{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "WEB003", "name": "Public web service has no security.txt", "shortDescription": {"text": "Public web service has no security.txt"}, "fullDescription": {"text": "security.txt gives researchers and customers a safe disclosure channel. Public web apps and APIs should publish it under /.well-known/security.txt."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "AUC001", "name": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobilit", "shortDescription": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "fullDescription": {"text": "The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"scanner": "repobility-access-control", "category": "auth", "severity": "medium", "confidence": 0.92, "cwe": "CWE-285", "owasp": "WSTG-AUTHZ"}}, {"id": "GHSA-pq67-6m6q-mj2v", "name": "urllib3: GHSA-pq67-6m6q-mj2v", "shortDescription": {"text": "urllib3: GHSA-pq67-6m6q-mj2v"}, "fullDescription": {"text": "urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-48p4-8xcf-vxj5", "name": "urllib3: GHSA-48p4-8xcf-vxj5", "shortDescription": {"text": "urllib3: GHSA-48p4-8xcf-vxj5"}, "fullDescription": {"text": "urllib3 does not control redirects in browsers and Node.js"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-gc5v-m9x4-r6x2", "name": "requests: GHSA-gc5v-m9x4-r6x2", "shortDescription": {"text": "requests: GHSA-gc5v-m9x4-r6x2"}, "fullDescription": {"text": "Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-9hjg-9r4m-mvj7", "name": "requests: GHSA-9hjg-9r4m-mvj7", "shortDescription": {"text": "requests: GHSA-9hjg-9r4m-mvj7"}, "fullDescription": {"text": "Requests vulnerable to .netrc credentials leak via malicious URLs"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-6w46-j5rx-g56g", "name": "pytest: GHSA-6w46-j5rx-g56g", "shortDescription": {"text": "pytest: GHSA-6w46-j5rx-g56g"}, "fullDescription": {"text": "pytest has vulnerable tmpdir handling"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-r73j-pqj5-w3x7", "name": "pillow: GHSA-r73j-pqj5-w3x7", "shortDescription": {"text": "pillow: GHSA-r73j-pqj5-w3x7"}, "fullDescription": {"text": "Pillow has a PDF Parsing Trailer Infinite Loop (DoS)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-5xmw-vc9v-4wf2", "name": "pillow: GHSA-5xmw-vc9v-4wf2", "shortDescription": {"text": "pillow: GHSA-5xmw-vc9v-4wf2"}, "fullDescription": {"text": "Pillow has a heap buffer overflow with nested list coordinates"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-mq84-hjqx-cwf2", "name": "keras: GHSA-mq84-hjqx-cwf2", "shortDescription": {"text": "keras: GHSA-mq84-hjqx-cwf2"}, "fullDescription": {"text": "Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-65pc-fj4g-8rjx", "name": "idna: GHSA-65pc-fj4g-8rjx", "shortDescription": {"text": "idna: GHSA-65pc-fj4g-8rjx"}, "fullDescription": {"text": "Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-768j-98cg-p3fv", "name": "fonttools: GHSA-768j-98cg-p3fv", "shortDescription": {"text": "fonttools: GHSA-768j-98cg-p3fv"}, "fullDescription": {"text": "fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "DKR007", "name": "Docker build context has no .dockerignore", "shortDescription": {"text": "Docker build context has no .dockerignore"}, "fullDescription": {"text": "Without .dockerignore, build context can include source history, local env files, dependencies, and generated artifacts."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "DKR001", "name": "Docker final stage has no non-root USER", "shortDescription": {"text": "Docker final stage has no non-root USER"}, "fullDescription": {"text": "Docker images run as root unless the image or Dockerfile switches to a non-root user."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "medium", "confidence": 0.82, "cwe": "", "owasp": ""}}, {"id": "SEC003", "name": "[SEC003] Hardcoded Secret: Hardcoded secret key found in source code.", "shortDescription": {"text": "[SEC003] Hardcoded Secret: Hardcoded secret key found in source code."}, "fullDescription": {"text": "Never commit secrets. Use .env files with .gitignore."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "cwe": "", "owasp": ""}}, {"id": "SEC015", "name": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.", "shortDescription": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "fullDescription": {"text": "Use secrets module (Python) or crypto.getRandomValues() (JS) for security-sensitive randomness."}, "properties": {"scanner": "repobility-threat-engine", "category": "crypto", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "GHSA-5239-wwwm-4pmq", "name": "pygments: GHSA-5239-wwwm-4pmq", "shortDescription": {"text": "pygments: GHSA-5239-wwwm-4pmq"}, "fullDescription": {"text": "Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "low", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `is_valid` has cognitive complexity 8 (SonarSource scale). Cognitive compl", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `is_valid` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all w"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 8."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "DKR002", "name": "Dockerfile base image is selected through a build variable", "shortDescription": {"text": "Dockerfile base image is selected through a build variable"}, "fullDescription": {"text": "Variable-selected base images can be safe, but Repobility cannot verify that the resolved image is pinned."}, "properties": {"scanner": "repobility-docker", "category": "docker", "severity": "info", "confidence": 0.48, "cwe": "", "owasp": ""}}, {"id": "MINED053", "name": "[MINED053] Placeholder Default Username: foo@bar.com / john.doe@example.com / admin/admin / changeme \u2014 typical AI placeh", "shortDescription": {"text": "[MINED053] Placeholder Default Username: foo@bar.com / john.doe@example.com / admin/admin / changeme \u2014 typical AI placeholder credentials."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1392,CWE-798 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED079", "name": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk.", "shortDescription": {"text": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-193 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED067", "name": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.", "shortDescription": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-400 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED072", "name": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in.", "shortDescription": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED004", "name": "[MINED004] Weak Crypto (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED004] Weak Crypto (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-327 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED062", "name": "[MINED062] Python Dataclass No Fields (and 9 more): Same pattern found in 9 additional files. Review if needed.", "shortDescription": {"text": "[MINED062] Python Dataclass No Fields (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 11 more): Same pattern found in 11 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 11 more): Same pattern found in 11 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC013", "name": "[SEC013] Path Traversal \u2014 User Input in File Path (and 2 more): Same pattern found in 2 additional files. Review if need", "shortDescription": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED047", "name": "[MINED047] Emoji In Source: Emoji \u2705 \u274c \ud83d\ude80 in code/comments \u2014 common AI output unless explicitly requested.", "shortDescription": {"text": "[MINED047] Emoji In Source: Emoji \u2705 \u274c \ud83d\ude80 in code/comments \u2014 common AI output unless explicitly requested."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED049", "name": "[MINED049] Print Pii (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED049] Print Pii (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequen", "shortDescription": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 8 more): Same pattern found in 8 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call (and 156 more): Same pattern found in 156 additional files. Review if needed.", "shortDescription": {"text": "[MINED064] Python Input Call (and 156 more): Same pattern found in 156 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 318 more): Same pattern found in 318 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 318 more): Same pattern found in 318 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "GHSA-gm62-xv2j-4w53", "name": "urllib3: GHSA-gm62-xv2j-4w53", "shortDescription": {"text": "urllib3: GHSA-gm62-xv2j-4w53"}, "fullDescription": {"text": "urllib3 allows an unbounded number of links in the decompression chain"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-38jv-5279-wg99", "name": "urllib3: GHSA-38jv-5279-wg99", "shortDescription": {"text": "urllib3: GHSA-38jv-5279-wg99"}, "fullDescription": {"text": "Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-2xpw-w6gg-jr37", "name": "urllib3: GHSA-2xpw-w6gg-jr37", "shortDescription": {"text": "urllib3: GHSA-2xpw-w6gg-jr37"}, "fullDescription": {"text": "urllib3 streaming API improperly handles highly compressed data"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2026-141", "name": "urllib3: PYSEC-2026-141", "shortDescription": {"text": "urllib3: PYSEC-2026-141"}, "fullDescription": {"text": "urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-whj4-6x5x-4v2j", "name": "pillow: GHSA-whj4-6x5x-4v2j", "shortDescription": {"text": "pillow: GHSA-whj4-6x5x-4v2j"}, "fullDescription": {"text": "FITS GZIP decompression bomb in Pillow"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-pwv6-vv43-88gr", "name": "pillow: GHSA-pwv6-vv43-88gr", "shortDescription": {"text": "pillow: GHSA-pwv6-vv43-88gr"}, "fullDescription": {"text": "Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-cfh3-3jmp-rvhc", "name": "pillow: GHSA-cfh3-3jmp-rvhc", "shortDescription": {"text": "pillow: GHSA-cfh3-3jmp-rvhc"}, "fullDescription": {"text": "Pillow affected by out-of-bounds write when loading PSD images"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2026-165", "name": "pillow: PYSEC-2026-165", "shortDescription": {"text": "pillow: PYSEC-2026-165"}, "fullDescription": {"text": "Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2025-61", "name": "pillow: PYSEC-2025-61", "shortDescription": {"text": "pillow: PYSEC-2025-61"}, "fullDescription": {"text": "Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap buffer overflow when writing a sufficiently large (>64k encoded with default settings) image in the DDS format due to writing into a buffer without checking for available space. This only affects users who save untrusted data as a compressed DDS image. This issue has been patched in version 11.3.0."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2026-87", "name": "lxml: PYSEC-2026-87", "shortDescription": {"text": "lxml: PYSEC-2026-87"}, "fullDescription": {"text": "lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in the default configuration (with resolve_entities=True) allows untrusted XML input to read local files. Setting the resolve_entities option explicitly to resolve_entities='internal' or resolve_entities=False disables the local file access. This vulnerability is fixed in 6.1.0."