{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "DKR014", "name": "Dockerfile copies broad context with incomplete .dockerignore", "shortDescription": {"text": "Dockerfile copies broad context with incomplete .dockerignore"}, "fullDescription": {"text": "COPY . or ADD . is safer when .dockerignore excludes secrets, git history, keys, and generated artifacts."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.76, "cwe": "", "owasp": ""}}, {"id": "SEC136", "name": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns ", "shortDescription": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, retur"}, "fullDescription": {"text": "Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC123", "name": "[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environme", "shortDescription": {"text": "[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals \u2014 sometimes triggers RCE (Django debug page with arbitrary template eval)."}, "fullDescription": {"text": "Set DEBUG=False / APP_DEBUG=false in production. Provide a generic 500 handler that logs to backend but returns a sanitized page to clients."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "Mutable default argument in `__init__` (list)", "shortDescription": {"text": "Mutable default argument in `__init__` (list)"}, "fullDescription": {"text": "`def __init__(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "DKR010", "name": "Dockerfile leaves apt package indexes in the image layer", "shortDescription": {"text": "Dockerfile leaves apt package indexes in the image layer"}, "fullDescription": {"text": "Package indexes increase image size and can expose stale metadata in the final image layer."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "DKR008", "name": ".dockerignore misses sensitive defaults", "shortDescription": {"text": ".dockerignore misses sensitive defaults"}, "fullDescription": {"text": ".dockerignore exists but does not cover common secret or VCS patterns."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `extract_text` has cognitive complexity 10 (SonarSource scale). Cognitive ", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `extract_text` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 10."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED062", "name": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model.", "shortDescription": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 11 more): Same pattern found in 11 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 11 more): Same pattern found in 11 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED069", "name": "[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files.", "shortDescription": {"text": "[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-489 / A05:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, ra"}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/setup-python` pinned to mutable ref `@v5`", "shortDescription": {"text": "Action `actions/setup-python` pinned to mutable ref `@v5`"}, "fullDescription": {"text": "`uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "Dockerfile FROM `python:3.13-slim-bullseye` not pinned by digest", "shortDescription": {"text": "Dockerfile FROM `python:3.13-slim-bullseye` not pinned by digest"}, "fullDescription": {"text": "`FROM python:3.13-slim-bullseye` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "pre-commit hook `https://github.com/psf/black` pinned to mutable rev `23.7.0`", "shortDescription": {"text": "pre-commit hook `https://github.com/psf/black` pinned to mutable rev `23.7.0`"}, "fullDescription": {"text": "`.pre-commit-config.yaml` references `https://github.com/psf/black` at `rev: 23.7.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.register_converter` used but never assigned in __init__", "shortDescription": {"text": "`self.register_converter` used but never assigned in __init__"}, "fullDescription": {"text": "Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_cu_file_types_invalid_value", "shortDescription": {"text": "Phantom test coverage: test_cu_file_types_invalid_value"}, "fullDescription": {"text": "Test function `test_cu_file_types_invalid_value` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "Missing import: `html` used but not imported", "shortDescription": {"text": "Missing import: `html` used but not imported"}, "fullDescription": {"text": "The file uses `html.something(...)` but never imports `html`. This raises NameError at runtime the first time the line executes."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/689"}, "properties": {"repository": "microsoft/markitdown", "repoUrl": "https://github.com/microsoft/markitdown", "branch": "main"}, "results": [{"ruleId": "DKR014", "level": "warning", "message": {"text": "Dockerfile copies broad context with incomplete .dockerignore"}, "properties": {"repobilityId": 53842, "scanner": "repobility-docker", "fingerprint": "5e8baf20f90d260927d845bd793eb01e9702adcd0bc4032eb5828a553a0b3d6d", "category": "docker", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Broad context copy found and .dockerignore misses sensitive defaults.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|5e8baf20f90d260927d845bd793eb01e9702adcd0bc4032eb5828a553a0b3d6d", "missing_patterns": [".env", ".git", "id_rsa", "*.pem", "*.key"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-mcp/Dockerfile"}, "region": {"startLine": 17}}}]}, {"ruleId": "DKR014", "level": "warning", "message": {"text": "Dockerfile copies broad context with incomplete .dockerignore"}, "properties": {"repobilityId": 53839, "scanner": "repobility-docker", "fingerprint": "2aae58bd0237b537a7eeae2549a02b5604bb93f7b38b6ff9bc87c8ef711c2037", "category": "docker", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Broad context copy found and .dockerignore misses sensitive defaults.", "evidence": {"rule_id": "DKR014", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|2aae58bd0237b537a7eeae2549a02b5604bb93f7b38b6ff9bc87c8ef711c2037", "missing_patterns": [".env", ".git", "id_rsa", "*.pem", "*.key"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 53836, "scanner": "repobility-threat-engine", "fingerprint": "a5e377860bdb4331e9c910e693f4d83046e676532e4f740467f08c45f35b89fc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "try:\n        base64_image = base64.b64encode(file_stream.read()).decode(\"utf-8\")\n    except Exceptio", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a5e377860bdb4331e9c910e693f4d83046e676532e4f740467f08c45f35b89fc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_llm_caption.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 53835, "scanner": "repobility-threat-engine", "fingerprint": "e592d8f9a81590be001f7967fa77ef2a7d0787b473bb5e8ebdd44f7e418b7cf1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "try:\n            base64_image = base64.b64encode(file_stream.read()).decode(\"utf-8\")\n        except", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e592d8f9a81590be001f7967fa77ef2a7d0787b473bb5e8ebdd44f7e418b7cf1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_image_converter.