `self._update_with_custom_types`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75890, "scanner": "repobility-ast-engine", "fingerprint": "9fca98dcfe20e16f9283d677728defbb97b1dedccb9c3971007a8300647683c3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9fca98dcfe20e16f9283d677728defbb97b1dedccb9c3971007a8300647683c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 487}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._unflatten_args` used but never assigned in __init__: Method `execute_func` of class `ArgparseTranslator` reads `self._unflatten_args`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75889, "scanner": "repobility-ast-engine", "fingerprint": "4ab6b41c54655b13795781b8c785bca65624c3c3049b33767cb2d9244c1c6f33", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4ab6b41c54655b13795781b8c785bca65624c3c3049b33767cb2d9244c1c6f33"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 486}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_type_and_choices` used but never assigned in __init__: Method `_update_with_custom_types` of class `ArgparseTranslator` reads `self._get_type_and_choices`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75888, "scanner": "repobility-ast-engine", "fingerprint": "2fb2fb4cec803225336370ffa0b09a13379fdcf9214d93d7520335375a6aa6d3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2fb2fb4cec803225336370ffa0b09a13379fdcf9214d93d7520335375a6aa6d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 465}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_argument_custom_help` used but never assigned in __init__: Method `_generate_argparse_arguments` of class `ArgparseTranslator` reads `self._get_argument_custom_help`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75887, "scanner": "repobility-ast-engine", "fingerprint": "5f861b7fa4096f28beac399234984ad7d0625c21a9875e4171916ca1a2b8cc42", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f861b7fa4096f28beac399234984ad7d0625c21a9875e4171916ca1a2b8cc42"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 424}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_nargs` used but never assigned in __init__: Method `_generate_argparse_arguments` of class `ArgparseTranslator` reads `self._get_nargs`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75886, "scanner": "repobility-ast-engine", "fingerprint": "0e84f41015c2aaff272a6e43c7519818d620aab22778f5883006e01b77f0b6b9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0e84f41015c2aaff272a6e43c7519818d620aab22778f5883006e01b77f0b6b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 425}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._escape_help` used but never assigned in __init__: Method `_generate_argparse_arguments` of class `ArgparseTranslator` reads `self._escape_help`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75885, "scanner": "repobility-ast-engine", "fingerprint": "fd9a71877ea0266328ed992f32799b36451995cbcf3375b39abe7a2544a9ed04", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fd9a71877ea0266328ed992f32799b36451995cbcf3375b39abe7a2544a9ed04"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 424}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._param_is_default` used but never assigned in __init__: Method `_generate_argparse_arguments` of class `ArgparseTranslator` reads `self._param_is_default`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75884, "scanner": "repobility-ast-engine", "fingerprint": "0a8f6d708c448a522a027a62dc7af2cb85f34a1a72581f8ec3fdb85ea19d5b75", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0a8f6d708c448a522a027a62dc7af2cb85f34a1a72581f8ec3fdb85ea19d5b75"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 407}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._generate_argparse_arguments` used but never assigned in __init__: Method `_generate_argparse_arguments` of class `ArgparseTranslator` reads `self._generate_argparse_arguments`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75883, "scanner": "repobility-ast-engine", "fingerprint": "9b90caaaf25ee469397fcafa9134dfa806343a1830a69d3025b668e6f38a8625", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9b90caaaf25ee469397fcafa9134dfa806343a1830a69d3025b668e6f38a8625"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 402}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_action_type` used but never assigned in __init__: Method `_generate_argparse_arguments` of class `ArgparseTranslator` reads `self._get_action_type`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75882, "scanner": "repobility-ast-engine", "fingerprint": "167f68560920ec74544e1e7793c4cae2b9dcec8c6dd3a4e48f1ce967a7fbb90c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|167f68560920ec74544e1e7793c4cae2b9dcec8c6dd3a4e48f1ce967a7fbb90c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 410}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_type_and_choices` used but never assigned in __init__: Method `_generate_argparse_arguments` of class `ArgparseTranslator` reads `self._get_type_and_choices`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75881, "scanner": "repobility-ast-engine", "fingerprint": "8541c39a508cf179b36b8d61c9f63629af04cf1b651bf8dd26bf6c3ce9b797b6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8541c39a508cf179b36b8d61c9f63629af04cf1b651bf8dd26bf6c3ce9b797b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 365}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_argument_custom_choices` used but never