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-hjqc-jx6g-rwp9", "name": "keras: GHSA-hjqc-jx6g-rwp9", "shortDescription": {"text": "keras: GHSA-hjqc-jx6g-rwp9"}, "fullDescription": {"text": "Keras Directory Traversal Vulnerability"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-c9rc-mg46-23w3", "name": "keras: GHSA-c9rc-mg46-23w3", "shortDescription": {"text": "keras: GHSA-c9rc-mg46-23w3"}, "fullDescription": {"text": "Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-4f3f-g24h-fr8m", "name": "keras: GHSA-4f3f-g24h-fr8m", "shortDescription": {"text": "keras: GHSA-4f3f-g24h-fr8m"}, "fullDescription": {"text": "Keras has an untrusted deserialization vulnerability"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-3m4q-jmj6-r34q", "name": "keras: GHSA-3m4q-jmj6-r34q", "shortDescription": {"text": "keras: GHSA-3m4q-jmj6-r34q"}, "fullDescription": {"text": "Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-36fq-jgmw-4r9c", "name": "keras: GHSA-36fq-jgmw-4r9c", "shortDescription": {"text": "keras: GHSA-36fq-jgmw-4r9c"}, "fullDescription": {"text": "Keras is vulnerable to Deserialization of Untrusted Data"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2026-73", "name": "keras: PYSEC-2026-73", "shortDescription": {"text": "keras: PYSEC-2026-73"}, "fullDescription": {"text": "Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component\u00a0in Google\u00a0Keras\u00a03.0.0 through 3.13.0\u00a0on all platforms\u00a0allows a remote attacker\u00a0to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter\u00a0via a crafted .keras archive containing a valid model.weights.h5 file whose dataset declares an extremely large shape."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2025-123", "name": "keras: PYSEC-2025-123", "shortDescription": {"text": "keras: PYSEC-2025-123"}, "fullDescription": {"text": "The Keras Model.load_model\u00a0method can be exploited to achieve arbitrary code execution, even with safe_mode=True.\n\nOne can create a specially crafted .h5/.hdf5\u00a0model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed.\n\nThis is achieved by crafting a special .h5\u00a0archive file that uses the Lambda\u00a0layer feature of keras which allows arbitrary Python code in the form of pickled code. The vulnerability comes from the fact that the safe_mode=True\u00a0option is not honored when reading .h5\u00a0archives.\n\nNote that the .h5/.hdf5\u00a0format is a legacy format supported by Keras 3 for backwards compatibility."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled ", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes e"}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC032", "name": "[SEC032] Unrestricted File Upload \u2014 no extension/MIME validation: File upload accepts the user's filename without valida", "shortDescription": {"text": "[SEC032] Unrestricted File Upload \u2014 no extension/MIME validation: File upload accepts the user's filename without validating extension, content-type, or magic bytes. Attackers upload `.php`, `.jsp`, or executable files to a web-served direc"}, "fullDescription": {"text": "Validate THREE things server-side:\n  1. Extension allowlist:\n       ALLOWED = {'.png', '.jpg', '.pdf'}\n       ext = Path(file.filename).suffix.lower()\n       if ext not in ALLOWED: abort(400)\n  2. Magic-byte check (don't trust the extension):\n       import magic\n       mime = magic.from_buffer(file.read(2048), mime=True)\n  3. Save with a random/UUID filename to a non-executable directory.\nSanitize with `werkzeug.secure_filename`. Never reuse the user's name."}, "properties": {"scanner": "repobility-threat-engine", "category": "file_upload", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC078", "name": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsiv", "shortDescription": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a re"}, "fullDescription": {"text": "Add `timeout=10` (or appropriate value) to every requests call."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED009", "name": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal.", "shortDescription": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-682 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED026", "name": "[MINED026] Fake Verification: assert True, expect(1).toBe(1), or other tautology used to fake passing tests.", "shortDescription": {"text": "[MINED026] Fake Verification: assert True, expect(1).toBe(1), or other tautology used to fake passing tests."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1126 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED006", "name": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working.", "shortDescription": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-705 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/setup-python` pinned to mutable ref `@v6`", "shortDescription": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "fullDescription": {"text": "`uses: actions/setup-python@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED118", "name": "Dockerfile FROM `mcr.microsoft.com/vscode/devcontainers/python (no tag)` not pinned by digest", "shortDescription": {"text": "Dockerfile FROM `mcr.microsoft.com/vscode/devcontainers/python (no tag)` not pinned by digest"}, "fullDescription": {"text": "`FROM mcr.microsoft.com/vscode/devcontainers/python (no tag)` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "pre-commit hook `https://github.com/pre-commit/mirrors-prettier` pinned to mutable rev `v4.0.0-alpha.8`", "shortDescription": {"text": "pre-commit hook `https://github.com/pre-commit/mirrors-prettier` pinned to mutable rev `v4.0.0-alpha.8`"}, "fullDescription": {"text": "`.pre-commit-config.yaml` references `https://github.com/pre-commit/mirrors-prettier` at `rev: v4.0.0-alpha.8`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_add_vertex_exception_check", "shortDescription": {"text": "Phantom test coverage: test_add_vertex_exception_check"}, "fullDescription": {"text": "Test function `test_add_vertex_exception_check` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.ror` used but never assigned in __init__", "shortDescription": {"text": "`self.ror` used but never assigned in __init__"}, "fullDescription": {"text": "Method `final_hash` of class `SHA256` reads `self.ror`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "Missing import: `queue` used but not imported", "shortDescription": {"text": "Missing import: `queue` used but not imported"}, "fullDescription": {"text": "The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/715"}, "properties": {"repository": "TheAlgorithms/Python", "repoUrl": "https://github.com/TheAlgorithms/Python", "branch": "master"}, "results": [{"ruleId": "WEB003", "level": "warning", "message": {"text": "Public web service has no security.txt"}, "properties": {"repobilityId": 57957, "scanner": "repobility-web-presence", "fingerprint": "5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app/API but no security.txt file or route was discovered.", "evidence": {"rule_id": "WEB003", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9116", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".well-known/security.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "AUC001", "level": "warning", "message": {"text": "[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation."}, "properties": {"repobilityId": 57956, "scanner": "repobility-access-control", "fingerprint": "f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10", "category": "auth", "severity": "medium", "confidence": 0.92, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Static route and framework evidence require project-owner confirmation.", "evidence": {"scanner": "repobility-access-control", "frameworks": ["Django"], "expected_files": [".repobility/access.yml", ".repobility/access.yaml", ".repobility/access.json", ".repobility/authorization.yml"], "correlation_key": "fp|f1305052c3ba1e6c1cdb5dccc19e58a8168cf78b176658f32b1fc823df3e9d10"}}}, {"ruleId": "GHSA-pq67-6m6q-mj2v", "level": "warning", "message": {"text": "urllib3: GHSA-pq67-6m6q-mj2v"}, "properties": {"repobilityId": 57955, "scanner": "osv-scanner", "fingerprint": "05f36209b81330ef1da074c89a6716f96abc131a5f3f659eb7de7221cef4a5bf", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-50181"], "package": "urllib3", "rule_id": "GHSA-pq67-6m6q-mj2v", "scanner": "osv-scanner", "correlation_key": "vuln|urllib3|CVE-2025-50181|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-48p4-8xcf-vxj5", "level": "warning", "message": {"text": "urllib3: GHSA-48p4-8xcf-vxj5"}, "properties": {"repobilityId": 57953, "scanner": "osv-scanner", "fingerprint": "3ef8bdf416d6322429c1f23b4e6f5062a1776ba6a4536217b44709604a44b7ee", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-50182"], "package": "urllib3", "rule_id": "GHSA-48p4-8xcf-vxj5", "scanner": "osv-scanner", "correlation_key": "vuln|urllib3|CVE-2025-50182|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-gc5v-m9x4-r6x2", "level": "warning", "message": {"text": "requests: GHSA-gc5v-m9x4-r6x2"}, "properties": {"repobilityId": 57949, "scanner": "osv-scanner", "fingerprint": "e884985e28f71ca0fc1c2b7bb4ab3804118148f9826bc4963d61cc8124554f58", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-25645"], "package": "requests", "rule_id": "GHSA-gc5v-m9x4-r6x2", "scanner": "osv-scanner", "correlation_key": "vuln|requests|CVE-2026-25645|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-9hjg-9r4m-mvj7", "level": "warning", "message": {"text": "requests: GHSA-9hjg-9r4m-mvj7"}, "properties": {"repobilityId": 57948, "scanner": "osv-scanner", "fingerprint": "c3ddee2b588575c011406f9cd754bdc85edc83128a484c0cd9147b882b4df6fb", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-47081"], "package": "requests", "rule_id": "GHSA-9hjg-9r4m-mvj7", "scanner": "osv-scanner", "correlation_key": "vuln|requests|CVE-2024-47081|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-6w46-j5rx-g56g", "level": "warning", "message": {"text": "pytest: GHSA-6w46-j5rx-g56g"}, "properties": {"repobilityId": 57947, "scanner": "osv-scanner", "fingerprint": "33dc2cc48895af7411c54c511d78df7905a11a77117f845a8d70612b5d14e52f", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-71176"], "package": "pytest", "rule_id": "GHSA-6w46-j5rx-g56g", "scanner": "osv-scanner", "correlation_key": "vuln|pytest|CVE-2025-71176|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-r73j-pqj5-w3x7", "level": "warning", "message": {"text": "pillow: GHSA-r73j-pqj5-w3x7"}, "properties": {"repobilityId": 57944, "scanner": "osv-scanner", "fingerprint": "6f9a6229dcf75eb82e837597bbad57d37103d21a6f11e6122226789093f4786e", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42310", "CVE-2026-42310"], "package": "pillow", "rule_id": "GHSA-r73j-pqj5-w3x7", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42310|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-5xmw-vc9v-4wf2", "level": "warning", "message": {"text": "pillow: GHSA-5xmw-vc9v-4wf2"}, "properties": {"repobilityId": 