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 53829, "scanner": "repobility-threat-engine", "fingerprint": "cd238d03682702b5208032d1e04b8dc5296e25b7d77917e1de3d808332455de2", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n            pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|cd238d03682702b5208032d1e04b8dc5296e25b7d77917e1de3d808332455de2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 211}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 53828, "scanner": "repobility-threat-engine", "fingerprint": "381905fdb3a7fc6061336f3f7a44d8bd27400128db7cf76a8751e8ec4ffd6c31", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n                            pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|381905fdb3a7fc6061336f3f7a44d8bd27400128db7cf76a8751e8ec4ffd6c31"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 53827, "scanner": "repobility-threat-engine", "fingerprint": "8ec454b69c6dbec5665962f37cefc3afedc6d1f86a306b4b58a427f0a67d4e67", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except Exception:\n            pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8ec454b69c6dbec5665962f37cefc3afedc6d1f86a306b4b58a427f0a67d4e67"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py"}, "region": {"startLine": 155}}}]}, {"ruleId": "SEC123", "level": "warning", "message": {"text": "[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals \u2014 sometimes triggers RCE (Django debug page with arbitrary template eval)."}, "properties": {"repobilityId": 53813, "scanner": "repobility-threat-engine", "fingerprint": "e095f1c1b84c1d1ed67064e8f4d2f84717342956864b3786af2f0659c51f44be", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "debug=True", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC123", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e095f1c1b84c1d1ed67064e8f4d2f84717342956864b3786af2f0659c51f44be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-mcp/src/markitdown_mcp/__main__.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53805, "scanner": "repobility-ast-engine", "fingerprint": "cae37a9e4a1a4cf7feae6c60be88a1a764a11613db8974cda702b276e25d083c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cae37a9e4a1a4cf7feae6c60be88a1a764a11613db8974cda702b276e25d083c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converter_utils/docx/pre_process.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53804, "scanner": "repobility-ast-engine", "fingerprint": "5143b81f8dac77beec408c1491e7bf4f806a2a44c22162f12f1b5b67ed00b590", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5143b81f8dac77beec408c1491e7bf4f806a2a44c22162f12f1b5b67ed00b590"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pptx_converter.py"}, "region": {"startLine": 262}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "Mutable default argument in `__init__` (list)"}, "properties": {"repobilityId": 53803, "scanner": "repobility-ast-engine", "fingerprint": "ac0ef10c54241af202017ed85ae488306cb55ce53c8f726ac574137d0c705640", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac0ef10c54241af202017ed85ae488306cb55ce53c8f726ac574137d0c705640"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_doc_intel_converter.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53802, "scanner": "repobility-ast-engine", "fingerprint": "9fcb271712d97775899c8ec936ae63f45fc672aee10e663749f4875df3ddb24a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9fcb271712d97775899c8ec936ae63f45fc672aee10e663749f4875df3ddb24a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_image_converter.py"}, "region": {"startLine": 112}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53801, "scanner": "repobility-ast-engine", "fingerprint": "754b7906577f4b0b085edb95cc932f95dfffcbd9eadfbe0e761a7c953bb4e131", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|754b7906577f4b0b085edb95cc932f95dfffcbd9eadfbe0e761a7c953bb4e131"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pdf_converter.py"}, "region": {"startLine": 576}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53800, "scanner": "repobility-ast-engine", "fingerprint": "589e40385b9fff0118a9cac44aa2cc857e188692af2c1da380a04dff9fd6b0d1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|589e40385b9fff0118a9cac44aa2cc857e188692af2c1da380a04dff9fd6b0d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_rss_converter.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53799, "scanner": "repobility-ast-engine", "fingerprint": "2feb465552a1e0da8e3a9dbd7c35fcb017e952dc8995751330fe01bc928f8f27", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2feb465552a1e0da8e3a9dbd7c35fcb017e952dc8995751330fe01bc928f8f27"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_youtube_converter.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53798, "scanner": "repobility-ast-engine", "fingerprint": "190a742d6516868132342f4ceb95073766562fa86c6c965ccc6d1a414f847cfa", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|190a742d6516868132342f4ceb95073766562fa86c6c965ccc6d1a414f847cfa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_youtube_converter.py"}, "region": {"startLine": 232}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53797, "scanner": "repobility-ast-engine", "fingerprint": "36d309efd050b68439742d990c124b5b4e8dfbe2037d648c08cfe6412d14cc90", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|36d309efd050b68439742d990c124b5b4e8dfbe2037d648c08cfe6412d14cc90"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_youtube_converter.py"}, "region": {"startLine": 114}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53796, "scanner": "repobility-ast-engine", "fingerprint": "28748d765b1b249ed31e92aa1efab7e75adff903bb2778a5bd37793b01926cda", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|28748d765b1b249ed31e92aa1efab7e75adff903bb2778a5bd37793b01926cda"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_llm_caption.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53795, "scanner": "repobility-ast-engine", "fingerprint": "240630aa4609bddf5f29f50eb33c916b0f03d8b364ea9931238e74b2892a94a1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|240630aa4609bddf5f29f50eb33c916b0f03d8b364ea9931238e74b2892a94a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 630}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53794, "scanner": "repobility-ast-engine", "fingerprint": "31f98ebbd404df0a7ac4a5206af785535d81a0f8b5d55944978449e226f8f689", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|31f98ebbd404df0a7ac4a5206af785535d81a0f8b5d55944978449e226f8f689"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 268}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53793, "scanner": "repobility-ast-engine", "fingerprint": "307b119664aaa9a23e7f2a7301a42cb81dba297c937125b1527775ed8c3a96e0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|307b119664aaa9a23e7f2a7301a42cb81dba297c937125b1527775ed8c3a96e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53774, "scanner": "repobility-ast-engine", "fingerprint": "02b667c5c4fa71be06191aed36e05f1e208bcb7d9f6c0b2e4ba353486e77abbe", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|02b667c5c4fa71be06191aed36e05f1e208bcb7d9f6c0b2e4ba353486e77abbe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_ocr_service.