assigned in __init__: Method `_get_type_and_choices` of class `ArgparseTranslator` reads `self._get_argument_custom_choices`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75880, "scanner": "repobility-ast-engine", "fingerprint": "7755a4cb8f0c41ea0c4888f2fe7a4639e0a6ecc6818e3f4e3b0c926b84e302bc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7755a4cb8f0c41ea0c4888f2fe7a4639e0a6ecc6818e3f4e3b0c926b84e302bc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/argparse_translator.py"}, "region": {"startLine": 301}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_choices` used but never assigned in __init__: Method `_build_custom_groups` of class `ReferenceToArgumentsProcessor` reads `self._get_choices`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75879, "scanner": "repobility-ast-engine", "fingerprint": "3038f63750fcdce159c5e07162c134d413dbecaa6ccfd419cba3f29ffd693538", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3038f63750fcdce159c5e07162c134d413dbecaa6ccfd419cba3f29ffd693538"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/reference_processor.py"}, "region": {"startLine": 109}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._get_nargs` used but never assigned in __init__: Method `_build_custom_groups` of class `ReferenceToArgumentsProcessor` reads `self._get_nargs`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75878, "scanner": "repobility-ast-engine", "fingerprint": "dd6ad133b5ec93f279008d6b7a159d2ab15a78b22c82d66c7fa53cf253ff6f30", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dd6ad133b5ec93f279008d6b7a159d2ab15a78b22c82d66c7fa53cf253ff6f30"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/reference_processor.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._parse_type` used but never assigned in __init__: Method `_build_custom_groups` of class `ReferenceToArgumentsProcessor` reads `self._parse_type`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75877, "scanner": "repobility-ast-engine", "fingerprint": "4e5019289dc34a3826619ddbe07d84b862938f7283adf5f1d211eaa6a05386c6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4e5019289dc34a3826619ddbe07d84b862938f7283adf5f1d211eaa6a05386c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/reference_processor.py"}, "region": {"startLine": 97}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_print_goodbye: Test function `test_print_goodbye` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75875, "scanner": "repobility-ast-engine", "fingerprint": "99bf0d17610392dd4ba92bf46c356598fb16c4cd90f37a4f901dba77797b417b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|99bf0d17610392dd4ba92bf46c356598fb16c4cd90f37a4f901dba77797b417b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_utils.py"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_exit: Test function `test_call_exit` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75874, "scanner": "repobility-ast-engine", "fingerprint": "0645d45f0c29c16698a8b2751f3a8ef5d630b41159897b2d1a00d6c6ec06dbd2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0645d45f0c29c16698a8b2751f3a8ef5d630b41159897b2d1a00d6c6ec06dbd2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_base_controller.py"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_help: Test function `test_call_help` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75873, "scanner": "repobility-ast-engine", "fingerprint": "0c54614abc0f3b955a162bed8fa0d860f01a57597a548793bc72f821f24e850d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0c54614abc0f3b955a162bed8fa0d860f01a57597a548793bc72f821f24e850d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_base_controller.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_switch: Test function `test_switch` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75872, "scanner": "repobility-ast-engine", "fingerprint": "4ffca631cbf74b4bd4563b7c117b39160b8a6d849d84881736b9f7023944fd94", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4ffca631cbf74b4bd4563b7c117b39160b8a6d849d84881736b9f7023944fd94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_base_controller.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_path_validation: Test function `test_path_validation` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75871, "scanner": "repobility-ast-engine", "fingerprint": "55903ddd06e286b40e4f5a717002b0a673c2ac2551e0ee6f1e5a1de79537ef7e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|55903ddd06e286b40e4f5a717002b0a673c2ac2551e0ee6f1e5a1de79537ef7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_base_controller.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_n_rows_v2: Test function `test_call_n_rows_v2` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75870, "scanner": "repobility-ast-engine", "fingerprint": "7634b4ef47503820e6953061fb692b9cd72d0fb953bacc37b2683a9ae21f5cb1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7634b4ef47503820e6953061fb692b9cd72d0fb953bacc37b2683a9ae21f5cb1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 119}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_obbject_display_no_args: Test function `test_call_obbject_display_no_args` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75869, "scanner": "repobility-ast-engine", "fingerprint": "def746b3fd12d8936aafd5851c03f6fb76b67e306f1bcf34e47f4fcf38ace24d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|def746b3fd12d8936aafd5851c03f6fb76b67e306f1bcf34e47f4fcf38ace24d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 