{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "GHSA-qx2v-qp2m-jg93", "name": "postcss: GHSA-qx2v-qp2m-jg93", "shortDescription": {"text": "postcss: GHSA-qx2v-qp2m-jg93"}, "fullDescription": {"text": "PostCSS has XSS via Unescaped </style> in its CSS Stringify Output"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-7fh5-64p2-3v2j", "name": "postcss: GHSA-7fh5-64p2-3v2j", "shortDescription": {"text": "postcss: GHSA-7fh5-64p2-3v2j"}, "fullDescription": {"text": "PostCSS line return parsing error"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-566m-qj78-rww5", "name": "postcss: GHSA-566m-qj78-rww5", "shortDescription": {"text": "postcss: GHSA-566m-qj78-rww5"}, "fullDescription": {"text": "Regular Expression Denial of Service in postcss"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "SEC123", "name": "[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environme", "shortDescription": {"text": "[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals \u2014 sometimes triggers RCE (Django debug page with arbitrary template eval)."}, "fullDescription": {"text": "Set DEBUG=False / APP_DEBUG=false in production. Provide a generic 500 handler that logs to backend but returns a sanitized page to clients."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT007", "name": "localStorage write failures are swallowed silently", "shortDescription": {"text": "localStorage write failures are swallowed silently"}, "fullDescription": {"text": "localStorage quotas are small and writes can fail. Catching storage errors without a user-visible warning causes silent data loss when notes, images, or snapshots exceed quota."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "DEPCUR-NPM", "name": "npm package `postcss` is 1 major version(s) behind (7.0.39 -> 8.5.15)", "shortDescription": {"text": "npm package `postcss` is 1 major version(s) behind (7.0.39 -> 8.5.15)"}, "fullDescription": {"text": "`postcss` is pinned/resolved at 7.0.39 but the latest stable release on the npm registry is 8.5.15 (1 major version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise."}, "properties": {"scanner": "repobility-dependency-currency", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `knapsack` has cognitive complexity 10 (SonarSource scale). Cognitive comp", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `knapsack` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 10."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED069", "name": "[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files.", "shortDescription": {"text": "[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-489 / A05:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED046", "name": "[MINED046] Dart Print (and 7 more): Same pattern found in 7 additional files. Review if needed.", "shortDescription": {"text": "[MINED046] Dart Print (and 7 more): Same pattern found in 7 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED049", "name": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.", "shortDescription": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequen", "shortDescription": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED080", "name": "[MINED080] Cpp Using Namespace Std (and 48 more): Same pattern found in 48 additional files. Review if needed.", "shortDescription": {"text": "[MINED080] Cpp Using Namespace Std (and 48 more): Same pattern found in 48 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod (and 142 more): Same pattern found in 142 additional files. Review if needed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod (and 142 more): Same pattern found in 142 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC083", "name": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported fr", "shortDescription": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "fullDescription": {"text": "Use a literal RegExp or whitelist-validate user input before constructing patterns."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED017", "name": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic.", "shortDescription": {"text": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, ra"}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/setup-node` pinned to mutable ref `@v4`", "shortDescription": {"text": "Action `actions/setup-node` pinned to mutable ref `@v4`"}, "fullDescription": {"text": "`uses: actions/setup-node@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.buttonclick` used but never assigned in __init__", "shortDescription": {"text": "`self.buttonclick` used but never assigned in __init__"}, "fullDescription": {"text": "Method `make_button` of class `startmenu` reads `self.buttonclick`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf.", "shortDescription": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1366"}, "properties": {"repository": "fineanmol/hacktoberfest", "repoUrl": "https://github.com/fineanmol/hacktoberfest", "branch": "master"}, "results": [{"ruleId": "GHSA-qx2v-qp2m-jg93", "level": "warning", "message": {"text": "postcss: GHSA-qx2v-qp2m-jg93"}, "properties": {"repobilityId": 139741, "scanner": "osv-scanner", "fingerprint": "bd0487e4b4923458c8898cfd0db56136521482369f112ea917e73f2501af4da3", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-41305"], "package": "postcss", "rule_id": "GHSA-qx2v-qp2m-jg93", "scanner": "osv-scanner", "correlation_key": "vuln|postcss|CVE-2026-41305|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-7fh5-64p2-3v2j", "level": "warning", "message": {"text": "postcss: GHSA-7fh5-64p2-3v2j"}, "properties": {"repobilityId": 139740, "scanner": "osv-scanner", "fingerprint": "9d2e21e8590b7aec72479f899a3b88fe220c3fe681cff6d792ba0d76e581455b", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2023-44270"], "package": "postcss", "rule_id": "GHSA-7fh5-64p2-3v2j", "scanner": "osv-scanner", "correlation_key": "vuln|postcss|CVE-2023-44270|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-566m-qj78-rww5", "level": "warning", "message": {"text": "postcss: GHSA-566m-qj78-rww5"}, "properties": {"repobilityId": 139739, "scanner": "osv-scanner", "fingerprint": "bc1fda0cf88450ba303f46d4ad5d081fa37ba9fa955e27c81c6b053beec25181", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2021-23382"], "package": "postcss", "rule_id": "GHSA-566m-qj78-rww5", "scanner": "osv-scanner", "correlation_key": "vuln|postcss|CVE-2021-23382|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC123", "level": "warning", "message": {"text": "[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals \u2014 sometimes triggers RCE (Django debug page with arbitrary template eval)."}, "properties": {"repobilityId": 139736, "scanner": "repobility-threat-engine", "fingerprint": "9bdf19b5dfe20d5a5c00a3adf0a1fb55fd5e7b402cf654f202bf1be8ddd6e0c7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "debug=True", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC123", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9bdf19b5dfe20d5a5c00a3adf0a1fb55fd5e7b402cf654f202bf1be8ddd6e0c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/simplewebserver.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "AGT007", "level": "warning", "message": {"text": "localStorage write failures are swallowed silently"}, "properties": {"repobilityId": 139712, "scanner": "repobility-agent-runtime", "fingerprint": "739e48ec2281b9d8797554f450a733a927ae80fefb9befe0d6c3090c75e46014", "category": "quality", "severity": "medium", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File writes to localStorage and has an empty or ignore-only catch block without QuotaExceededError handling.", "evidence": {"rule_id": "AGT007", "scanner": "repobility-agent-runtime", "references": ["https://developer.mozilla.org/en-US/docs/Web/API/Web_Storage_API"], "correlation_key": "fp|739e48ec2281b9d8797554f450a733a927ae80fefb9befe0d6c3090c75e46014"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/src/App.tsx"}, "region": {"startLine": 202}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `postcss` is 1 major version(s) behind (7.0.39 -> 8.5.15)"}, "properties": {"repobilityId": 139711, "scanner": "repobility-dependency-currency", "fingerprint": "a331da7322e832a6cb68a6597548a8bd572ee874480c31b6c1534f84ce0f4dd0", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "1 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "postcss", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "8.5.15", "correlation_key": "fp|a331da7322e832a6cb68a6597548a8bd572ee874480c31b6c1534f84ce0f4dd0", "current_version": "7.0.39"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `globals` is 3 major version(s) behind (14.0.0 -> 17.6.0)"}, "properties": {"repobilityId": 139710, "scanner": "repobility-dependency-currency", "fingerprint": "11ff9aab269f08dbdae027d9944fd957ced00565f4b509223b39cd1507b8b952", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "3 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "globals", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "17.6.0", "correlation_key": "fp|11ff9aab269f08dbdae027d9944fd957ced00565f4b509223b39cd1507b8b952", "current_version": "14.0.0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `autoprefixer` is 1 major version(s) behind (9.8.8 -> 10.5.0)"}, "properties": {"repobilityId": 139708, "scanner": "repobility-dependency-currency", "fingerprint": "d29e2adff52fc174c8b77aec1dfcd8e91e170bb37a019bfc149a714902116ac8", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "1 