57941, "scanner": "osv-scanner", "fingerprint": "0d466a3fdf1f56e9d206a19bf8ccd943ba2afa97dcef0b591b734c2b785dee1f", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42309", "CVE-2026-42309"], "package": "pillow", "rule_id": "GHSA-5xmw-vc9v-4wf2", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42309|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-mq84-hjqx-cwf2", "level": "warning", "message": {"text": "keras: GHSA-mq84-hjqx-cwf2"}, "properties": {"repobilityId": 57937, "scanner": "osv-scanner", "fingerprint": "2de12cdb8ab4d581284755a8de491efa3fc10f160afae50da9c562c5115601f0", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-12058", "GHSA-qg93-c7p6-gg7f"], "package": "keras", "rule_id": "GHSA-mq84-hjqx-cwf2", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2025-12058|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-65pc-fj4g-8rjx", "level": "warning", "message": {"text": "idna: GHSA-65pc-fj4g-8rjx"}, "properties": {"repobilityId": 57929, "scanner": "osv-scanner", "fingerprint": "3cb0e6e51097792f0802522bd5a1c534f3c96b9d90576d70a538075f8c4d5bb0", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-45409"], "package": "idna", "rule_id": "GHSA-65pc-fj4g-8rjx", "scanner": "osv-scanner", "correlation_key": "vuln|idna|CVE-2024-3651|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-768j-98cg-p3fv", "level": "warning", "message": {"text": "fonttools: GHSA-768j-98cg-p3fv"}, "properties": {"repobilityId": 57928, "scanner": "osv-scanner", "fingerprint": "d5daa5d33c028dd31a83529778ba4cd3aa82725a993d0cf11aced71bc76928e4", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-66034"], "package": "fonttools", "rule_id": "GHSA-768j-98cg-p3fv", "scanner": "osv-scanner", "correlation_key": "vuln|fonttools|CVE-2025-66034|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR007", "level": "warning", "message": {"text": "Docker build context has no .dockerignore"}, "properties": {"repobilityId": 57927, "scanner": "repobility-docker", "fingerprint": "c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44", "category": "docker", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Dockerfile exists but repository root has no .dockerignore.", "evidence": {"rule_id": "DKR007", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/"], "correlation_key": "fp|c98378cf8c37e4866e89d6ca06a24b7e8c44654aa34e6e4bf1367c4a4c0c5b44"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".dockerignore"}, "region": {"startLine": 1}}}]}, {"ruleId": "DKR001", "level": "warning", "message": {"text": "Docker final stage has no non-root USER"}, "properties": {"repobilityId": 57926, "scanner": "repobility-docker", "fingerprint": "1f9e5399de3fba9385ae2d8cbc7c9251f920cf56a7ed00bc1886b8e6369114b3", "category": "docker", "severity": "medium", "confidence": 0.82, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "No USER directive was found in the final runtime stage.", "evidence": {"rule_id": "DKR001", "scanner": "repobility-docker", "final_base": "mcr.microsoft.com/vscode/devcontainers/python:${VARIANT}", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html", "https://github.com/hadolint/hadolint"], "correlation_key": "fp|1f9e5399de3fba9385ae2d8cbc7c9251f920cf56a7ed00bc1886b8e6369114b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".devcontainer/Dockerfile"}, "region": {"startLine": 3}}}]}, {"ruleId": "SEC003", "level": "warning", "message": {"text": "[SEC003] Hardcoded Secret: Hardcoded secret key found in source code."}, "properties": {"repobilityId": 57924, "scanner": "repobility-threat-engine", "fingerprint": "d11fa7c5c68f7d1b86f1f7590e4f21f7998c23349685cc80278174d2e305b4ff", "category": "credential_exposure", "severity": "medium", "confidence": 0.3, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Low entropy value (2.6 bits) \u2014 may be placeholder or common string", "evidence": {"match": "secret_key = \"secretKey\"", "reason": "Low entropy value (2.6 bits) \u2014 may be placeholder or common string", "rule_id": "SEC003", "scanner": "repobility-threat-engine", "confidence": 0.3, "correlation_key": "secret|token|5|secret_key secretkey"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "web_programming/recaptcha_verification.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "SEC015", "level": "warning", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 57878, "scanner": "repobility-threat-engine", "fingerprint": "be75cf7c444ed593920a239d6718f8121d550b339120a3fa46019b2674d8bdf6", "category": "crypto", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "evidence": {"match": "def generate_public_key", "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|crypto|ciphers/diffie_hellman.py|225|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/diffie_hellman.py"}, "region": {"startLine": 225}}}]}, {"ruleId": "SEC015", "level": "warning", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 57877, "scanner": "repobility-threat-engine", "fingerprint": "cd64214b0a0ef0c7a68128c4e81e01e814107340fa1e291ae80d98745fa4ba58", "category": "crypto", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "evidence": {"match": "def generate_key", "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|crypto|ciphers/beaufort_cipher.py|14|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/beaufort_cipher.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "SEC015", "level": "warning", "message": {"text": "[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable."}, "properties": {"repobilityId": 57876, "scanner": "repobility-threat-engine", "fingerprint": "acc3baab67aa2cf2f944e15b880f6efe7df6db0cd6dfd9c26da63688980b7fb2", "category": "crypto", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "evidence": {"match": "key_b = random.randint", "reason": "Security-sensitive keyword found nearby \u2014 weak PRNG is risky here", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|crypto|ciphers/affine_cipher.py|79|sec015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/affine_cipher.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 57829, "scanner": "repobility-ast-engine", "fingerprint": "3453ebbbedcad82974f54e9ee8b71f5c0d8a92f4dabf6676a7aff79eab8fd193", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3453ebbbedcad82974f54e9ee8b71f5c0d8a92f4dabf6676a7aff79eab8fd193"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/hashing/tests/test_hash_map.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 57822, "scanner": "repobility-ast-engine", "fingerprint": "a3dfa440c7399684e5d7d86e2ed073c700110e05549922dc35de5e0d15c28305", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a3dfa440c7399684e5d7d86e2ed073c700110e05549922dc35de5e0d15c28305"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "physics/newtons_second_law_of_motion.py"}, "region": {"startLine": 77}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 57777, "scanner": "repobility-ast-engine", "fingerprint": "fc99a474a0e2e7ab60095c26bb82c24564bb366450dd7ce21b4fb706ea71914e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fc99a474a0e2e7ab60095c26bb82c24564bb366450dd7ce21b4fb706ea71914e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/enigma_machine.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "GHSA-5239-wwwm-4pmq", "level": "note", "message": {"text": "pygments: GHSA-5239-wwwm-4pmq"}, "properties": {"repobilityId": 57946, "scanner": "osv-scanner", "fingerprint": "db0fef0ab784fa7e288e01a475a731d75b5105247b655bdfac2babc124377da9", "category": "dependency", "severity": "low", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-4539"], "package": "pygments", "rule_id": "GHSA-5239-wwwm-4pmq", "scanner": "osv-scanner", "correlation_key": "vuln|pygments|CVE-2026-4539|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `is_valid` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, for=1, if=2, nested_bonus=4."}, "properties": {"repobilityId": 57869, "scanner": "repobility-threat-engine", "fingerprint": "48bf6468e35a98b99dc9ff9cf356864ea2647514fc7dd275e986d763c8994373", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "is_valid", "breakdown": {"if": 2, "for": 1, "elif": 1, "nested_bonus": 4}, "complexity": 8, "correlation_key": "fp|48bf6468e35a98b99dc9ff9cf356864ea2647514fc7dd275e986d763c8994373"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backtracking/crossword_puzzle_solver.py"}, "region": {"startLine": 4}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `backtrack` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: else=1, for=1, if=2, nested_bonus=3, recursion=1."}, "properties": {"repobilityId": 57867, "scanner": "repobility-threat-engine", "fingerprint": "05c291f40e21a703ba0538359d1fbd3085704b0b340291ecab932e77ceff1e68", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 8 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "backtrack", "breakdown": {"if": 2, "for": 1, "else": 1, "recursion": 1, "nested_bonus": 3}, "complexity": 8, "correlation_key": "fp|05c291f40e21a703ba0538359d1fbd3085704b0b340291ecab932e77ceff1e68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backtracking/combination_sum.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 57755, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a52a1aec3ac9424e41a749ea19a9eea73733aafe198427bd284704cbb8475f0c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "divide_and_conquer/heaps_algorithm.py", "duplicate_line": 11, "correlation_key": "fp|a52a1aec3ac9424e41a749ea19a9eea73733aafe198427bd284704cbb8475f0c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "divide_and_conquer/heaps_algorithm_iterative.py"}, "region": {"startLine": 11}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 57754, "scanner": "repobility-ai-code-hygiene", "fingerprint": "228ab6b6b668cf39df14e806caaa16b72f9028a236099a437e7b886077dcc641", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "digital_image_processing/morphological_operations/dilation_operation.py", "duplicate_line": 1, "correlation_key": "fp|228ab6b6b668cf39df14e806caaa16b72f9028a236099a437e7b886077dcc641"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "digital_image_processing/morphological_operations/erosion_operation.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 57753, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3a497b0125f98a9efc93d0ecef40c13b4aa5cf380b7610275b0630a906ea39e1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "data_structures/queues/queue_by_list.py", "duplicate_line": 37, "correlation_key": "fp|3a497b0125f98a9efc93d0ecef40c13b4aa5cf380b7610275b0630a906ea39e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/queues/queue_by_two_stacks.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 57752, "scanner": "repobility-ai-code-hygiene", "fingerprint": "89b59e0f388eacb5c56b446d4ddd9631139f4d75ff0fca1cc476e1e67b794b86", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "data_structures/linked_list/doubly_linked_list.py", "duplicate_line": 172, "correlation_key": "fp|89b59e0f388eacb5c56b446d4ddd9631139f4d75ff0fca1cc476e1e67b794b86"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/linked_list/singly_linked_list.py"}, "region": {"startLine": 341}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 57751, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6cf3eadd068b98ad28093ace4eedfe2600433a8853af16478237f2b4cf096512", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "data_compression/lempel_ziv.py", "duplicate_line": 7, "correlation_key": "fp|6cf3eadd068b98ad28093ace4eedfe2600433a8853af16478237f2b4cf096512"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_compression/lempel_ziv_decompress.