104}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_obbject_display: Test function `test_call_obbject_display` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75868, "scanner": "repobility-ast-engine", "fingerprint": "99228f1e1c8b775398aed1e8c7f8f5450de6f873a5fbaf9a1d52d47d5feb18e4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|99228f1e1c8b775398aed1e8c7f8f5450de6f873a5fbaf9a1d52d47d5feb18e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_flair_no_args: Test function `test_call_flair_no_args` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75867, "scanner": "repobility-ast-engine", "fingerprint": "ef37b16744dfab0a0f4823df73473423fa061fa72d0cdff5bb4501a7654a687b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ef37b16744dfab0a0f4823df73473423fa061fa72d0cdff5bb4501a7654a687b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_flair: Test function `test_call_flair` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75866, "scanner": "repobility-ast-engine", "fingerprint": "fccdf3732015071a45ec88aa581ebb11f64b097412490c82cd12caaa08b08d50", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fccdf3732015071a45ec88aa581ebb11f64b097412490c82cd12caaa08b08d50"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_console_style_no_args: Test function `test_call_console_style_no_args` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75865, "scanner": "repobility-ast-engine", "fingerprint": "bf7aed62e4f203b9c14a09725d652e387c4f476b3a2fbc0e5ebe3526cefc0e17", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bf7aed62e4f203b9c14a09725d652e387c4f476b3a2fbc0e5ebe3526cefc0e17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_console_style: Test function `test_call_console_style` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75864, "scanner": "repobility-ast-engine", "fingerprint": "dbedeb63ec5801263b99a7178c567a5c2ac6483cc9fe317c4aa52abd8b5c258d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dbedeb63ec5801263b99a7178c567a5c2ac6483cc9fe317c4aa52abd8b5c258d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_timezone: Test function `test_call_timezone` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75863, "scanner": "repobility-ast-engine", "fingerprint": "42bf878913c95ab84e0b66b4ea67efbac071999efe0cbd45d53c19fd72802df6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|42bf878913c95ab84e0b66b4ea67efbac071999efe0cbd45d53c19fd72802df6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_n_rows_no_args_provided: Test function `test_call_n_rows_no_args_provided` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75862, "scanner": "repobility-ast-engine", "fingerprint": "b2feff8ad8c1b2e730bf5a84c0a18396e623914f3e94a134e65606529f56fa9f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b2feff8ad8c1b2e730bf5a84c0a18396e623914f3e94a134e65606529f56fa9f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_n_rows: Test function `test_call_n_rows` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75861, "scanner": "repobility-ast-engine", "fingerprint": "7a73137e394a0a9bdaa93d2cdbb502b8cf4cbe05ff2803e4ec2c0f1f129ea304", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a73137e394a0a9bdaa93d2cdbb502b8cf4cbe05ff2803e4ec2c0f1f129ea304"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_call_interactive: Test function `test_call_interactive` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75860, "scanner": "repobility-ast-engine", "fingerprint": "6ca3ac9caf789cf9ce3d4d73e09c94fb5ad73a6d528a32475ece38d40dbf2bfb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6ca3ac9caf789cf9ce3d4d73e09c94fb5ad73a6d528a32475ece38d40dbf2bfb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_settings_controller.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_function: Test function `test_function` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75859, "scanner": "repobility-ast-engine", "fingerprint": "5e0e16e9673708874d46e17e397af2f67100c9d182bed569f4e2cbda862bf3e5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5e0e16e9673708874d46e17e397af2f67100c9d182bed569f4e2cbda862bf3e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_argparse_translator.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_function: Test function `test_function` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75858, "scanner": "repobility-ast-engine", "fingerprint": "cb7a46d6470774d83adef5f5f6cf0eedaa6d7b4e5eae65187211c39431f3d059", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cb7a46d6470774d83adef5f5f6cf0eedaa6d7b4e5eae65187211c39431f3d059"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_argparse_translator.py"}, "region": {"startLine": 137}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bootstrap_permission_error: Test function `test_bootstrap_permission_error` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75857, "scanner": "repobility-ast-engine", "fingerprint": "c75e67e30ea1202eef05eef87dcd904b573ffe7abc8756137be2a0527e749eef", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c75e67e30ea1202eef05eef87dcd904b573ffe7abc8756137be2a0527e749eef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_config_setup.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bootstrap_file_exists: Test function `test_bootstrap_file_exists` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75856, "scanner": "repobility-ast-engine", "fingerprint": "a79f2e2f8657849d7fc04666d9cab003d0f32d747c86d9f5269f55a1d45aaf72", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a79f2e2f8657849d7fc04666d9cab003d0f32d747c86d9f5269f55a1d45aaf72"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_config_setup.