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "autoprefixer", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "10.5.0", "correlation_key": "fp|d29e2adff52fc174c8b77aec1dfcd8e91e170bb37a019bfc149a714902116ac8", "current_version": "9.8.8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `@vitejs/plugin-react` is 1 major version(s) behind (5.2.0 -> 6.0.2)"}, "properties": {"repobilityId": 139707, "scanner": "repobility-dependency-currency", "fingerprint": "b8e1fe22b5b6768a9387a9c0d25c13e2256334889593073e771d79c799b48fbf", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "1 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "@vitejs/plugin-react", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "6.0.2", "correlation_key": "fp|b8e1fe22b5b6768a9387a9c0d25c13e2256334889593073e771d79c799b48fbf", "current_version": "5.2.0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "warning", "message": {"text": "npm package `@eslint/js` is 1 major version(s) behind (9.39.4 -> 10.0.1)"}, "properties": {"repobilityId": 139706, "scanner": "repobility-dependency-currency", "fingerprint": "30ebeed2fcd8a1497089663e2d4ae28bc6110eee1a0613ba7f96629b0dbc107c", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "1 major version(s) behind", "signal": "currency", "cwe_ids": [], "package": "@eslint/js", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "10.0.1", "correlation_key": "fp|30ebeed2fcd8a1497089663e2d4ae28bc6110eee1a0613ba7f96629b0dbc107c", "current_version": "9.39.4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `knapsack` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=1, for=3, if=2, nested_bonus=4."}, "properties": {"repobilityId": 139717, "scanner": "repobility-threat-engine", "fingerprint": "dcf48861d379e651bf26355eaef4a8b9cdad5f02f38183350f9e2c5ba9654e33", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "knapsack", "breakdown": {"if": 2, "for": 3, "else": 1, "nested_bonus": 4}, "complexity": 10, "correlation_key": "fp|dcf48861d379e651bf26355eaef4a8b9cdad5f02f38183350f9e2c5ba9654e33"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/0-1_knapsack_using_DP.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "DEPCUR-NPM", "level": "note", "message": {"text": "npm package `eslint-plugin-react-refresh` is minor version(s) behind (0.4.26 -> 0.5.2)"}, "properties": {"repobilityId": 139709, "scanner": "repobility-dependency-currency", "fingerprint": "79cad8d76f8af8c787b89b8ff86b1ea293997c558e07acd39e5b3bad2a6536ce", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "eslint-plugin-react-refresh", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "0.5.2", "correlation_key": "fp|79cad8d76f8af8c787b89b8ff86b1ea293997c558e07acd39e5b3bad2a6536ce", "current_version": "0.4.26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hacktoberfest-react/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 139672, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3f8a9a67e04a95bb57c2a2295aeaf562c4a900fae3b1bf48bbf0e8090a6d8155", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "scripts/JavaScript Script Files/hello_world_anmol_agarwal.js", "duplicate_line": 1, "correlation_key": "fp|3f8a9a67e04a95bb57c2a2295aeaf562c4a900fae3b1bf48bbf0e8090a6d8155"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/hello_world_saadaan_hassan.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 139671, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d34451b9852f87c7fcc17e798e880d4585c095679ecfb959a6e53f1948ba1db5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "scripts/Python Scripts/password checker.py", "duplicate_line": 1, "correlation_key": "fp|d34451b9852f87c7fcc17e798e880d4585c095679ecfb959a6e53f1948ba1db5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Python Scripts/password_checker.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 139670, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c1ae7df5a9698837b892f04b3f7c4934871f3a7db4802623afd5a2fb511bf5e7", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "scripts/C Scripts/Factorial_atmozki.c", "duplicate_line": 1, "correlation_key": "fp|c1ae7df5a9698837b892f04b3f7c4934871f3a7db4802623afd5a2fb511bf5e7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/C Scripts/fact_Vedant.c"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED069", "level": "none", "message": {"text": "[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files."}, "properties": {"repobilityId": 139737, "scanner": "repobility-threat-engine", "fingerprint": "66eff4390e9606eb97578d34821d33d28a96c57e6dd8009343045b37bce191b8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "debug-true-prod", "owasp": "A05:2021", "cwe_ids": ["CWE-489"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348063+00:00", "triaged_in_corpus": 12, "observations_count": 37393, "ai_coder_pattern_id": 17}, "scanner": "repobility-threat-engine", "correlation_key": "fp|66eff4390e9606eb97578d34821d33d28a96c57e6dd8009343045b37bce191b8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/simplewebserver.