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53773, "scanner": "repobility-ast-engine", "fingerprint": "2725dd6ca79d5927c25bad8689de97091af2620e2d45a34d383f1e2df0e89a7e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2725dd6ca79d5927c25bad8689de97091af2620e2d45a34d383f1e2df0e89a7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_ocr_service.py"}, "region": {"startLine": 107}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53772, "scanner": "repobility-ast-engine", "fingerprint": "72e82a18c5c008ff8089c1cce8a5229339e3bc0955ca63bf0f4ef1a2cf438623", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|72e82a18c5c008ff8089c1cce8a5229339e3bc0955ca63bf0f4ef1a2cf438623"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 413}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53771, "scanner": "repobility-ast-engine", "fingerprint": "f1681bdbcdcb927f8125552349192de7ec36dcc6b2e5208f147aafd3fa6f9bf9", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f1681bdbcdcb927f8125552349192de7ec36dcc6b2e5208f147aafd3fa6f9bf9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 380}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53770, "scanner": "repobility-ast-engine", "fingerprint": "3d412940d0f1a5ccdd123242b314c38fcd5cfe2b448b72b24e02975e20cbfeff", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3d412940d0f1a5ccdd123242b314c38fcd5cfe2b448b72b24e02975e20cbfeff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 419}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53769, "scanner": "repobility-ast-engine", "fingerprint": "5d6aa7cb447e8a38eed135a7bf2a9087add22b1913337520683968c18e5e1cb5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5d6aa7cb447e8a38eed135a7bf2a9087add22b1913337520683968c18e5e1cb5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 302}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53768, "scanner": "repobility-ast-engine", "fingerprint": "d8e451e5fe5310f4ea7a24659e72a127ba8d1eafdc9c7c50b7070a2529427f22", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d8e451e5fe5310f4ea7a24659e72a127ba8d1eafdc9c7c50b7070a2529427f22"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 120}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53767, "scanner": "repobility-ast-engine", "fingerprint": "1dcce9d25d765a13ea55d4b6db0abf1f48fc5a6f6892924a2d64bdde76e8de14", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1dcce9d25d765a13ea55d4b6db0abf1f48fc5a6f6892924a2d64bdde76e8de14"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 386}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53766, "scanner": "repobility-ast-engine", "fingerprint": "bc14611b57ba5f9a3478d88ff5ebec9aafc623aac63f4a8dbd882ecf8bdc059e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bc14611b57ba5f9a3478d88ff5ebec9aafc623aac63f4a8dbd882ecf8bdc059e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 297}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53763, "scanner": "repobility-ast-engine", "fingerprint": "9ed480997a6f713c4d54e5db6996ff634bf4326e0d3db4d48d38aca1005f4672", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9ed480997a6f713c4d54e5db6996ff634bf4326e0d3db4d48d38aca1005f4672"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 208}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53758, "scanner": "repobility-ast-engine", "fingerprint": "c2cfbf066d1da91ccc4c4b1d738c5a86e72ac69c331269f991871c48b4e6b541", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c2cfbf066d1da91ccc4c4b1d738c5a86e72ac69c331269f991871c48b4e6b541"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py"}, "region": {"startLine": 152}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 53755, "scanner": "repobility-ast-engine", "fingerprint": "882f87fa97a9c34a00a0ebe0a686408779e22ba384b98db1b6b37c7c3228192d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|882f87fa97a9c34a00a0ebe0a686408779e22ba384b98db1b6b37c7c3228192d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 248}}}]}, {"ruleId": "DKR010", "level": "note", "message": {"text": "Dockerfile leaves apt package indexes in the image layer"}, "properties": {"repobilityId": 53841, "scanner": "repobility-docker", "fingerprint": "0d6d270b6fd6ded3459bba27530fd03c2e66de322f6048020c6cfde4d8044789", "category": "docker", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "apt update/install layer does not remove /var/lib/apt/lists.", "evidence": {"rule_id": "DKR010", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|0d6d270b6fd6ded3459bba27530fd03c2e66de322f6048020c6cfde4d8044789"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-mcp/Dockerfile"}, "region": {"startLine": 10}}}]}, {"ruleId": "DKR008", "level": "note", "message": {"text": ".dockerignore misses sensitive defaults"}, "properties": {"repobilityId": 53840, "scanner": "repobility-docker", "fingerprint": "aea2ad92c68c4ee1f8432bb1ec25e7d45ac12c9e1790ac2d3fffe638b1acce12", "category": "docker", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "A Docker build context should exclude secrets and repository metadata.", "evidence": {"rule_id": "DKR008", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|aea2ad92c68c4ee1f8432bb1ec25e7d45ac12c9e1790ac2d3fffe638b1acce12", "missing_patterns": [".env", ".git", "id_rsa", "*.pem", "*.key"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR010", "level": "note", "message": {"text": "Dockerfile leaves apt package indexes in the image layer"}, "properties": {"repobilityId": 53838, "scanner": "repobility-docker", "fingerprint": "9868914f9e067a429758d90dcead138282b476343e4ffc23dcf2f107ffff5e9b", "category": "docker", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "apt update/install layer does not remove /var/lib/apt/lists.", "evidence": {"rule_id": "DKR010", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|9868914f9e067a429758d90dcead138282b476343e4ffc23dcf2f107ffff5e9b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 8}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `extract_text` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=2, if=3, nested_bonus=2, or=1, ternary=2."