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bootstrap_directory_exists: Test function `test_bootstrap_directory_exists` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75855, "scanner": "repobility-ast-engine", "fingerprint": "814dc6b61a64e61c831cb1b5e75d5f47fdac71f10cc303cd16ff0d96310ac123", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|814dc6b61a64e61c831cb1b5e75d5f47fdac71f10cc303cd16ff0d96310ac123"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_config_setup.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_bootstrap_creates_directory_and_file: Test function `test_bootstrap_creates_directory_and_file` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75854, "scanner": "repobility-ast-engine", "fingerprint": "c9772089b2b3a91d847b4fe51ca4b2784193e3279a905766bd668acf2a8c3f76", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c9772089b2b3a91d847b4fe51ca4b2784193e3279a905766bd668acf2a8c3f76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_config_setup.py"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_execute_openbb_routine_with_mocked_requests: Test function `test_execute_openbb_routine_with_mocked_requests` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75853, "scanner": "repobility-ast-engine", "fingerprint": "c5bc3ca7d56c1f511e66e8f7ffd3d2da5c6a197d8df5b238a64e0773654e4f12", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c5bc3ca7d56c1f511e66e8f7ffd3d2da5c6a197d8df5b238a64e0773654e4f12"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_cli_controller.py"}, "region": {"startLine": 73}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_run_cli_quit_command: Test function `test_run_cli_quit_command` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75852, "scanner": "repobility-ast-engine", "fingerprint": "5973634a3f6f724a91d57c3008954c0bb47c01e7cde3b7a87ff3e44670be204e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5973634a3f6f724a91d57c3008954c0bb47c01e7cde3b7a87ff3e44670be204e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_cli_controller.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "[MINED106] Phantom test coverage: test_cli_controller_print_help: Test function `test_cli_controller_print_help` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"repobilityId": 75851, "scanner": "repobility-ast-engine", "fingerprint": "afb048d7328bba72adcc8b50d83ef621256d27277e9404589b79c95e67095f67", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|afb048d7328bba72adcc8b50d83ef621256d27277e9404589b79c95e67095f67"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/tests/test_controllers_cli_controller.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.obbject_registry` used but never assigned in __init__: Method `max_obbjects_exceeded` of class `Session` reads `self.obbject_registry`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75849, "scanner": "repobility-ast-engine", "fingerprint": "90bf138b6e39d4e432298bd172ade9e62ea42c2f3a2bfa2e6f23b58b31c2ad15", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|90bf138b6e39d4e432298bd172ade9e62ea42c2f3a2bfa2e6f23b58b31c2ad15"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/session.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.settings` used but never assigned in __init__: Method `max_obbjects_exceeded` of class `Session` reads `self.settings`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 75848, "scanner": "repobility-ast-engine", "fingerprint": "d918b3a3e69d4f4d8367a59cc29a7f75bbe6b1591825a45b3d1ede1fab37858b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d918b3a3e69d4f4d8367a59cc29a7f75bbe6b1591825a45b3d1ede1fab37858b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/session.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "JRN009", "level": "error", "message": {"text": "Secret-like setting is echoed into a password input value"}, "properties": {"repobilityId": 75846, "scanner": "repobility-journey-contract", "fingerprint": "7cec5a3209491b4d4ff5ffc5a9227af1a2b51e4262121347cb3c3b7da02f59d4", "category": "auth", "severity": "high", "confidence": 0.83, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "A password or secret-named input is populated from a secret-like variable instead of a masked placeholder.", "evidence": {"rule_id": "JRN009", "scanner": "repobility-journey-contract", "references": ["https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html"], "correlation_key": "code|auth|token|450|jrn009"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/routes/backends.tsx"}, "region": {"startLine": 450}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 75813, "scanner": "repobility-threat-engine", "fingerprint": "a951e791b8656402cbd9dd4d5f49531b68e940266a3bb0f39a457f20d51680b8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@router.post(\n \"/fomc_documents_download\",\n include_in_schema=False,\n openapi_extra={},\n)\na", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a951e791b8656402cbd9dd4d5f49531b68e940266a3bb0f39a457f20d51680b8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/federal_reserve/openbb_federal_reserve/router.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 75812, "scanner": "repobility-threat-engine", "fingerprint": "6587415366ee215ee84d8e5a91db706b45e26c0bfdb739255d3980c46c084f3c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6587415366ee215ee84d8e5a91db706b45e26c0bfdb739255d3980c46c084f3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/ecb/openbb_ecb/utils/ecb_helpers.