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print (and 7 more): Same pattern found in 7 additional files. Review if needed."}, "properties": {"repobilityId": 139734, "scanner": "repobility-threat-engine", "fingerprint": "0f6d21152e8867ad36158d2a9b9d798a67e736ebd294c6ed30b16f6faae67e67", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 7 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|0f6d21152e8867ad36158d2a9b9d798a67e736ebd294c6ed30b16f6faae67e67", "aggregated_count": 7}}}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "properties": {"repobilityId": 139733, "scanner": "repobility-threat-engine", "fingerprint": "9b2ff0a174bb9786211d77b4fa160baf0f504999353c083067401fc2c1c138be", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9b2ff0a174bb9786211d77b4fa160baf0f504999353c083067401fc2c1c138be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/hello_world_MufcVarun11.dart"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "properties": {"repobilityId": 139732, "scanner": "repobility-threat-engine", "fingerprint": "0414b4be1fc503e5985d538c66eb6aa0b134328746cfe3443b49af2c97e7d4bd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0414b4be1fc503e5985d538c66eb6aa0b134328746cfe3443b49af2c97e7d4bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/hello_world_Justsah1l.dart"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "properties": {"repobilityId": 139731, "scanner": "repobility-threat-engine", "fingerprint": "e895395945a9067b6db46b2ade8b703cd199b4ed745885181ab229cbc6a82ebd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e895395945a9067b6db46b2ade8b703cd199b4ed745885181ab229cbc6a82ebd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/hello_world.dart"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 139729, "scanner": "repobility-threat-engine", "fingerprint": "51bde3aa26c9217c9e9857e19cba7c05ad1fd9a2f8c024bb018e55c9c1886dc5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|51bde3aa26c9217c9e9857e19cba7c05ad1fd9a2f8c024bb018e55c9c1886dc5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Python Scripts/password_checker.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 139728, "scanner": "repobility-threat-engine", "fingerprint": "c082be7b8f2c70bd436d34aca8f7085668c6e9b7efaf083056e5f19b34c55dd7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|c082be7b8f2c70bd436d34aca8f7085668c6e9b7efaf083056e5f19b34c55dd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Python Scripts/password checker.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 139727, "scanner": "repobility-threat-engine", "fingerprint": "7295e3e23bfe29eaa6dc9019db74ca91439c18e7a4b60e34d97f57b33cd38048", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "print(\"Valid Password\")", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|scripts/python scripts/password_checker.py|2|print valid password"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Python Scripts/password_checker.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 139726, "scanner": "repobility-threat-engine", "fingerprint": "12f58697985ccd96ccc3271670c253b546cd820738dfd9dba059fe8a88ff43c8", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "print(\"Valid Password\")", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|scripts/python scripts/password checker.py|2|print valid password"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Python Scripts/password checker.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 139725, "scanner": "repobility-threat-engine", "fingerprint": "65ab9d70b0f5b16c2f67c855a16f7eae8fbc633b695e4aef2943bf61563f70eb", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|65ab9d70b0f5b16c2f67c855a16f7eae8fbc633b695e4aef2943bf61563f70eb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/unmessy_folder.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 139724, "scanner": "repobility-threat-engine", "fingerprint": "f3c73536263864a280bfd6644612ef91d1c9fae466bd6360c74dc217712d133a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f3c73536263864a280bfd6644612ef91d1c9fae466bd6360c74dc217712d133a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Python Scripts/hello_world_utkarsh_goyal.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 139723, "scanner": "repobility-threat-engine", "fingerprint": "61dc35adcdaf582b9955c68a1874c4b1139d6580abf8e2ba506836e0de72fb8e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|61dc35adcdaf582b9955c68a1874c4b1139d6580abf8e2ba506836e0de72fb8e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/BstInsertSearch.cpp"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std (and 48 more): Same pattern found in 48 additional files. Review if needed."