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 57750, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9c78cc172cfd13e31ed2f2300bda1132d1365825774d613b7f8867d7e3403086", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "conversions/prefix_conversions.py", "duplicate_line": 6, "correlation_key": "fp|9c78cc172cfd13e31ed2f2300bda1132d1365825774d613b7f8867d7e3403086"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "conversions/prefix_conversions_string.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 57749, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fd36455c0a4ca3aa42a48cde0e16fed40491627c850d4a583f0eb86a3316c15d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "computer_vision/flip_augmentation.py", "duplicate_line": 32, "correlation_key": "fp|fd36455c0a4ca3aa42a48cde0e16fed40491627c850d4a583f0eb86a3316c15d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "computer_vision/mosaic_augmentation.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "DKR002", "level": "none", "message": {"text": "Dockerfile base image is selected through a build variable"}, "properties": {"repobilityId": 57925, "scanner": "repobility-docker", "fingerprint": "76eda08a6c729601ce3398da3104dfbdac5a26d24bda21e5e98829c0a953d4bc", "category": "docker", "severity": "info", "confidence": 0.48, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Base image contains a variable; manual review is needed to avoid false positives.", "evidence": {"image": "mcr.microsoft.com/vscode/devcontainers/python:${VARIANT}", "rule_id": "DKR002", "scanner": "repobility-docker", "references": ["https://docs.docker.com/develop/develop-images/dockerfile_best-practices/", "https://docs.docker.com/scout/policy/"], "correlation_key": "fp|76eda08a6c729601ce3398da3104dfbdac5a26d24bda21e5e98829c0a953d4bc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".devcontainer/Dockerfile"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED053", "level": "none", "message": {"text": "[MINED053] Placeholder Default Username: foo@bar.com / john.doe@example.com / admin/admin / changeme \u2014 typical AI placeholder credentials."}, "properties": {"repobilityId": 57921, "scanner": "repobility-threat-engine", "fingerprint": "26fac086d43513509ff652e4ce67c35d4af7377fa7887e947ab0deefaf6db2c1", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'test\\b' detected on same line", "evidence": {"mined": true, "mining": {"slug": "placeholder-default-username", "owasp": null, "cwe_ids": ["CWE-1392", "CWE-798"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348025+00:00", "triaged_in_corpus": 10, "observations_count": 456953, "ai_coder_pattern_id": 44}, "scanner": "repobility-threat-engine", "correlation_key": "fp|26fac086d43513509ff652e4ce67c35d4af7377fa7887e947ab0deefaf6db2c1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/is_valid_email_address.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED079", "level": "none", "message": {"text": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk."}, "properties": {"repobilityId": 57920, "scanner": "repobility-threat-engine", "fingerprint": "d5c0d1ad9eda54a9dfbd3be8134fae06910697c8cd0a4b0eb11aefcca3eff5ba", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "off-by-one-slice", "owasp": null, "cwe_ids": ["CWE-193"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348121+00:00", "triaged_in_corpus": 12, "observations_count": 6443, "ai_coder_pattern_id": 19}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d5c0d1ad9eda54a9dfbd3be8134fae06910697c8cd0a4b0eb11aefcca3eff5ba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/levenshtein_distance.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED079", "level": "none", "message": {"text": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk."}, "properties": {"repobilityId": 57919, "scanner": "repobility-threat-engine", "fingerprint": "af8b6f6f4c12fd2d8eda417effef69e880b258b8ca8706eeaac42e648b5a0aff", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "off-by-one-slice", "owasp": null, "cwe_ids": ["CWE-193"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348121+00:00", "triaged_in_corpus": 12, "observations_count": 6443, "ai_coder_pattern_id": 19}, "scanner": "repobility-threat-engine", "correlation_key": "fp|af8b6f6f4c12fd2d8eda417effef69e880b258b8ca8706eeaac42e648b5a0aff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/damerau_levenshtein_distance.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED079", "level": "none", "message": {"text": "[MINED079] Off By One Slice: range(len(x)+1), arr[i+1:i+n+1], or while i<=len(arr) \u2014 off-by-one risk."}, "properties": {"repobilityId": 57918, "scanner": "repobility-threat-engine", "fingerprint": "69d063af5b4a017b2feaf86a6448b5ca877d03135a1c0c6944a2ef91f6bac87c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "off-by-one-slice", "owasp": null, "cwe_ids": ["CWE-193"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348121+00:00", "triaged_in_corpus": 12, "observations_count": 6443, "ai_coder_pattern_id": 19}, "scanner": "repobility-threat-engine", "correlation_key": "fp|69d063af5b4a017b2feaf86a6448b5ca877d03135a1c0c6944a2ef91f6bac87c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sorts/iterative_merge_sort.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 57916, "scanner": "repobility-threat-engine", "fingerprint": "0d21ee8fa7d18633155d9f756b9c3040d637631f8a9c38ecaf2512e2faef4e94", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0d21ee8fa7d18633155d9f756b9c3040d637631f8a9c38ecaf2512e2faef4e94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "maths/allocation_number.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 57912, "scanner": "repobility-threat-engine", "fingerprint": "d2947c26cb9d7a449110696143d831144f17b900e9c79d164fdf340b300520a1", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d2947c26cb9d7a449110696143d831144f17b900e9c79d164fdf340b300520a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/stacks/stack.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 57911, "scanner": "repobility-threat-engine", "fingerprint": "45f9a186b4965ca371b3b02d161602475a7227e02d2b648b475387b35845bdd1", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|45f9a186b4965ca371b3b02d161602475a7227e02d2b648b475387b35845bdd1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/queues/priority_queue_using_list.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED072", "level": "none", "message": {"text": "[MINED072] Python Pass Only Class: class Foo: pass \u2014 stub waiting to be filled in."}, "properties": {"repobilityId": 57910, "scanner": "repobility-threat-engine", "fingerprint": "45c440a23e2dfbb3daac1ee74b7e982cf0d575836e25456a6b371ec680fcb265", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pass-only-class", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348069+00:00", "triaged_in_corpus": 10, "observations_count": 14245, "ai_coder_pattern_id": 143}, "scanner": "repobility-threat-engine", "correlation_key": "fp|45c440a23e2dfbb3daac1ee74b7e982cf0d575836e25456a6b371ec680fcb265"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/linked_list/has_loop.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 57909, "scanner": "repobility-threat-engine", "fingerprint": "3ed4a11ec48650075e843160edf55362aa121897a652d0286a1dc826dd94d954", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|3ed4a11ec48650075e843160edf55362aa121897a652d0286a1dc826dd94d954", "aggregated_count": 1}}}, {"ruleId": "MINED004", "level": "none", "message": {"text": "[MINED004] Weak Crypto (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 57902, "scanner": "repobility-threat-engine", "fingerprint": "a51fc5b757daa107ff993d54388f809af87b26cac35292629b20c635c24267fc", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|a51fc5b757daa107ff993d54388f809af87b26cac35292629b20c635c24267fc", "aggregated_count": 1}}}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields (and 9 more): Same pattern found in 9 additional files. Review if needed."}, "properties": {"repobilityId": 57898, "scanner": "repobility-threat-engine", "fingerprint": "686b7aaa514641d4f320121e895cb3507c66431db0d74ea12c6ac180de33f0c8", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 9 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|686b7aaa514641d4f320121e895cb3507c66431db0d74ea12c6ac180de33f0c8", "aggregated_count": 9}}}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 57897, "scanner": "repobility-threat-engine", "fingerprint": "8f4f3bd158a909c12f98eaaf22d64c628ea47d81343fe8f3512929bf0050e9a3", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8f4f3bd158a909c12f98eaaf22d64c628ea47d81343fe8f3512929bf0050e9a3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/binary_tree/serialize_deserialize_binary_tree.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 57896, "scanner": "repobility-threat-engine", "fingerprint": "110349e0c218378795dba17600bfc3e435ee84e1c852b4afde0a9506c1b7d7f8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|110349e0c218378795dba17600bfc3e435ee84e1c852b4afde0a9506c1b7d7f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/binary_tree/mirror_binary_tree.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED062", "level": "none", "message": {"text": "[MINED062] Python Dataclass No Fields: @dataclass over an empty class \u2014 unfinished model."}, "properties": {"repobilityId": 57895, "scanner": "repobility-threat-engine", "fingerprint": "5f107664e4b2467f40f474909007680599542a66d43bc8ffcea840b808f746f6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-dataclass-no-fields", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348046+00:00", "triaged_in_corpus": 10, "observations_count": 92448, "ai_coder_pattern_id": 144}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5f107664e4b2467f40f474909007680599542a66d43bc8ffcea840b808f746f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_compression/lz77.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 11 more): Same pattern found in 11 additional files. Review if needed."}, "properties": {"repobilityId": 57894, "scanner": "repobility-threat-engine", "fingerprint": "2a90f201efe0fa0c5dec20cc574f41ea779c24e8a2731e92a392ebdb37082c00", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 11 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 11 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|2a90f201efe0fa0c5dec20cc574f41ea779c24e8a2731e92a392ebdb37082c00"}}}, {"ruleId": "SEC013", "level": "none", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 57890, "scanner": "repobility-threat-engine", "fingerprint": "cf0fa57966ff874fffc921a07cba5bdb97333460e3807666e7f68fe460b50691", "category": "path_traversal", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|cf0fa57966ff874fffc921a07cba5bdb97333460e3807666e7f68fe460b50691"}}}, {"ruleId": "MINED047", "level": "none", "message": {"text": "[MINED047] Emoji In Source: Emoji \u2705 \u274c \ud83d\ude80 in code/comments \u2014 common AI output unless explicitly requested."