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 75804, "scanner": "repobility-threat-engine", "fingerprint": "13a65a631672d82b7748d6edca6509ae5d888e908c3bf60e422c25f400bf024a", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(\n s", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|13a65a631672d82b7748d6edca6509ae5d888e908c3bf60e422c25f400bf024a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/cboe/openbb_cboe/models/index_historical.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 75803, "scanner": "repobility-threat-engine", "fingerprint": "5dd1f632547c5e29f7cc9fa6ce1941ad6fc27eb38a9b253d3944349b77fe60f0", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(\n s", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5dd1f632547c5e29f7cc9fa6ce1941ad6fc27eb38a9b253d3944349b77fe60f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/cboe/openbb_cboe/models/equity_historical.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 75802, "scanner": "repobility-threat-engine", "fingerprint": "4664a29945f563de6a7a009d88259b0f584a95cc469c08be71229ca4f5d6bc2a", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "urllib.request.urlopen(r", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|4664a29945f563de6a7a009d88259b0f584a95cc469c08be71229ca4f5d6bc2a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/utils/update_exchange_data.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 75800, "scanner": "repobility-threat-engine", "fingerprint": "4dd8b85b8afe050dcf13e34a6ab321a7d39c96e2f426983c80dd346115603f5a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4dd8b85b8afe050dcf13e34a6ab321a7d39c96e2f426983c80dd346115603f5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/calendar_dividend.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 75799, "scanner": "repobility-threat-engine", "fingerprint": "8bbfbb70f67a872655d65958f6c0ff9f8f29c637b14498240df0bdd071ec1f4a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8bbfbb70f67a872655d65958f6c0ff9f8f29c637b14498240df0bdd071ec1f4a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/bond_trades.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 75798, "scanner": "repobility-threat-engine", "fingerprint": "0e8c019b445e78b78d21fb4cd427c932d908db1dd43500b57f40405c35d64608", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0e8c019b445e78b78d21fb4cd427c932d908db1dd43500b57f40405c35d64608"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/standard_models/bond_prices.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "SEC085", "level": "error", "message": {"text": "[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0)."}, "properties": {"repobilityId": 75792, "scanner": "repobility-threat-engine", "fingerprint": "5ec644dda47e3e3dcc1ca5cfb2597a386f9c792e7615fd83048b2ef0d827f36f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "exec(log", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC085", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5ec644dda47e3e3dcc1ca5cfb2597a386f9c792e7615fd83048b2ef0d827f36f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/BackendLogsPage.tsx"}, "region": {"startLine": 41}}}]}, {"ruleId": "SEC083", "level": "error", "message": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp() \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "properties": {"repobilityId": 75791, "scanner": "repobility-threat-engine", "fingerprint": "315ffdf8d62cb2ed4bd3a54bab91f2239b7da0cc791c99c81d460531e233f4ff", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new RegExp(\n searchTerm", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC083", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|315ffdf8d62cb2ed4bd3a54bab91f2239b7da0cc791c99c81d460531e233f4ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src/components/BackendLogsPage.tsx"}, "region": {"startLine": 34}}}]}, {"ruleId": "MINED003", "level": "error", "message": {"text": "[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere."}, "properties": {"repobilityId": 75778, "scanner": "repobility-threat-engine", "fingerprint": "88d8d6ab89d180ecd0558b312d2e0287de92f878f4bb827f414984cae1ec37a1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "rust-unwrap-in-prod", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["rust"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347903+00:00", "triaged_in_corpus": 15, "observations_count": 386515, "ai_coder_pattern_id": 111}, "scanner": "repobility-threat-engine", "correlation_key": "fp|88d8d6ab89d180ecd0558b312d2e0287de92f878f4bb827f414984cae1ec37a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "desktop/src-tauri/build.rs"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 75775, "scanner": "repobility-threat-engine", "fingerprint": "f60107e5e8ec81ae143b18f77cd739f49f51dcd897b23d67b9f68cd6d7b0a156", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f60107e5e8ec81ae143b18f77cd739f49f51dcd897b23d67b9f68cd6d7b0a156"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/sec/openbb_sec/utils/parse_13f.