}, "properties": {"repobilityId": 53817, "scanner": "repobility-threat-engine", "fingerprint": "b712dc9a2bccfd93f74952891a37e1b2272aa8e46b761664ff0956df7a69d35e", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "extract_text", "breakdown": {"if": 3, "or": 1, "except": 2, "ternary": 2, "nested_bonus": 2}, "complexity": 10, "correlation_key": "fp|b712dc9a2bccfd93f74952891a37e1b2272aa8e46b761664ff0956df7a69d35e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_ocr_service.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `_extract_and_ocr_images` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, except=2, for=1, if=2, nested_bonus=5."}, "properties": {"repobilityId": 53816, "scanner": "repobility-threat-engine", "fingerprint": "bffb87781f96254591e4afddb2b119c488a77a8227601de598ca75a0bdd882b0", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "_extract_and_ocr_images", "breakdown": {"if": 2, "for": 1, "except": 2, "continue": 1, "nested_bonus": 5}, "complexity": 11, "correlation_key": "fp|bffb87781f96254591e4afddb2b119c488a77a8227601de598ca75a0bdd882b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=1, if=3, nested_bonus=3, or=1, ternary=2."}, "properties": {"repobilityId": 53815, "scanner": "repobility-threat-engine", "fingerprint": "8438e265642f9298a0a438c766c61f54f6f0dbbca72601f7444547203749610c", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "main", "breakdown": {"if": 3, "or": 1, "else": 1, "ternary": 2, "nested_bonus": 3}, "complexity": 10, "correlation_key": "fp|8438e265642f9298a0a438c766c61f54f6f0dbbca72601f7444547203749610c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-mcp/src/markitdown_mcp/__main__.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53750, "scanner": "repobility-ai-code-hygiene", "fingerprint": "013506158b7be8ae0faa378d8fd569ca08f099965d88039cd124ae0f5f7c8a03", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 27, "correlation_key": "fp|013506158b7be8ae0faa378d8fd569ca08f099965d88039cd124ae0f5f7c8a03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_zip_converter.py"}, "region": {"startLine": 45}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53749, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a4215485b38ab95e205465de1b921cb1d5a0db203ab6d5b964b16b7b0357507e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_wikipedia_converter.py", "duplicate_line": 30, "correlation_key": "fp|a4215485b38ab95e205465de1b921cb1d5a0db203ab6d5b964b16b7b0357507e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_youtube_converter.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53748, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fe7164e8af067961e03ed52ecf3d8ad5e8e48442668e8275557dd1851afac38c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_bing_serp_converter.py", "duplicate_line": 35, "correlation_key": "fp|fe7164e8af067961e03ed52ecf3d8ad5e8e48442668e8275557dd1851afac38c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_youtube_converter.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53747, "scanner": "repobility-ai-code-hygiene", "fingerprint": "40c3fbc145ca865309e34e33bf57d44c41e61bdc863ab5e29a1eb98ef4a40c5c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py", "duplicate_line": 42, "correlation_key": "fp|40c3fbc145ca865309e34e33bf57d44c41e61bdc863ab5e29a1eb98ef4a40c5c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_xlsx_converter.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53746, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0a80b2a88f957c95ae88fb6646766ca6a0c432171a6ea7f8fb33012c41398861", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_bing_serp_converter.py", "duplicate_line": 35, "correlation_key": "fp|0a80b2a88f957c95ae88fb6646766ca6a0c432171a6ea7f8fb33012c41398861"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_wikipedia_converter.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53745, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2c4579b29e7d8076ef36e0b292b56cda7b9184e252b221444c76607ff390dc79", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py", "duplicate_line": 39, "correlation_key": "fp|2c4579b29e7d8076ef36e0b292b56cda7b9184e252b221444c76607ff390dc79"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pptx_converter.py"}, "region": {"startLine": 41}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53744, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f770c98e58758e9738f54f304ee251724e5ad7c6554e15ecabcdabc0fb123ca4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 27, "correlation_key": "fp|f770c98e58758e9738f54f304ee251724e5ad7c6554e15ecabcdabc0fb123ca4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pptx_converter.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53743, "scanner": "repobility-ai-code-hygiene", "fingerprint": "314928d677c9492b57517a4b6a79538f447880105c9a44d1d4fe10346531a36e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_docx_converter.py", "duplicate_line": 22, "correlation_key": "fp|314928d677c9492b57517a4b6a79538f447880105c9a44d1d4fe10346531a36e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pptx_converter.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53742, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c580cc3d123746afddf1839823d1fa57300012818c52f4c8897514399320e7df", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_csv_converter.py", "duplicate_line": 25, "correlation_key": "fp|c580cc3d123746afddf1839823d1fa57300012818c52f4c8897514399320e7df"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_plain_text_converter.py"}, "region": {"startLine": 35}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53741, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6724bff41c7c3d0ee97a69eed437ef716e5d03e875c003eef092531762569ebe", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py", "duplicate_line": 106, "correlation_key": "fp|6724bff41c7c3d0ee97a69eed437ef716e5d03e875c003eef092531762569ebe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pdf_converter.py"}, "region": {"startLine": 354}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53740, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8426454713a5d72fd3eec823ac806a9c812583ccdbd4c72c9dd1daf7cabb6ea4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_docx_converter.py", "duplicate_line": 33, "correlation_key": "fp|8426454713a5d72fd3eec823ac806a9c812583ccdbd4c72c9dd1daf7cabb6ea4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pdf_converter.py"}, "region": {"startLine": 350}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53739, "scanner": "repobility-ai-code-hygiene", "fingerprint": "237302ef861b35bc7609ed5010bbc017ed77650a9b298d28382d2418b279c9dc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 26, "correlation_key": "fp|237302ef861b35bc7609ed5010bbc017ed77650a9b298d28382d2418b279c9dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_pdf_converter.py"}, "region": {"startLine": 342}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53738, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1c6c0d0a6f2dfdd7fc4f42f8891bd0a19f5478e58398f094839cd55231fb2951", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 26, "correlation_key": "fp|1c6c0d0a6f2dfdd7fc4f42f8891bd0a19f5478e58398f094839cd55231fb2951"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_outlook_msg_converter.