}, "properties": {"repobilityId": 139721, "scanner": "repobility-threat-engine", "fingerprint": "4f31e4a4a9a1550b185fcc17a7e08bb6dc35421819af4d28d3d3b6149fb5ca02", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 48 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|4f31e4a4a9a1550b185fcc17a7e08bb6dc35421819af4d28d3d3b6149fb5ca02", "aggregated_count": 48}}}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 139720, "scanner": "repobility-threat-engine", "fingerprint": "ae4efa30390da823827e46f05bf942868ca486e189b62d96533c26c5164a3aa0", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ae4efa30390da823827e46f05bf942868ca486e189b62d96533c26c5164a3aa0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/C++/hello_world_GHemanth.cpp"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 139719, "scanner": "repobility-threat-engine", "fingerprint": "2ab929ae280e88c4d96643421fdbb7b76b770556221b9e120667e78eb1dbaada", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2ab929ae280e88c4d96643421fdbb7b76b770556221b9e120667e78eb1dbaada"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Banking_SushantKhadka.cpp"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 139718, "scanner": "repobility-threat-engine", "fingerprint": "9cd8b355270900c51e5dc59e8dad3687b62b93abc78f4eb33406c34e8e195758", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9cd8b355270900c51e5dc59e8dad3687b62b93abc78f4eb33406c34e8e195758"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/AbhishekDwibedy.cpp"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod (and 142 more): Same pattern found in 142 additional files. Review if needed."}, "properties": {"repobilityId": 139716, "scanner": "repobility-threat-engine", "fingerprint": "1d27ad4daebe9f47ba6c0188b150578307d79a1c29147394078c27060f57542f", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 142 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|1d27ad4daebe9f47ba6c0188b150578307d79a1c29147394078c27060f57542f", "aggregated_count": 142}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 139715, "scanner": "repobility-threat-engine", "fingerprint": "930d3a9ffeff7cac4e76a502ec3cd61ddd802e9dab4d4b9ce4b5acf9174a0267", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|930d3a9ffeff7cac4e76a502ec3cd61ddd802e9dab4d4b9ce4b5acf9174a0267"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Hello_World_Revati.js"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 139714, "scanner": "repobility-threat-engine", "fingerprint": "f95ac659fed7fd4f76cc986addcc95ba1956a47ff47f83417c8ba4855b5f6894", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f95ac659fed7fd4f76cc986addcc95ba1956a47ff47f83417c8ba4855b5f6894"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Hello_World_Astitwa.js"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 139713, "scanner": "repobility-threat-engine", "fingerprint": "359e975070cacd98f85abed93a7ff8290d7a2c316cead494c4b176775469db03", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|359e975070cacd98f85abed93a7ff8290d7a2c316cead494c4b176775469db03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "profiles/viv_nic.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC083", "level": "error", "message": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "properties": {"repobilityId": 139738, "scanner": "repobility-threat-engine", "fingerprint": "13f04e3d35737211ebbf2fe5c6c00d6c7e9793a2e16010263217820aa1e4dc28", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new RegExp(k", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC083", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|13f04e3d35737211ebbf2fe5c6c00d6c7e9793a2e16010263217820aa1e4dc28"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "tools/validate-scripts.js"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED017", "level": "error", "message": {"text": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic."}, "properties": {"repobilityId": 139735, "scanner": "repobility-threat-engine", "fingerprint": "e77c40f6713902799a9cacaa3ae300da27d7166268a281f75d6e459a51a0604f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-system-call", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347937+00:00", "triaged_in_corpus": 15, "observations_count": 77748, "ai_coder_pattern_id": 132}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e77c40f6713902799a9cacaa3ae300da27d7166268a281f75d6e459a51a0604f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/hello_world_suryanshsingh2001.cpp"}, "region": {"startLine": 15}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 139730, "scanner": "repobility-threat-engine", "fingerprint": "e33c0ae15bd46d7dc8562893969c373863b1c8e30cefb79529b759ab96234cdb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pygame.display.update()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e33c0ae15bd46d7dc8562893969c373863b1c8e30cefb79529b759ab96234cdb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/hello.