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 75774, "scanner": "repobility-threat-engine", "fingerprint": "77b1459f52db5c4919f9f37113e779051cbea748078456eab06479c435ed415b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|77b1459f52db5c4919f9f37113e779051cbea748078456eab06479c435ed415b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/platform_api/openbb_platform_api/response_models.py"}, "region": {"startLine": 274}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 75773, "scanner": "repobility-threat-engine", "fingerprint": "144beac9880efa703ab7328dd83f953d5870130d5a1cd0a262fd973b29288acd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|144beac9880efa703ab7328dd83f953d5870130d5a1cd0a262fd973b29288acd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cookiecutter/openbb_cookiecutter/template/hooks/post_gen_project.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 75770, "scanner": "repobility-threat-engine", "fingerprint": "31a28185aa3b6caa03fdb78ae22e72d2366dd945fe9922d50148bc275a2251f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "additional.update(env_credentials)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|31a28185aa3b6caa03fdb78ae22e72d2366dd945fe9922d50148bc275a2251f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/app/model/credentials.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 75769, "scanner": "repobility-threat-engine", "fingerprint": "bf6cc955f484fcf7a62e8e0f63b111b953c0d6713021481717d6b6d8f571ce44", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "extra_context.update(context)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|bf6cc955f484fcf7a62e8e0f63b111b953c0d6713021481717d6b6d8f571ce44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cookiecutter/openbb_cookiecutter/cli.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 75768, "scanner": "repobility-threat-engine", "fingerprint": "41dc41e46dbbbd023a40538e47cf7ca4f85a3de2a0e7e598f00836f2441d5fdc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "settings.update(values)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|41dc41e46dbbbd023a40538e47cf7ca4f85a3de2a0e7e598f00836f2441d5fdc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/models/settings.py"}, "region": {"startLine": 194}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 75753, "scanner": "repobility-threat-engine", "fingerprint": "180d278048015bb1fed001dc21586fb7e54cc1e9c5d5ad869b266ef512d6fcf2", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search(r\"^(.+?\\.)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|31|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/extensions/mcp_server/openbb_mcp_server/models/category_index.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 75752, "scanner": "repobility-threat-engine", "fingerprint": "1b8f456f3ca78ee0726c9e0efc956c2ffd6f100e05a781027354688a362edd33", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search(r\"Optional\\[(\\w+)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|33|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/argparse_translator/reference_processor.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 75751, "scanner": "repobility-threat-engine", "fingerprint": "d995a5fdffff6013a499292581fa5f9d6d74b8748a2720d7321db23f884a624a", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search(r\"\\(#(\\d+)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|. token|23|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/scripts/process_changelog.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `stat` used but not imported: The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 75929, "scanner": "repobility-ast-engine", "fingerprint": "b0816d51fb8c5407b0e383fcdb1d4532a07ff21446d982c5f5fec6cefc3c28cf", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b0816d51fb8c5407b0e383fcdb1d4532a07ff21446d982c5f5fec6cefc3c28cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/provider/utils/options_chains_properties.py"}, "region": {"startLine": 328}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `array` used but not imported: The file uses `array.something(...)` but never imports `array`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 75928, "scanner": "repobility-ast-engine", "fingerprint": "a181631ac5592eb15cf01f281ce772eb7e7780bc8c0e2d721b04b6df1ddd27e2", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a181631ac5592eb15cf01f281ce772eb7e7780bc8c0e2d721b04b6df1ddd27e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/core/openbb_core/app/utils.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 75926, "scanner": "repobility-ast-engine", "fingerprint": "98c8c001406762ccda87fd45284198482e7854893e9f64dae7c3172cb07e0e5a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|98c8c001406762ccda87fd45284198482e7854893e9f64dae7c3172cb07e0e5a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "openbb_platform/providers/sec/openbb_sec/models/sec_filing.py"}, "region": {"startLine": 516}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 75907, "scanner": "repobility-ast-engine", "fingerprint": "849c89f95264ee68d3e4500620124e0b5dcc36113b28b61d2a2e8595a505c8a6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|849c89f95264ee68d3e4500620124e0b5dcc36113b28b61d2a2e8595a505c8a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "assets/scripts/generate_extension_data.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `string` used but not imported: The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 75906, "scanner": "repobility-ast-engine", "fingerprint": "bc3bf7a82159a4adcaacfdba423d2e7908efe8e8e4c2727bcaacb4417858f91c", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bc3bf7a82159a4adcaacfdba423d2e7908efe8e8e4c2727bcaacb4417858f91c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cli/openbb_cli/config/completer.py"}, "region": {"startLine": 406}}}]}]}]}