}, "properties": {"repobilityId": 57886, "scanner": "repobility-threat-engine", "fingerprint": "9217a5d3ff21dd1d234942ef9103963173863fd1718b93853d3cbb1ea8ac2156", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "emoji-in-source", "owasp": null, "cwe_ids": [], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348010+00:00", "triaged_in_corpus": 9, "observations_count": 1468364, "ai_coder_pattern_id": 29}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9217a5d3ff21dd1d234942ef9103963173863fd1718b93853d3cbb1ea8ac2156"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/gronsfeld_cipher.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 57885, "scanner": "repobility-threat-engine", "fingerprint": "ffe0bb40951d1fe20325d6626515b6b3f5194cef1a3be6e6de11e9645a8d8a72", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|ffe0bb40951d1fe20325d6626515b6b3f5194cef1a3be6e6de11e9645a8d8a72", "aggregated_count": 1}}}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 57884, "scanner": "repobility-threat-engine", "fingerprint": "be2b27cef28b8f8e1ba71d2d204730bd5ad51876a9da22059e8ef8206829add2", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|be2b27cef28b8f8e1ba71d2d204730bd5ad51876a9da22059e8ef8206829add2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "other/password.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 57883, "scanner": "repobility-threat-engine", "fingerprint": "03b087d18d5c0ecb6312c00c700091dc12508c1d2f663b68ec472741899c5a85", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|03b087d18d5c0ecb6312c00c700091dc12508c1d2f663b68ec472741899c5a85"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/enigma_machine.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 57882, "scanner": "repobility-threat-engine", "fingerprint": "ed31a9830c62da7e53d545b8a00613bcee76c01f5ba8c344047bb9f9fa47cd6a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ed31a9830c62da7e53d545b8a00613bcee76c01f5ba8c344047bb9f9fa47cd6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/diffie.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 57881, "scanner": "repobility-threat-engine", "fingerprint": "6635e4f44f28fab94725c5b75abb5671851bcf02ce993e6ca6c3206a26db755b", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "print(\"Password generated:\", password_generator(length)", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|other/password.py|8|print password generated: password_generator length"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "other/password.py"}, "region": {"startLine": 88}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 57880, "scanner": "repobility-threat-engine", "fingerprint": "39d59a3cddae4f3f7fdbc5730fc26e07f72170f74ed6746be124413fd6715fe4", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "print(\"The key value generated by A is: \", a_secret)", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|ciphers/diffie.py|5|print the key value generated by a is: a_secret"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/diffie.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "SEC015", "level": "none", "message": {"text": "[SEC015] Insecure Randomness for Security (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 57879, "scanner": "repobility-threat-engine", "fingerprint": "e130211b74a08d1080b6cb546902b3a4312c21821463e53d99ea67f635ba5c2b", "category": "crypto", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC015", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|e130211b74a08d1080b6cb546902b3a4312c21821463e53d99ea67f635ba5c2b"}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 57875, "scanner": "repobility-threat-engine", "fingerprint": "eae1e8fab9889f0af0f21f1e9feee5af5bdf56bab4b240b20c25ac339c8e81f0", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|eae1e8fab9889f0af0f21f1e9feee5af5bdf56bab4b240b20c25ac339c8e81f0", "aggregated_count": 8}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 57874, "scanner": "repobility-threat-engine", "fingerprint": "177b41d3fb30f9e76c4645d237267bfe58a532dcd161a400b5b6fa4e6c780256", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|177b41d3fb30f9e76c4645d237267bfe58a532dcd161a400b5b6fa4e6c780256"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "computer_vision/horn_schunck.py"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 57873, "scanner": "repobility-threat-engine", "fingerprint": "b0b9c85526efdac0661691f3cc293bfb767e61f57512268ec3a832b000b0ed3e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b0b9c85526efdac0661691f3cc293bfb767e61f57512268ec3a832b000b0ed3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/fractionated_morse_cipher.py"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 57872, "scanner": "repobility-threat-engine", "fingerprint": "0a091b255d3407aa2dcfce84d4e89cd9a6ddb0c9c25e8670984b2ec54eafacbc", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0a091b255d3407aa2dcfce84d4e89cd9a6ddb0c9c25e8670984b2ec54eafacbc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/a1z26.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 359 more): Same pattern found in 359 additional files. Review if needed."}, "properties": {"repobilityId": 57870, "scanner": "repobility-threat-engine", "fingerprint": "b128b8d92cc40086daff5a7817f33080feb95f32bd448ec8879d9bd68e256f94", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 359 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "backtrack", "breakdown": {"if": 2, "for": 1, "else": 1, "recursion": 1, "nested_bonus": 3}, "aggregated": true, "complexity": 8, "correlation_key": "fp|b128b8d92cc40086daff5a7817f33080feb95f32bd448ec8879d9bd68e256f94", "aggregated_count": 359}}}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call (and 156 more): Same pattern found in 156 additional files. Review if needed."}, "properties": {"repobilityId": 57866, "scanner": "repobility-threat-engine", "fingerprint": "4c5b95073d84bdee488695f77b119239332797de6481a7958cfa96bbad74b083", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 156 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|4c5b95073d84bdee488695f77b119239332797de6481a7958cfa96bbad74b083", "aggregated_count": 156}}}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 57865, "scanner": "repobility-threat-engine", "fingerprint": "bc057e4cbd616848ae7f734f83e53fc1dffbb064e7775870e87f429b125b8448", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bc057e4cbd616848ae7f734f83e53fc1dffbb064e7775870e87f429b125b8448"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cellular_automata/one_dimensional.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 57864, "scanner": "repobility-threat-engine", "fingerprint": "cacdbb249430a0609058d333eb497bc15783594d553acac5679190958272a765", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cacdbb249430a0609058d333eb497bc15783594d553acac5679190958272a765"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "boolean_algebra/quine_mc_cluskey.py"}, "region": {"startLine": 140}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 57863, "scanner": "repobility-threat-engine", "fingerprint": "78fb225c5796f4cd1f21af863e50b066690735082f3ccae47c364c5091d2e1b5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|78fb225c5796f4cd1f21af863e50b066690735082f3ccae47c364c5091d2e1b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backtracking/all_permutations.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 318 more): Same pattern found in 318 additional files. Review if needed."}, "properties": {"repobilityId": 57862, "scanner": "repobility-threat-engine", "fingerprint": "2beb048974ee37a5c6b17961e003c4417c56ed02bdbb69ebbc2ed28184016720", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 318 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|2beb048974ee37a5c6b17961e003c4417c56ed02bdbb69ebbc2ed28184016720", "aggregated_count": 318}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 57861, "scanner": "repobility-threat-engine", "fingerprint": "8a0376c7a9b60f5cdee7718e6e43ae3755538a00048a635f3ddc4d1d29c4d272", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8a0376c7a9b60f5cdee7718e6e43ae3755538a00048a635f3ddc4d1d29c4d272"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backtracking/knight_tour.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 57860, "scanner": "repobility-threat-engine", "fingerprint": "985a6581ff8c8798654ac3c22eef9ed3771937e9fb7ae270e0669618320cbcdd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|985a6581ff8c8798654ac3c22eef9ed3771937e9fb7ae270e0669618320cbcdd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backtracking/combination_sum.py"}, "region": {"startLine": 49}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 57859, "scanner": "repobility-threat-engine", "fingerprint": "d5ecff91afab929d969d91102cd66746abeb101a8437b8e13806a34b2d8a77f8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d5ecff91afab929d969d91102cd66746abeb101a8437b8e13806a34b2d8a77f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backtracking/all_combinations.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "GHSA-gm62-xv2j-4w53", "level": "error", "message": {"text": "urllib3: GHSA-gm62-xv2j-4w53"}, "properties": {"repobilityId": 57954, "scanner": "osv-scanner", "fingerprint": "90d2dab6c7696851417f64b6b694544f6475f3b87570ebe7d7d274b6833a39fb", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-66418"], "package": "urllib3", "rule_id": "GHSA-gm62-xv2j-4w53", "scanner": "osv-scanner", "correlation_key": "vuln|urllib3|CVE-2025-66418|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-38jv-5279-wg99", "level": "error", "message": {"text": "urllib3: GHSA-38jv-5279-wg99"}, "properties": {"repobilityId": 57952, "scanner": "osv-scanner", "fingerprint": "9849195c9b28418fdaea055af72e73abc5720794d7ced4292b75a84c952a823d", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-21441"], "package": "urllib3", "rule_id": "GHSA-38jv-5279-wg99", "scanner": "osv-scanner", "correlation_key": "vuln|urllib3|CVE-2026-21441|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-2xpw-w6gg-jr37", "level": "error", "message": {"text": "urllib3: GHSA-2xpw-w6gg-jr37"}, "properties": {"repobilityId": 57951, "scanner": "osv-scanner", "fingerprint": "af2758d7ff7965761ee75797c370b108b1da9526b5d6d412e519026ea7b3287c", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-66471"], "package": "urllib3", "rule_id": "GHSA-2xpw-w6gg-jr37", "scanner": "osv-scanner", "correlation_key": "vuln|urllib3|CVE-2025-66471|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-141", "level": "error", "message": {"text": "urllib3: PYSEC-2026-141"}, "properties": {"repobilityId": 57950, "scanner": "osv-scanner", "fingerprint": "202e502152aa0eef57a4c3f3a01e648d30977c8aa06b2acc05a839706b0597b4", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2026-44431", "GHSA-qccp-gfcp-xxvc"], "package": "urllib3", "rule_id": "PYSEC-2026-141", "scanner": "osv-scanner", "correlation_key": "vuln|urllib3|CVE-2026-44431|uv.lock", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-qccp-gfcp-xxvc", "PYSEC-2026-141"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["202e502152aa0eef57a4c3f3a01e648d30977c8aa06b2acc05a839706b0597b4", "b78af741547635e5ed59316b870c20991733a249d6cd722bd682d0d24fc35efa"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-whj4-6x5x-4v2j", "level": "error", "message": {"text": "pillow: GHSA-whj4-6x5x-4v2j"}, "properties": {"repobilityId": 