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 139705, "scanner": "repobility-supply-chain", "fingerprint": "d1b7ac5cc176777a10c5abe5ff25f154b2983105d6e37ad319f676647e009ab3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d1b7ac5cc176777a10c5abe5ff25f154b2983105d6e37ad319f676647e009ab3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/validate-scripts.yml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 139704, "scanner": "repobility-supply-chain", "fingerprint": "b98335b64151887c2277e4509b7e8da0296c7cfdfc04ce17e3b0e59155243d1d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b98335b64151887c2277e4509b7e8da0296c7cfdfc04ce17e3b0e59155243d1d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/validate-scripts.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/github-script` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 139703, "scanner": "repobility-supply-chain", "fingerprint": "a7b2fc58e32d67771b81cc8ec5fe24317bd4af0bfd0a18b4b13bb318dbc90e0d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a7b2fc58e32d67771b81cc8ec5fe24317bd4af0bfd0a18b4b13bb318dbc90e0d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/auto-comment.yml"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/github-script` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 139702, "scanner": "repobility-supply-chain", "fingerprint": "5b8a10354a6e33610520f42a862244ca4edc022a375b82bda623f388cae17452", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5b8a10354a6e33610520f42a862244ca4edc022a375b82bda623f388cae17452"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/auto-comment.yml"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/deploy-pages` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 139701, "scanner": "repobility-supply-chain", "fingerprint": "f07ae6d178460ea65b9d7ee8871a94e41ce15105d21b8b59eb96e4a9a1e0ef93", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f07ae6d178460ea65b9d7ee8871a94e41ce15105d21b8b59eb96e4a9a1e0ef93"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-pages-artifact` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 139700, "scanner": "repobility-supply-chain", "fingerprint": "0a2f96a01fc983d8d09c3cd61b1327c71eb49e7114b1ff8175cb642ccc192c34", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0a2f96a01fc983d8d09c3cd61b1327c71eb49e7114b1ff8175cb642ccc192c34"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 139699, "scanner": "repobility-supply-chain", "fingerprint": "30516f655955344fedb6d261b4d3b5ea2a458fe011d60e0c8df533b7b796508f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|30516f655955344fedb6d261b4d3b5ea2a458fe011d60e0c8df533b7b796508f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 139698, "scanner": "repobility-supply-chain", "fingerprint": "fccb987229971adf4ef0cddc2c8f2e3b96ee3697abbedeaeaf85fc24d554b666", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fccb987229971adf4ef0cddc2c8f2e3b96ee3697abbedeaeaf85fc24d554b666"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/deploy.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.buttonclick` used but never assigned in __init__"}, "properties": {"repobilityId": 139697, "scanner": "repobility-ast-engine", "fingerprint": "b3a3ee1c0ca9a2b7ab8c95d8f9c230e658c81a77e5f9ffc61bb880f4486a744e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b3a3ee1c0ca9a2b7ab8c95d8f9c230e658c81a77e5f9ffc61bb880f4486a744e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 269}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.hover` used but never assigned in __init__"}, "properties": {"repobilityId": 139696, "scanner": "repobility-ast-engine", "fingerprint": "da43d4e4a2d1e0c99fd30e882beb910e4f483ca5a8c92ddfa4f3e40c9e09fa44", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|da43d4e4a2d1e0c99fd30e882beb910e4f483ca5a8c92ddfa4f3e40c9e09fa44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 268}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.reset` used but never assigned in __init__"}, "properties": {"repobilityId": 139695, "scanner": "repobility-ast-engine", "fingerprint": "bf3e3ca3bdd834257db48a16c949e01ff544c90936ec104df02e459c71e5f84b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bf3e3ca3bdd834257db48a16c949e01ff544c90936ec104df02e459c71e5f84b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 206}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.reset` used but never assigned in __init__"}, "properties": {"repobilityId": 