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53737, "scanner": "repobility-ai-code-hygiene", "fingerprint": "2dd852cac10677860d7d65940dd2ec14b83b7fba251913679103b88dd3f15d2d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_image_converter.py", "duplicate_line": 83, "correlation_key": "fp|2dd852cac10677860d7d65940dd2ec14b83b7fba251913679103b88dd3f15d2d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_llm_caption.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53736, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8a8863af5e0a660b5a7a3a4b66da7b458ce4e4c956053dbc80577a16c8e6fa83", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_audio_converter.py", "duplicate_line": 29, "correlation_key": "fp|8a8863af5e0a660b5a7a3a4b66da7b458ce4e4c956053dbc80577a16c8e6fa83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_image_converter.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53735, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d8f3fcc707bf0259673d93b9396e8ff701199f33e883b26233b38c9610e6f788", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 26, "correlation_key": "fp|d8f3fcc707bf0259673d93b9396e8ff701199f33e883b26233b38c9610e6f788"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_image_converter.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53734, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bc43c11499bfbb41c76c870930af9b1e61a9c653d99aebf788d4b1a75a9dd69b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 27, "correlation_key": "fp|bc43c11499bfbb41c76c870930af9b1e61a9c653d99aebf788d4b1a75a9dd69b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_html_converter.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53733, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5fc21330b6f763bd92872073d9090f5de5847e2ed5783ea8596a5a008e3bec36", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_bing_serp_converter.py", "duplicate_line": 6, "correlation_key": "fp|5fc21330b6f763bd92872073d9090f5de5847e2ed5783ea8596a5a008e3bec36"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_html_converter.py"}, "region": {"startLine": 4}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53732, "scanner": "repobility-ai-code-hygiene", "fingerprint": "519a9df273e71032f39232f5422340ba185d0b8ce7c41e0d55f2975adbcd3316", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 27, "correlation_key": "fp|519a9df273e71032f39232f5422340ba185d0b8ce7c41e0d55f2975adbcd3316"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_epub_converter.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53731, "scanner": "repobility-ai-code-hygiene", "fingerprint": "efa0e4b1aeb0705d124cada193f44cc65efe0a7e880845d1fd76907994a4ed3e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown/src/markitdown/converters/_docx_converter.py", "duplicate_line": 22, "correlation_key": "fp|efa0e4b1aeb0705d124cada193f44cc65efe0a7e880845d1fd76907994a4ed3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_epub_converter.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53730, "scanner": "repobility-ai-code-hygiene", "fingerprint": "280965cfd981c8b37bbe8a5cf1704f2fe00cc69711adcd5a0b3442dd67164e62", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py", "duplicate_line": 45, "correlation_key": "fp|280965cfd981c8b37bbe8a5cf1704f2fe00cc69711adcd5a0b3442dd67164e62"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_docx_converter.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53729, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8fbebc8960760509b4e123b2ec295ca4d944c7efb5322a6ffaad89a5bce192d2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 27, "correlation_key": "fp|8fbebc8960760509b4e123b2ec295ca4d944c7efb5322a6ffaad89a5bce192d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_docx_converter.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53728, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e7f91faf0c8c6c23979376235f7b17efdce781a2a2ec38bcd52089ced5227d57", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 27, "correlation_key": "fp|e7f91faf0c8c6c23979376235f7b17efdce781a2a2ec38bcd52089ced5227d57"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_csv_converter.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53727, "scanner": "repobility-ai-code-hygiene", "fingerprint": "acd3e45a4b925b4ce35a8d93c8a361d51d92ec90d9770b048c7c8db5cb2faa8a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-sample-plugin/src/markitdown_sample_plugin/_plugin.py", "duplicate_line": 26, "correlation_key": "fp|acd3e45a4b925b4ce35a8d93c8a361d51d92ec90d9770b048c7c8db5cb2faa8a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_audio_converter.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53726, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d5b0c49ccfdfb12f233af2ab171b30d723ce3d37faeed520d5583775ac9c8aa9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py", "duplicate_line": 28, "correlation_key": "fp|d5b0c49ccfdfb12f233af2ab171b30d723ce3d37faeed520d5583775ac9c8aa9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53725, "scanner": "repobility-ai-code-hygiene", "fingerprint": "56900cd442ad587fbdca2819dfbb2d763b7529f39cccc8da64433f1f6abea9db", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py", "duplicate_line": 44, "correlation_key": "fp|56900cd442ad587fbdca2819dfbb2d763b7529f39cccc8da64433f1f6abea9db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 53724, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1b5e1d5a2f19f36b00f18fc6376aa43d399ca7a43d28e32a956cd0e40b6b59a6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py", "duplicate_line": 44, "correlation_key": "fp|1b5e1d5a2f19f36b00f18fc6376aa43d399ca7a43d28e32a956cd0e40b6b59a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 53834, "scanner": "repobility-threat-engine", "fingerprint": "d8c39698b1201f0dbfffabd0b878a19e3170aa8a315e36f2c6aed1dc4bf4a5d2", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d8c39698b1201f0dbfffabd0b878a19e3170aa8a315e36f2c6aed1dc4bf4a5d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_doc_intel_converter.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 53832, "scanner": "repobility-threat-engine", "fingerprint": "2860301c56f1b35928793f84d853c6b1484c6242d05822a729c815787f019486", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2860301c56f1b35928793f84d853c6b1484c6242d05822a729c815787f019486"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_stream_info.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 53831, "scanner": "repobility-threat-engine", "fingerprint": "639121c741fa2398cfa7a5823eecc660ef4c6b318652da505e616ab4ac8e15a8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|639121c741fa2398cfa7a5823eecc660ef4c6b318652da505e616ab4ac8e15a8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_ocr_service.