57945, "scanner": "osv-scanner", "fingerprint": "98044dac30eb4ba02f691bd7b7e748512c82462965771e96cd6fa3bf8175d1f2", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-40192", "CVE-2026-40192"], "package": "pillow", "rule_id": "GHSA-whj4-6x5x-4v2j", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-40192|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-pwv6-vv43-88gr", "level": "error", "message": {"text": "pillow: GHSA-pwv6-vv43-88gr"}, "properties": {"repobilityId": 57943, "scanner": "osv-scanner", "fingerprint": "6f5bdd8aaea89083f4f330bfda4f9458df94198bdaab2b182c15b51c2ef87dd9", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42311", "CVE-2026-42311"], "package": "pillow", "rule_id": "GHSA-pwv6-vv43-88gr", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42311|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-cfh3-3jmp-rvhc", "level": "error", "message": {"text": "pillow: GHSA-cfh3-3jmp-rvhc"}, "properties": {"repobilityId": 57942, "scanner": "osv-scanner", "fingerprint": "05ed8dc5a08e164aa683f9c02787585f96d683af9205418cbf1c22b19b7db128", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-25990", "CVE-2026-25990"], "package": "pillow", "rule_id": "GHSA-cfh3-3jmp-rvhc", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-25990|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-165", "level": "error", "message": {"text": "pillow: PYSEC-2026-165"}, "properties": {"repobilityId": 57940, "scanner": "osv-scanner", "fingerprint": "6d4525df4fe1593a56084817586ae0b65d5078f84b3ec5e34d3552946d99a8f2", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42308", "CVE-2026-42308", "GHSA-wjx4-4jcj-g98j"], "package": "pillow", "rule_id": "PYSEC-2026-165", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42308|uv.lock", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-wjx4-4jcj-g98j", "PYSEC-2026-165"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["6d4525df4fe1593a56084817586ae0b65d5078f84b3ec5e34d3552946d99a8f2", "e0b065066fc0d3bedf3e2aa7710014dbc6ec7eaa30b9f9c568fe3b4f37d00126"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2025-61", "level": "error", "message": {"text": "pillow: PYSEC-2025-61"}, "properties": {"repobilityId": 57939, "scanner": "osv-scanner", "fingerprint": "f5f0cfb16468ffb22064f677ad8759b42da1654ca62d5ced63d8a92ca305099d", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["BIT-pillow-2025-48379", "CVE-2025-48379", "GHSA-xg8h-j46f-w952"], "package": "pillow", "rule_id": "PYSEC-2025-61", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2025-48379|uv.lock", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-xg8h-j46f-w952", "PYSEC-2025-61"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["2d25fa57bd20d70216bd83d4fd6e8605461cdae904b94cce9e6db4d050419238", "f5f0cfb16468ffb22064f677ad8759b42da1654ca62d5ced63d8a92ca305099d"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-87", "level": "error", "message": {"text": "lxml: PYSEC-2026-87"}, "properties": {"repobilityId": 57938, "scanner": "osv-scanner", "fingerprint": "322a0865961b7021953b8ee180fbf247bf8e2b60187d5e62bdd8dfec70ee3b9e", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2026-41066", "GHSA-vfmq-68hx-4jfw"], "package": "lxml", "rule_id": "PYSEC-2026-87", "scanner": "osv-scanner", "correlation_key": "vuln|lxml|CVE-2026-41066|uv.lock", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-vfmq-68hx-4jfw", "PYSEC-2026-87"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["322a0865961b7021953b8ee180fbf247bf8e2b60187d5e62bdd8dfec70ee3b9e", "a39e439da8b77d5626d2bdaac15590d6e196e63e46d419f0293dad26fd229392"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-hjqc-jx6g-rwp9", "level": "error", "message": {"text": "keras: GHSA-hjqc-jx6g-rwp9"}, "properties": {"repobilityId": 57936, "scanner": "osv-scanner", "fingerprint": "088fa54ce64e3d6ca0f95b3f7371a9fc78dde9c980b395769a63263429ab8b76", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-12060"], "package": "keras", "rule_id": "GHSA-hjqc-jx6g-rwp9", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2025-12060|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-c9rc-mg46-23w3", "level": "error", "message": {"text": "keras: GHSA-c9rc-mg46-23w3"}, "properties": {"repobilityId": 57935, "scanner": "osv-scanner", "fingerprint": "b5dbb1731852cdb1f5520808dd94053d22c5c0becc77f161831a76f1817e0033", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-8747", "PYSEC-2025-75"], "package": "keras", "rule_id": "GHSA-c9rc-mg46-23w3", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2025-1550|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-4f3f-g24h-fr8m", "level": "error", "message": {"text": "keras: GHSA-4f3f-g24h-fr8m"}, "properties": {"repobilityId": 57934, "scanner": "osv-scanner", "fingerprint": "4024308f4a2a14af94aabb69f95db7364cef59b402ec8d6f25e78902725cd35b", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-1462"], "package": "keras", "rule_id": "GHSA-4f3f-g24h-fr8m", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2026-1462|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-3m4q-jmj6-r34q", "level": "error", "message": {"text": "keras: GHSA-3m4q-jmj6-r34q"}, "properties": {"repobilityId": 57933, "scanner": "osv-scanner", "fingerprint": "32e8d1baa519e141d5603f807cae03b9917099b8c72b67d12abae6cd38b5335b", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-1669"], "package": "keras", "rule_id": "GHSA-3m4q-jmj6-r34q", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2026-1669|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-36fq-jgmw-4r9c", "level": "error", "message": {"text": "keras: GHSA-36fq-jgmw-4r9c"}, "properties": {"repobilityId": 57932, "scanner": "osv-scanner", "fingerprint": "fc9bec20762753781782811f49e77c92ed129f86b46c4194cc82b8e8f0c7c351", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-9906", "PYSEC-2025-76"], "package": "keras", "rule_id": "GHSA-36fq-jgmw-4r9c", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2025-9906|uv.lock"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-73", "level": "error", "message": {"text": "keras: PYSEC-2026-73"}, "properties": {"repobilityId": 57931, "scanner": "osv-scanner", "fingerprint": "e93689d4dfaa8397182fd7f83c5601ea0bce96351f9eae793d237d749effe760", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2026-0897", "GHSA-mgx6-5cf9-rr43"], "package": "keras", "rule_id": "PYSEC-2026-73", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2026-0897|uv.lock", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-mgx6-5cf9-rr43", "PYSEC-2026-73"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["e93689d4dfaa8397182fd7f83c5601ea0bce96351f9eae793d237d749effe760", "fb01d210966582dbb5de834e6f77da1e698a1f422b145bccd3e68168ef555702"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2025-123", "level": "error", "message": {"text": "keras: PYSEC-2025-123"}, "properties": {"repobilityId": 57930, "scanner": "osv-scanner", "fingerprint": "5d42b1b51dcb2407e8776ba09ca37288f2c01d1a0dcb7ed98d9d9ad689de0ed3", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2025-9905", "GHSA-36rr-ww3j-vrjv"], "package": "keras", "rule_id": "PYSEC-2025-123", "scanner": "osv-scanner", "correlation_key": "vuln|keras|CVE-2025-9905|uv.lock", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-36rr-ww3j-vrjv", "PYSEC-2025-123"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["5d42b1b51dcb2407e8776ba09ca37288f2c01d1a0dcb7ed98d9d9ad689de0ed3", "f27d23d66a0fdc2457078cb9fc824f590af4d0b6ade3ef49e868d8cb0b9fb240"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uv.lock"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 57923, "scanner": "repobility-threat-engine", "fingerprint": "2a916940d8e13988d263a8ff55e55a4402a5b4560c6118dc281ffdaa6ad940ec", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(s", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|2a916940d8e13988d263a8ff55e55a4402a5b4560c6118dc281ffdaa6ad940ec"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "web_programming/instagram_crawler.py"}, "region": {"startLine": 98}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 57922, "scanner": "repobility-threat-engine", "fingerprint": "c9229436e8b69ed3fd4a90b207a7759ba9981eac4cdecf56ac14c8e3ced641b1", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "url(u", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c9229436e8b69ed3fd4a90b207a7759ba9981eac4cdecf56ac14c8e3ced641b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "web_programming/emails_from_url.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "SEC032", "level": "error", "message": {"text": "[SEC032] Unrestricted File Upload \u2014 no extension/MIME validation: File upload accepts the user's filename without validating extension, content-type, or magic bytes. Attackers upload `.php`, `.jsp`, or executable files to a web-served directory, then visit the URL to trigger RCE. CWE-434. Examples: Apache Struts (CVE-2017-9805), countless WordPress plugin RCEs."}, "properties": {"repobilityId": 57917, "scanner": "repobility-threat-engine", "fingerprint": "9a03e383ed4359633ea3bf5851c37e50c43d76ad0e388c83b766fb16f06c3eca", "category": "file_upload", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "open(self.filename)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC032", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9a03e383ed4359633ea3bf5851c37e50c43d76ad0e388c83b766fb16f06c3eca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sorts/external_sort.py"}, "region": {"startLine": 28}}}]}, {"ruleId": "SEC078", "level": "error", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 57915, "scanner": "repobility-threat-engine", "fingerprint": "4a9ef9e4718aa417c4850d9c108afa1eb65ea5b6bc02eba0dd47862fec973b09", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|4a9ef9e4718aa417c4850d9c108afa1eb65ea5b6bc02eba0dd47862fec973b09"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "maths/allocation_number.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 57914, "scanner": "repobility-threat-engine", "fingerprint": "98f47142bd499c0d335fee249fd8029b49d6299afddae2f94df22d00f26418f0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|98f47142bd499c0d335fee249fd8029b49d6299afddae2f94df22d00f26418f0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "web_programming/currency_converter.py"}, "region": {"startLine": 179}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 57913, "scanner": "repobility-threat-engine", "fingerprint": "acd0883648ea34a31c9b64802d61ca464b31be766cb0cdfd449c1a3fb1250746", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|acd0883648ea34a31c9b64802d61ca464b31be766cb0cdfd449c1a3fb1250746"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "financial/price_plus_tax.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 57908, "scanner": "repobility-threat-engine", "fingerprint": "0efd3949f7ceb203a09eef97ea387b3163c8c44efc77c139f57d8a70b612ec69", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0efd3949f7ceb203a09eef97ea387b3163c8c44efc77c139f57d8a70b612ec69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/stacks/stack.py"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 57907, "scanner": "repobility-threat-engine", "fingerprint": "d06254b2624fd45e4cae996bae6e9c81a022cdfef1f8475a0e0901550ce36ce3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d06254b2624fd45e4cae996bae6e9c81a022cdfef1f8475a0e0901550ce36ce3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/queues/priority_queue_using_list.