139694, "scanner": "repobility-ast-engine", "fingerprint": "8ded572eb66813d2a00cd00bdafb94b18c7b65b4895175262c9072f66892ae4f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8ded572eb66813d2a00cd00bdafb94b18c7b65b4895175262c9072f66892ae4f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 201}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.reset` used but never assigned in __init__"}, "properties": {"repobilityId": 139693, "scanner": "repobility-ast-engine", "fingerprint": "062651ad3246d2d7ffd44334bc30e89ac3791ae00636297f4eebd0cd108f03b9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|062651ad3246d2d7ffd44334bc30e89ac3791ae00636297f4eebd0cd108f03b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 196}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.reset` used but never assigned in __init__"}, "properties": {"repobilityId": 139692, "scanner": "repobility-ast-engine", "fingerprint": "94277c381bc0cf20bd60c8c4a44b4e307cdff79b5d98f1d6271559c4ddd20a7f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|94277c381bc0cf20bd60c8c4a44b4e307cdff79b5d98f1d6271559c4ddd20a7f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.down` used but never assigned in __init__"}, "properties": {"repobilityId": 139691, "scanner": "repobility-ast-engine", "fingerprint": "2003b4b3d3d80106d687a2c3a0f6b8d126b7068c31b8a0a72f5af566b3e4d048", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2003b4b3d3d80106d687a2c3a0f6b8d126b7068c31b8a0a72f5af566b3e4d048"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 208}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.up` used but never assigned in __init__"}, "properties": {"repobilityId": 139690, "scanner": "repobility-ast-engine", "fingerprint": "5c7f4c65db5908eb090d42279faa74370fdaaa9bb06d6518471abcfbd84ba656", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5c7f4c65db5908eb090d42279faa74370fdaaa9bb06d6518471abcfbd84ba656"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 205}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.up` used but never assigned in __init__"}, "properties": {"repobilityId": 139689, "scanner": "repobility-ast-engine", "fingerprint": "016c6becba628074856d5c4d1301281100fa154125b9ca1c8a55748fd060fafa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|016c6becba628074856d5c4d1301281100fa154125b9ca1c8a55748fd060fafa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 203}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.down` used but never assigned in __init__"}, "properties": {"repobilityId": 139688, "scanner": "repobility-ast-engine", "fingerprint": "e5b33eb8d2ab2d2cd958057a9f7e98a06328cd70c6375a2f84cca0541628a2e6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e5b33eb8d2ab2d2cd958057a9f7e98a06328cd70c6375a2f84cca0541628a2e6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 200}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.left` used but never assigned in __init__"}, "properties": {"repobilityId": 139687, "scanner": "repobility-ast-engine", "fingerprint": "c8a6edef3dfcbdb9717902d5302905c8a54fca7995eab19660d3fd4b4e2b5c0c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c8a6edef3dfcbdb9717902d5302905c8a54fca7995eab19660d3fd4b4e2b5c0c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 198}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.right` used but never assigned in __init__"}, "properties": {"repobilityId": 139686, "scanner": "repobility-ast-engine", "fingerprint": "6ab620bc2dddb4b17d1911006ceb3a11cffe6d28e62207d205a37049d672cd8d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6ab620bc2dddb4b17d1911006ceb3a11cffe6d28e62207d205a37049d672cd8d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 195}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.right` used but never assigned in __init__"}, "properties": {"repobilityId": 139685, "scanner": "repobility-ast-engine", "fingerprint": "8fe567431ca6c2c9eb7c061d2c88f34a1c5a56445f1a56051baf30456a69f810", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8fe567431ca6c2c9eb7c061d2c88f34a1c5a56445f1a56051baf30456a69f810"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 193}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.left` used but never assigned in __init__"}, "properties": {"repobilityId": 139684, "scanner": "repobility-ast-engine", "fingerprint": "cdf09d20cb3972a0a35d7b6fc32fc3a973d52d6d80beefe1435486fa6941b789", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cdf09d20cb3972a0a35d7b6fc32fc3a973d52d6d80beefe1435486fa6941b789"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 190}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.over` used but never assigned in __init__"}, "properties": {"repobilityId": 139683, "scanner": "repobility-ast-engine", "fingerprint": "96577131d0aa95565d67a594e22f5a4d999c84e8852a9d4cbe7f8da7d2731e8c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|96577131d0aa95565d67a594e22f5a4d999c84e8852a9d4cbe7f8da7d2731e8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.over` used