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "ERR001", "level": "none", "message": {"text": "[ERR001] Silent Exception Swallowing (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 53830, "scanner": "repobility-threat-engine", "fingerprint": "93b9da83522ef7033c1689b56fc2639ef703f7cce5574751f2046196162761e3", "category": "error_handling", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|93b9da83522ef7033c1689b56fc2639ef703f7cce5574751f2046196162761e3"}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 11 more): Same pattern found in 11 additional files. Review if needed."}, "properties": {"repobilityId": 53826, "scanner": "repobility-threat-engine", "fingerprint": "782b35fe2be2b25845698f37beaaef3524528d1bc7dfc5351c5dbeac247431c5", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 11 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|782b35fe2be2b25845698f37beaaef3524528d1bc7dfc5351c5dbeac247431c5", "aggregated_count": 11}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 53825, "scanner": "repobility-threat-engine", "fingerprint": "539dc57e8ba7f770c903ab9df08b2aa8c2e2a13b2c77eecb6e3f460fc98f5c8a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|539dc57e8ba7f770c903ab9df08b2aa8c2e2a13b2c77eecb6e3f460fc98f5c8a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 136}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 53824, "scanner": "repobility-threat-engine", "fingerprint": "f309c82b038fe6eb4a7e76966c6a2a72e25cf061b55e8499589cc03ff51bea68", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f309c82b038fe6eb4a7e76966c6a2a72e25cf061b55e8499589cc03ff51bea68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 53823, "scanner": "repobility-threat-engine", "fingerprint": "0b2043379ddda9814386566316f9edd7f913bc61946ed76bd65a21c656840362", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0b2043379ddda9814386566316f9edd7f913bc61946ed76bd65a21c656840362"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py"}, "region": {"startLine": 156}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 5 more): Same pattern found in 5 additional files. Review if needed."}, "properties": {"repobilityId": 53822, "scanner": "repobility-threat-engine", "fingerprint": "7fa035b085c0bd9a31a5276c49da091420eed1825fee6f01486426827fccfced", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 5 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|7fa035b085c0bd9a31a5276c49da091420eed1825fee6f01486426827fccfced", "aggregated_count": 5}}}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 33 more): Same pattern found in 33 additional files. Review if needed."}, "properties": {"repobilityId": 53818, "scanner": "repobility-threat-engine", "fingerprint": "4e7f0d0d6a8b8cb47f905303473a0d47ff5f2d6b221e2403c5cf6933dab110a4", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 33 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "main", "breakdown": {"if": 3, "or": 1, "else": 1, "ternary": 2, "nested_bonus": 3}, "aggregated": true, "complexity": 10, "correlation_key": "fp|4e7f0d0d6a8b8cb47f905303473a0d47ff5f2d6b221e2403c5cf6933dab110a4", "aggregated_count": 33}}}, {"ruleId": "MINED069", "level": "none", "message": {"text": "[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files."}, "properties": {"repobilityId": 53814, "scanner": "repobility-threat-engine", "fingerprint": "39691a2bfec64c4bffcf0ed758d6dd48438a1a78d3935b8dfad3832a9a4a13be", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "debug-true-prod", "owasp": "A05:2021", "cwe_ids": ["CWE-489"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348063+00:00", "triaged_in_corpus": 12, "observations_count": 37393, "ai_coder_pattern_id": 17}, "scanner": "repobility-threat-engine", "correlation_key": "fp|39691a2bfec64c4bffcf0ed758d6dd48438a1a78d3935b8dfad3832a9a4a13be"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-mcp/src/markitdown_mcp/__main__.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 53837, "scanner": "repobility-threat-engine", "fingerprint": "6ee515bb0ced0623a35852b3df4c4fc644845d50e05ee81be2539971e7771495", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6ee515bb0ced0623a35852b3df4c4fc644845d50e05ee81be2539971e7771495"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/converters/_rss_converter.py"}, "region": {"startLine": 68}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 53833, "scanner": "repobility-threat-engine", "fingerprint": "b9d951a4a03bfac074a95e6ed6a832feeea185bb4050c15d1ab2fce35123a950", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new_info.update(kwargs)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b9d951a4a03bfac074a95e6ed6a832feeea185bb4050c15d1ab2fce35123a950"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_stream_info.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 53821, "scanner": "repobility-threat-engine", "fingerprint": "6401da50726abfd6b1378f6c8c332bfcce19f173195d90f2fe288282b8e29498", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6401da50726abfd6b1378f6c8c332bfcce19f173195d90f2fe288282b8e29498"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 211}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 53820, "scanner": "repobility-threat-engine", "fingerprint": "838e36468d9b29a741874c21bd18b23555678f0be4ea292149035083abdf670f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|838e36468d9b29a741874c21bd18b23555678f0be4ea292149035083abdf670f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 53819, "scanner": "repobility-threat-engine", "fingerprint": "7999f40fdf530a7cc1f3c41841288b29dff584441c23ae242262256c61c6af3d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7999f40fdf530a7cc1f3c41841288b29dff584441c23ae242262256c61c6af3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py"}, "region": {"startLine": 155}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 53812, "scanner": "repobility-supply-chain", "fingerprint": "1fefb3f647d849e42445f97c672748af2ce45551ec53f559b858c3d84854ec20", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1fefb3f647d849e42445f97c672748af2ce45551ec53f559b858c3d84854ec20"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pre-commit.yml"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 53811, "scanner": "repobility-supply-chain", "fingerprint": "a02f79ea0b67129f353df4342cd0744067f089804133bb2c84939b1be4c04566", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a02f79ea0b67129f353df4342cd0744067f089804133bb2c84939b1be4c04566"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pre-commit.yml"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 53810, "scanner": "repobility-supply-chain", "fingerprint": "f96faa7423144c1936fda02d11f8c62be83054634377fd7d496ec906538eebb7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f96faa7423144c1936fda02d11f8c62be83054634377fd7d496ec906538eebb7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yml"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 