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 57906, "scanner": "repobility-threat-engine", "fingerprint": "64c13bc06ec28f514a964cfae7ffa932e277112c0f2b0e60d0696af144d389c7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|64c13bc06ec28f514a964cfae7ffa932e277112c0f2b0e60d0696af144d389c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/linked_list/has_loop.py"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED026", "level": "error", "message": {"text": "[MINED026] Fake Verification: assert True, expect(1).toBe(1), or other tautology used to fake passing tests."}, "properties": {"repobilityId": 57905, "scanner": "repobility-threat-engine", "fingerprint": "159ef0a68132d30b929678c9302e1970fd88e8df0cc29ccebe2adf18e4dbdac4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "fake-verification", "owasp": null, "cwe_ids": ["CWE-1126"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347959+00:00", "triaged_in_corpus": 15, "observations_count": 29905, "ai_coder_pattern_id": 5}, "scanner": "repobility-threat-engine", "correlation_key": "fp|159ef0a68132d30b929678c9302e1970fd88e8df0cc29ccebe2adf18e4dbdac4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/stacks/stack.py"}, "region": {"startLine": 175}}}]}, {"ruleId": "MINED026", "level": "error", "message": {"text": "[MINED026] Fake Verification: assert True, expect(1).toBe(1), or other tautology used to fake passing tests."}, "properties": {"repobilityId": 57904, "scanner": "repobility-threat-engine", "fingerprint": "53d3f8d9d0126d32582ce3fbbcf8e4ccd6e9ba4f0045f553eb67e78e8fe164f8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "fake-verification", "owasp": null, "cwe_ids": ["CWE-1126"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347959+00:00", "triaged_in_corpus": 15, "observations_count": 29905, "ai_coder_pattern_id": 5}, "scanner": "repobility-threat-engine", "correlation_key": "fp|53d3f8d9d0126d32582ce3fbbcf8e4ccd6e9ba4f0045f553eb67e78e8fe164f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/linked_list/doubly_linked_list.py"}, "region": {"startLine": 203}}}]}, {"ruleId": "MINED026", "level": "error", "message": {"text": "[MINED026] Fake Verification: assert True, expect(1).toBe(1), or other tautology used to fake passing tests."}, "properties": {"repobilityId": 57903, "scanner": "repobility-threat-engine", "fingerprint": "9da5d815e33621cb9523c654bb02e9f7b4a80513199de441e609b128c409220a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "fake-verification", "owasp": null, "cwe_ids": ["CWE-1126"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347959+00:00", "triaged_in_corpus": 15, "observations_count": 29905, "ai_coder_pattern_id": 5}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9da5d815e33621cb9523c654bb02e9f7b4a80513199de441e609b128c409220a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/linked_list/circular_linked_list.py"}, "region": {"startLine": 165}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 57901, "scanner": "repobility-threat-engine", "fingerprint": "d9003e68958aec9dd66a7db5e26532a53aca7bcae981890c067ba889f96ee9e0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d9003e68958aec9dd66a7db5e26532a53aca7bcae981890c067ba889f96ee9e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha1.py"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 57900, "scanner": "repobility-threat-engine", "fingerprint": "6f4c6b3f36afde7183db63960c7fda794c2c31f40265fdd9edfbd91f846e11c1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6f4c6b3f36afde7183db63960c7fda794c2c31f40265fdd9edfbd91f846e11c1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/md5.py"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED004", "level": "error", "message": {"text": "[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums)."}, "properties": {"repobilityId": 57899, "scanner": "repobility-threat-engine", "fingerprint": "5a6a986aaf10bf557c5c5f6c70039b7c1d04d95f4d338801f73882d548e745ab", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "weak-crypto", "owasp": "A02:2021", "cwe_ids": ["CWE-327"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347906+00:00", "triaged_in_corpus": 15, "observations_count": 303181, "ai_coder_pattern_id": 13}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5a6a986aaf10bf557c5c5f6c70039b7c1d04d95f4d338801f73882d548e745ab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/hashing/bloom_filter.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 57893, "scanner": "repobility-threat-engine", "fingerprint": "d5bd3964ab597f340e0d71d613e212c3d01b5ff5baea0d17fefb5d3c95ad5bdb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "segt.update(1, 1, size, 1, 3, 111)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d5bd3964ab597f340e0d71d613e212c3d01b5ff5baea0d17fefb5d3c95ad5bdb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/binary_tree/lazy_segment_tree.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 57892, "scanner": "repobility-threat-engine", "fingerprint": "8307ec6f358def4d2b8293c061441cfc2cc7d29ee7566e50b368aafb5a581630", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "image.save(\"output_image_path\")", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8307ec6f358def4d2b8293c061441cfc2cc7d29ee7566e50b368aafb5a581630"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "computer_vision/mean_threshold.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 57891, "scanner": "repobility-threat-engine", "fingerprint": "acb54f6610b2f3dca167d0a4e066a6d0cbaffce76cde74d648af7f0a0ad5fee9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "classifier.save(\"cnn.h5\")", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|acb54f6610b2f3dca167d0a4e066a6d0cbaffce76cde74d648af7f0a0ad5fee9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "computer_vision/cnn_classification.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 57889, "scanner": "repobility-threat-engine", "fingerprint": "9ca0c1998705e8fc9d91584499cfac81b851fb3f36619618f0a23a7741810c83", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(args.input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|hashes/sha1.py|157|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha1.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 57888, "scanner": "repobility-threat-engine", "fingerprint": "a0fbb9fa55026cb52605165e271770675079974fc6938eadc1fb369d31d5f63d", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "os.path.join(os.path.basename(__file__), \"image_data/input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|token|60|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "digital_image_processing/histogram_equalization/histogram_stretch.py"}, "region": {"startLine": 60}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 57887, "scanner": "repobility-threat-engine", "fingerprint": "6af0ed5ad89f90076403df41fa48a47a79c83f8e1bc06ac533693443a5ae7ad0", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|token|25|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/transposition_cipher_encrypt_decrypt_file.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED006", "level": "error", "message": {"text": "[MINED006] Overcatch Baseexception: except BaseException: ... \u2014 prevents Ctrl+C and SystemExit from working."}, "properties": {"repobilityId": 57871, "scanner": "repobility-threat-engine", "fingerprint": "6eca25eca5c9dff904d2ba99aaab09a130ba920f6f4604fb76ee54b2909661e4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "overcatch-baseexception", "owasp": null, "cwe_ids": ["CWE-705"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347911+00:00", "triaged_in_corpus": 15, "observations_count": 230624, "ai_coder_pattern_id": 8}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6eca25eca5c9dff904d2ba99aaab09a130ba920f6f4604fb76ee54b2909661e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cellular_automata/game_of_life.py"}, "region": {"startLine": 127}}}]}, {"ruleId": "COMP001", "level": "error", "message": {"text": "[COMP001] High cognitive complexity: Function `solve_crossword` has cognitive complexity 28 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: for=4, if=3, nested_bonus=21."}, "properties": {"repobilityId": 57868, "scanner": "repobility-threat-engine", "fingerprint": "f6dfb2aa6b306205f655c7b29959ae7fc246021b6a46f8d31ae59e77ebf18716", "category": "quality", "severity": "high", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 28 (severity threshold for high: 25+).", "evidence": {"scanner": "repobility-threat-engine", "function": "solve_crossword", "breakdown": {"if": 3, "for": 4, "nested_bonus": 21}, "complexity": 28, "correlation_key": "fp|f6dfb2aa6b306205f655c7b29959ae7fc246021b6a46f8d31ae59e77ebf18716"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "backtracking/crossword_puzzle_solver.py"}, "region": {"startLine": 82}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57858, "scanner": "repobility-supply-chain", "fingerprint": "f5d5528d42de5b81d4fe958c52a84087d9fc08f58e3dcb075cb606d48f66eddb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f5d5528d42de5b81d4fe958c52a84087d9fc08f58e3dcb075cb606d48f66eddb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 57857, "scanner": "repobility-supply-chain", "fingerprint": "480ce803939bdc7582aa857508203b498f113de3485eec63f57bd2c1e5295a36", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|480ce803939bdc7582aa857508203b498f113de3485eec63f57bd2c1e5295a36"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build.yml"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57856, "scanner": "repobility-supply-chain", "fingerprint": "00c07926e073d41e15316ce616b88d389222c2c1c1d9b7dad1daea754dddbba3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|00c07926e073d41e15316ce616b88d389222c2c1c1d9b7dad1daea754dddbba3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/build.yml"}, "region": {"startLine": 13}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/deploy-pages` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 57855, "scanner": "repobility-supply-chain", "fingerprint": "b4371309895d836f52f3e1637685a918e04d2e2a4046da9cb0fcd4bfe8b497a6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b4371309895d836f52f3e1637685a918e04d2e2a4046da9cb0fcd4bfe8b497a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sphinx.yml"}, "region": {"startLine": 56}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-pages-artifact` pinned to mutable ref `@v5`"}, "properties": {"repobilityId": 57854, "scanner": "repobility-supply-chain", "fingerprint": "6f3e9628c9ba7745c43d1e1af188cee180ccaa1d9589d8eed1ea6941df753574", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6f3e9628c9ba7745c43d1e1af188cee180ccaa1d9589d8eed1ea6941df753574"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sphinx.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/configure-pages` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57853, "scanner": "repobility-supply-chain", "fingerprint": "e4c6cac21d407f8b85220a64206ef4c55494f5511ca69190325eeaff506f966c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e4c6cac21d407f8b85220a64206ef4c55494f5511ca69190325eeaff506f966c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sphinx.