but never assigned in __init__"}, "properties": {"repobilityId": 139682, "scanner": "repobility-ast-engine", "fingerprint": "73194aa8b8d1247546d87b78b1d7e668897476bda36850b41ccb185b833710c1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|73194aa8b8d1247546d87b78b1d7e668897476bda36850b41ccb185b833710c1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 170}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.game_over` used but never assigned in __init__"}, "properties": {"repobilityId": 139681, "scanner": "repobility-ast-engine", "fingerprint": "182c9f2dd0be8a24f3058a4bd89fa0695fc9b15e4a4c617e8bf9ace14719f13f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|182c9f2dd0be8a24f3058a4bd89fa0695fc9b15e4a4c617e8bf9ace14719f13f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 165}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.game_over` used but never assigned in __init__"}, "properties": {"repobilityId": 139680, "scanner": "repobility-ast-engine", "fingerprint": "611336c7856a591cc89d253f341f9d174886affc589bc4507d9e192ad049d436", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|611336c7856a591cc89d253f341f9d174886affc589bc4507d9e192ad049d436"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 164}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.down` used but never assigned in __init__"}, "properties": {"repobilityId": 139679, "scanner": "repobility-ast-engine", "fingerprint": "32c458cf8b739559224652212c87ff7844306bc8b46d6aae8f7ecd2901e843b6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|32c458cf8b739559224652212c87ff7844306bc8b46d6aae8f7ecd2901e843b6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 162}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.up` used but never assigned in __init__"}, "properties": {"repobilityId": 139678, "scanner": "repobility-ast-engine", "fingerprint": "2d3a4d01eb864df28d9f1788f7765e25a39aa2eb73043f8c3cf158a26429e138", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2d3a4d01eb864df28d9f1788f7765e25a39aa2eb73043f8c3cf158a26429e138"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 162}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.right` used but never assigned in __init__"}, "properties": {"repobilityId": 139677, "scanner": "repobility-ast-engine", "fingerprint": "02358190fedc01d96f0f30b34919e0d7840841a2c622d3d964d6d9dcddecde16", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|02358190fedc01d96f0f30b34919e0d7840841a2c622d3d964d6d9dcddecde16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 162}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.left` used but never assigned in __init__"}, "properties": {"repobilityId": 139676, "scanner": "repobility-ast-engine", "fingerprint": "017165b9b95c875b3e0bf50e1ea7367ac434d4ccad41797128fcb3bbe5d70664", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|017165b9b95c875b3e0bf50e1ea7367ac434d4ccad41797128fcb3bbe5d70664"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 162}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.buttonclick` used but never assigned in __init__"}, "properties": {"repobilityId": 139675, "scanner": "repobility-ast-engine", "fingerprint": "6321d4a31919334134a744b812f4ddfaef4c2d83193da36eccacc86a63eddcee", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6321d4a31919334134a744b812f4ddfaef4c2d83193da36eccacc86a63eddcee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.buttonclick` used but never assigned in __init__"}, "properties": {"repobilityId": 139674, "scanner": "repobility-ast-engine", "fingerprint": "7b7f5c0ad3c61899a1441162a3408964906742029cf4b6027caa9c30c8c24fdd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7b7f5c0ad3c61899a1441162a3408964906742029cf4b6027caa9c30c8c24fdd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.make_button` used but never assigned in __init__"}, "properties": {"repobilityId": 139673, "scanner": "repobility-ast-engine", "fingerprint": "9ac841fbf340c52d0fb0574a4baad86574a620fc22e159f72a64ddf088fe8c78", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9ac841fbf340c52d0fb0574a4baad86574a620fc22e159f72a64ddf088fe8c78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/snake_game.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 139669, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 139722, "scanner": "repobility-threat-engine", "fingerprint": "54e2977f93cd1c865f4467d75a7cf8befcaea7841296b0403db493eb435ddcf6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|54e2977f93cd1c865f4467d75a7cf8befcaea7841296b0403db493eb435ddcf6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/Banking_SushantKhadka.cpp"}, "region": {"startLine": 29}}}]}]}]}