53809, "scanner": "repobility-supply-chain", "fingerprint": "15f99e10b1bfbb41c9d71623f958b294288fe66bae36158ee7d01d5aa9c82cce", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|15f99e10b1bfbb41c9d71623f958b294288fe66bae36158ee7d01d5aa9c82cce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/tests.yml"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `python:3.13-slim-bullseye` not pinned by digest"}, "properties": {"repobilityId": 53808, "scanner": "repobility-supply-chain", "fingerprint": "0108fe4e568ddff91f0e7a503258a372563f2565749f036f9b0b4d4fd3be0399", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0108fe4e568ddff91f0e7a503258a372563f2565749f036f9b0b4d4fd3be0399"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-mcp/Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/psf/black` pinned to mutable rev `23.7.0`"}, "properties": {"repobilityId": 53807, "scanner": "repobility-supply-chain", "fingerprint": "88e381ea3ea20c317e7fd069de9fa07af3d92f7e8ab027788ff9d6371c20612d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|88e381ea3ea20c317e7fd069de9fa07af3d92f7e8ab027788ff9d6371c20612d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `python:3.13-slim-bullseye` not pinned by digest"}, "properties": {"repobilityId": 53806, "scanner": "repobility-supply-chain", "fingerprint": "a7239f2b65b99e436df142cf9b01e453e14c1371c755d21b68602544ed13b3f4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a7239f2b65b99e436df142cf9b01e453e14c1371c755d21b68602544ed13b3f4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Dockerfile"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53792, "scanner": "repobility-ast-engine", "fingerprint": "7eaee0741591191134a2d8e951ebfb3609db7ac0fc97587fd3e2ad8242e8888a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7eaee0741591191134a2d8e951ebfb3609db7ac0fc97587fd3e2ad8242e8888a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 195}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53791, "scanner": "repobility-ast-engine", "fingerprint": "6523205e8f3bf3aace7be5de1cd3c2cf4504d06114be5f6c8f4c5b52f5d9260b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6523205e8f3bf3aace7be5de1cd3c2cf4504d06114be5f6c8f4c5b52f5d9260b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 194}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53790, "scanner": "repobility-ast-engine", "fingerprint": "67edab078c20d3352b7339a69c2e35cade267fdf5f74d296537f1aeafbc4843b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|67edab078c20d3352b7339a69c2e35cade267fdf5f74d296537f1aeafbc4843b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 193}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53789, "scanner": "repobility-ast-engine", "fingerprint": "8b51055ef5280680835c38d69d9173ac7a7e5b7887fe4dbd9d7787be28f6f430", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8b51055ef5280680835c38d69d9173ac7a7e5b7887fe4dbd9d7787be28f6f430"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 192}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53788, "scanner": "repobility-ast-engine", "fingerprint": "bea5f6d13f97288629f6d8fc57ddca81e08972b7cbe7c42f39d3b42bdd289158", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bea5f6d13f97288629f6d8fc57ddca81e08972b7cbe7c42f39d3b42bdd289158"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53787, "scanner": "repobility-ast-engine", "fingerprint": "09a63b06596f66e4936cbad822b97e663ea82b38ba5947181d2c0b8a519eb643", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09a63b06596f66e4936cbad822b97e663ea82b38ba5947181d2c0b8a519eb643"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53786, "scanner": "repobility-ast-engine", "fingerprint": "8f66e1ba7cacf4077004105160cafcf887837dc49d55ee4e0348977f48f8520b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8f66e1ba7cacf4077004105160cafcf887837dc49d55ee4e0348977f48f8520b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 185}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.register_converter` used but never assigned in __init__"}, "properties": {"repobilityId": 53785, "scanner": "repobility-ast-engine", "fingerprint": "6fa7de9dff12aa089a7e082cc4ad5040289f1b6d7894737fecb5f7096d3cb19c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6fa7de9dff12aa089a7e082cc4ad5040289f1b6d7894737fecb5f7096d3cb19c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/src/markitdown/_markitdown.py"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._run_convert` used but never assigned in __init__"}, "properties": {"repobilityId": 53784, "scanner": "repobility-ast-engine", "fingerprint": "4ab4bb6fc2f4f507060ea79859aa532cd647be20b711514f45af6220fdde12c9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4ab4bb6fc2f4f507060ea79859aa532cd647be20b711514f45af6220fdde12c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 713}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._run_convert` used but never assigned in __init__"}, "properties": {"repobilityId": 53783, "scanner": "repobility-ast-engine", "fingerprint": "13eba1f6a3a9cb79b11cf8a94118ec17aa85278481a8311bee85e80d46b98a6a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|13eba1f6a3a9cb79b11cf8a94118ec17aa85278481a8311bee85e80d46b98a6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 709}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._run_convert` used but never assigned in __init__"}, "properties": {"repobilityId": 53782, "scanner": "repobility-ast-engine", "fingerprint": "bef965bf801392791e555a5e4760342837c9fe3297c0728151443829a49d9b73", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bef965bf801392791e555a5e4760342837c9fe3297c0728151443829a49d9b73"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 703}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._run_convert` used but never assigned in __init__"}, "properties": {"repobilityId": 53781, "scanner": "repobility-ast-engine", "fingerprint": "2bb0f063ba9bc68d450a611db42666df4923ca108925b99ad714d52e830d79d1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2bb0f063ba9bc68d450a611db42666df4923ca108925b99ad714d52e830d79d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 697}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._run_convert` used but never assigned in __init__"}, "properties": {"repobilityId": 53780, "scanner": "repobility-ast-engine", "fingerprint": "0054a50c1e6a367486d140f1268b8cdf90af8f2981e384863ccec335071fa909", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0054a50c1e6a367486d140f1268b8cdf90af8f2981e384863ccec335071fa909"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 691}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_cu_file_types_invalid_value"}, "properties": {"repobilityId": 53779, "scanner": "repobility-ast-engine", "fingerprint": "daf85c81cd18ad225085ead876a64b3cc661feb0b7d3c2ac2a938c638ea65809", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|daf85c81cd18ad225085ead876a64b3cc661feb0b7d3c2ac2a938c638ea65809"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 847}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_nonexistent_analyzer_raises_value_error"}, "properties": {"repobilityId": 53778, "scanner": "repobility-ast-engine", "fingerprint": "fadaccc02228b01a086a3739d3cdc04b31a8003604b4184fcc7c00f1785614f9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fadaccc02228b01a086a3739d3cdc04b31a8003604b4184fcc7c00f1785614f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 727}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_get_analyzer_failure_raises_value_error"}, "properties": {"repobilityId": 53777, "scanner": "repobility-ast-engine", "fingerprint": "c8e1603dba84511181ac003ae109e14b71d99262866dfe391110710f21fd742d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c8e1603dba84511181ac003ae109e14b71d99262866dfe391110710f21fd742d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_cu_converter.py"}, "region": {"startLine": 628}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_docx_comments"}, "properties": {"repobilityId": 53775, "scanner": "repobility-ast-engine", "fingerprint": "d8dbf441b88d6b32e5c8627fd8286a73e9ada9bfd04afd181efbf51ad377a7f2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d8dbf441b88d6b32e5c8627fd8286a73e9ada9bfd04afd181efbf51ad377a7f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_module_misc.py"}, "region": {"startLine": 255}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._extract_page_images` used but never assigned in __init__"}, "properties": {"repobilityId": 53765, "scanner": "repobility-ast-engine", "fingerprint": "1f626c78441cffcd6c87a1eecbb3163fff2379d238ef9c5139159d4f3c3cc634", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1f626c78441cffcd6c87a1eecbb3163fff2379d238ef9c5139159d4f3c3cc634"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 193}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._ocr_full_pages` used but never assigned in __init__"}, "properties": {"repobilityId": 53764, "scanner": "repobility-ast-engine", "fingerprint": "33ad1ee2733ffa7ec9c0a8278ee2e172f2be72cdf680f5364e591a27674f7ce1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|33ad1ee2733ffa7ec9c0a8278ee2e172f2be72cdf680f5364e591a27674f7ce1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py"}, "region": {"startLine": 309}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._column_number_to_letter` used but never assigned in __init__"}, "properties": {"repobilityId": 53762, "scanner": "repobility-ast-engine", "fingerprint": "6afd61c87847c08fc2ef77d74f1a9defae2c80b2fe5fcd1342969f3a89c09ee4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6afd61c87847c08fc2ef77d74f1a9defae2c80b2fe5fcd1342969f3a89c09ee4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._extract_and_ocr_sheet_images` used but never assigned in __init__"}, "properties": {"repobilityId": 53761, "scanner": "repobility-ast-engine", "fingerprint": "7ab46ba81081558545341bca9f76514c634654098ce62b967b58209bace560f2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7ab46ba81081558545341bca9f76514c634654098ce62b967b58209bace560f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 139}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._convert_standard` used but never assigned in __init__"}, "properties": {"repobilityId": 53760, "scanner": "repobility-ast-engine", "fingerprint": "f9e9dbadffaf92566deef0db56625fa88936088fdd7a06cbac6d31ca1c38d57d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9e9dbadffaf92566deef0db56625fa88936088fdd7a06cbac6d31ca1c38d57d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._convert_with_ocr` used but never assigned in __init__"}, "properties": {"repobilityId": 53759, "scanner": "repobility-ast-engine", "fingerprint": "379975d11857d0e894ccf08f185a39b6eb28e776cc373194858d2b2f971b1142", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|379975d11857d0e894ccf08f185a39b6eb28e776cc373194858d2b2f971b1142"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._inject_placeholders` used but never assigned in __init__"}, "properties": {"repobilityId": 53757, "scanner": "repobility-ast-engine", "fingerprint": "0d2e70bd9c7c6124c1d21728e7ee76f820cef11feff4fb83219661c934eff7c0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0d2e70bd9c7c6124c1d21728e7ee76f820cef11feff4fb83219661c934eff7c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._extract_and_ocr_images` used but never assigned in __init__"}, "properties": {"repobilityId": 53756, "scanner": "repobility-ast-engine", "fingerprint": "1c4e83f9314233f0bee758f24064d721e95090cff8d39664080e7b5ec178ec4b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c4e83f9314233f0bee758f24064d721e95090cff8d39664080e7b5ec178ec4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._convert_chart_to_markdown` used but never assigned in __init__"}, "properties": {"repobilityId": 53754, "scanner": "repobility-ast-engine", "fingerprint": "24f0fb29b789ce48eb87275f990dff8f1e2a3ffc8375367973536f9e46ee4664", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|24f0fb29b789ce48eb87275f990dff8f1e2a3ffc8375367973536f9e46ee4664"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._convert_table_to_markdown` used but never assigned in __init__"}, "properties": {"repobilityId": 53753, "scanner": "repobility-ast-engine", "fingerprint": "b766b561d7218a34e0eb2d62e95a2ed4df7c41d7603a4a8c4a7c9b6c91adce8d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b766b561d7218a34e0eb2d62e95a2ed4df7c41d7603a4a8c4a7c9b6c91adce8d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 142}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._is_table` used but never assigned in __init__"}, "properties": {"repobilityId": 53752, "scanner": "repobility-ast-engine", "fingerprint": "902935d48d4b621439fca4d148c4c258b15fd56771311ebbeedab5f00e331296", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|902935d48d4b621439fca4d148c4c258b15fd56771311ebbeedab5f00e331296"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._is_picture` used but never assigned in __init__"}, "properties": {"repobilityId": 53751, "scanner": "repobility-ast-engine", "fingerprint": "e704a5fdd8cefe7cf5ebbb1912f8f9057f67429e6b364321a3ccd9e70d0387f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e704a5fdd8cefe7cf5ebbb1912f8f9057f67429e6b364321a3ccd9e70d0387f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `html` used but not imported"}, "properties": {"repobilityId": 53776, "scanner": "repobility-ast-engine", "fingerprint": "ba36b93833b47a0d321e11c9311f31066ee6458f5a5e79f90200057a13974cf4", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ba36b93833b47a0d321e11c9311f31066ee6458f5a5e79f90200057a13974cf4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "packages/markitdown/tests/test_module_misc.py"}, "region": {"startLine": 324}}}]}]}]}