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57852, "scanner": "repobility-supply-chain", "fingerprint": "246ad86181315e3e34465f3fbbe57655f4f3fd5dbf45c46153f56a93ad86b0d4", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|246ad86181315e3e34465f3fbbe57655f4f3fd5dbf45c46153f56a93ad86b0d4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sphinx.yml"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 57851, "scanner": "repobility-supply-chain", "fingerprint": "533bb7c9b2310d34579dfab09c9072ab8d4aafed9ac364652b68921c39006f26", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|533bb7c9b2310d34579dfab09c9072ab8d4aafed9ac364652b68921c39006f26"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sphinx.yml"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57850, "scanner": "repobility-supply-chain", "fingerprint": "0849bb289ba0d47acbf47ce59ee195b502a85cf43d89c34677f6a50b09c2a408", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0849bb289ba0d47acbf47ce59ee195b502a85cf43d89c34677f6a50b09c2a408"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/sphinx.yml"}, "region": {"startLine": 35}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57849, "scanner": "repobility-supply-chain", "fingerprint": "71bc9207e9b80fc83fabea307c965e6c5907d0f1845176e32806a01cfeaa0446", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|71bc9207e9b80fc83fabea307c965e6c5907d0f1845176e32806a01cfeaa0446"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/directory_writer.yml"}, "region": {"startLine": 12}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57848, "scanner": "repobility-supply-chain", "fingerprint": "9672d80d783efd80821df29a3b49d49b79bec81373ee54c9f8f07199380f55d8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9672d80d783efd80821df29a3b49d49b79bec81373ee54c9f8f07199380f55d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/directory_writer.yml"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 57847, "scanner": "repobility-supply-chain", "fingerprint": "4efe6cf1da7db2d36ce5a18acaf6570ac9a31ddf33c883eb35971c96e75763c8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4efe6cf1da7db2d36ce5a18acaf6570ac9a31ddf33c883eb35971c96e75763c8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ruff.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57846, "scanner": "repobility-supply-chain", "fingerprint": "1c6752727f933a16ed7a21fc960679e48a5888e2c24704bb1165244c5a0b2c5e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1c6752727f933a16ed7a21fc960679e48a5888e2c24704bb1165244c5a0b2c5e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/ruff.yml"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57845, "scanner": "repobility-supply-chain", "fingerprint": "a6ada09339ce41f25df1105de2b2ae6c20076cd77033b96b3acdfb60892659b8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a6ada09339ce41f25df1105de2b2ae6c20076cd77033b96b3acdfb60892659b8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/project_euler.yml"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 57844, "scanner": "repobility-supply-chain", "fingerprint": "44c704264abbfc1114a7d77747d287f1555bc7fba17ece72c7e5c98eeb6361af", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|44c704264abbfc1114a7d77747d287f1555bc7fba17ece72c7e5c98eeb6361af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/project_euler.yml"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57843, "scanner": "repobility-supply-chain", "fingerprint": "d4a16c5ba4c846c1e2a319adf2124129f7698ddf43c59695c7917e2baf9b10e3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d4a16c5ba4c846c1e2a319adf2124129f7698ddf43c59695c7917e2baf9b10e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/project_euler.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57842, "scanner": "repobility-supply-chain", "fingerprint": "53428673c7fd0407950ec44c9948f08644294fecaad1abd77d9d9a33397b54e5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|53428673c7fd0407950ec44c9948f08644294fecaad1abd77d9d9a33397b54e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/project_euler.yml"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 57841, "scanner": "repobility-supply-chain", "fingerprint": "5c120df85c61b89115a90588700e43e7c5da4b7813b6b5f66f9f4fefb31f8f84", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5c120df85c61b89115a90588700e43e7c5da4b7813b6b5f66f9f4fefb31f8f84"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/project_euler.yml"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57840, "scanner": "repobility-supply-chain", "fingerprint": "a113553dd0380f3b3ebd98d2de984bafda5df15666cc89a33260034ae66d6a48", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a113553dd0380f3b3ebd98d2de984bafda5df15666cc89a33260034ae66d6a48"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/project_euler.yml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `devcontainers/ci` pinned to mutable ref `@v0.3`"}, "properties": {"repobilityId": 57839, "scanner": "repobility-supply-chain", "fingerprint": "0aa47781f488f7e45b24d303e74e68f6bd0e54f22640aaa9a35b6fb7e92c21ef", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0aa47781f488f7e45b24d303e74e68f6bd0e54f22640aaa9a35b6fb7e92c21ef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/devcontainer_ci.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 57838, "scanner": "repobility-supply-chain", "fingerprint": "1d4686fa742c4a32f3f3faf104496608fcd9e25862217b1732a2c51bf8b0b206", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1d4686fa742c4a32f3f3faf104496608fcd9e25862217b1732a2c51bf8b0b206"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/devcontainer_ci.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED118", "level": "error", "message": {"text": "Dockerfile FROM `mcr.microsoft.com/vscode/devcontainers/python (no tag)` not pinned by digest"}, "properties": {"repobilityId": 57837, "scanner": "repobility-supply-chain", "fingerprint": "bc821518e707f15e0c1324730f126b4929956cb79f0d4529d04f4e96d7a5e74d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "docker-from-unpinned", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["dockerfile"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bc821518e707f15e0c1324730f126b4929956cb79f0d4529d04f4e96d7a5e74d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".devcontainer/Dockerfile"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/mirrors-prettier` pinned to mutable rev `v4.0.0-alpha.8`"}, "properties": {"repobilityId": 57836, "scanner": "repobility-supply-chain", "fingerprint": "10e426ac77bd0da6945d24bc86145ffbbffb8df21d3b5484efb1608590af2819", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|10e426ac77bd0da6945d24bc86145ffbbffb8df21d3b5484efb1608590af2819"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/abravalheri/validate-pyproject` pinned to mutable rev `v0.25`"}, "properties": {"repobilityId": 57835, "scanner": "repobility-supply-chain", "fingerprint": "0d60668af58113374a3f1d79a9ee0d3e37f2de29ab401e38896f31ccd126b482", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0d60668af58113374a3f1d79a9ee0d3e37f2de29ab401e38896f31ccd126b482"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 46}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/tox-dev/pyproject-fmt` pinned to mutable rev `v2.23.0`"}, "properties": {"repobilityId": 57834, "scanner": "repobility-supply-chain", "fingerprint": "b2549857e2ee8783f364c81ec07e4e6a4cf37373595fbdaa6a87276b3a77292e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b2549857e2ee8783f364c81ec07e4e6a4cf37373595fbdaa6a87276b3a77292e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/codespell-project/codespell` pinned to mutable rev `v2.4.2`"}, "properties": {"repobilityId": 57833, "scanner": "repobility-supply-chain", "fingerprint": "f6149fef3cf49eefb4c228964cce58b17aadaf0bfdedc45b4f2e3700fc5b3933", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f6149fef3cf49eefb4c228964cce58b17aadaf0bfdedc45b4f2e3700fc5b3933"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/astral-sh/ruff-pre-commit` pinned to mutable rev `v0.15.15`"}, "properties": {"repobilityId": 57832, "scanner": "repobility-supply-chain", "fingerprint": "23f6c1dd4f49a39cea042bd31d83e9bb836d18a3d57a7f13897630a063e495b0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|23f6c1dd4f49a39cea042bd31d83e9bb836d18a3d57a7f13897630a063e495b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/MarcoGorelli/auto-walrus` pinned to mutable rev `0.4.1`"}, "properties": {"repobilityId": 57831, "scanner": "repobility-supply-chain", "fingerprint": "b22c1571b79ac468e89eba63a030be2cf677902fbbadac877221ab775409f775", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b22c1571b79ac468e89eba63a030be2cf677902fbbadac877221ab775409f775"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v6.0.0`"}, "properties": {"repobilityId": 57830, "scanner": "repobility-supply-chain", "fingerprint": "0a1d0117b5ae7bcda5c43a01a1e89419e3cc2dcf0b49e02b03856dcead7aa7fd", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0a1d0117b5ae7bcda5c43a01a1e89419e3cc2dcf0b49e02b03856dcead7aa7fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_vertex_exception_check"}, "properties": {"repobilityId": 57821, "scanner": "repobility-ast-engine", "fingerprint": "dfca317ffaa729205bca21d1eb371882fcad0366de92b23b0a61f5ec3280f3f6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dfca317ffaa729205bca21d1eb371882fcad0366de92b23b0a61f5ec3280f3f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 521}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_and_remove_edges_repeatedly"}, "properties": {"repobilityId": 57820, "scanner": "repobility-ast-engine", "fingerprint": "41117df563c7b383f9295830d8463ed39292b5118cd598389f06adc4404d2b3d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|41117df563c7b383f9295830d8463ed39292b5118cd598389f06adc4404d2b3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 487}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_remove_edge"}, "properties": {"repobilityId": 57819, "scanner": "repobility-ast-engine", "fingerprint": "06cd1adba1c05086a9caed78955dea04b8bdb69df2c697d5350523fa68407271", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|06cd1adba1c05086a9caed78955dea04b8bdb69df2c697d5350523fa68407271"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 467}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_edge"}, "properties": {"repobilityId": 57818, "scanner": "repobility-ast-engine", "fingerprint": "ac138349041eb8cad79d071210d0e570d71d5325ca2a295be58f949ee6d9e616", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac138349041eb8cad79d071210d0e570d71d5325ca2a295be58f949ee6d9e616"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 446}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_contains_edge"}, "properties": {"repobilityId": 57817, "scanner": "repobility-ast-engine", "fingerprint": "42d08010da6fe732b50fe2fed6c8d7cd93cd24b573387c614c71b412ee0d2e28", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|42d08010da6fe732b50fe2fed6c8d7cd93cd24b573387c614c71b412ee0d2e28"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 412}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_and_remove_vertices_repeatedly"}, "properties": {"repobilityId": 57816, "scanner": "repobility-ast-engine", "fingerprint": "e2975b03cb515da3a2928619d485a82cc0426e740e18a1d41e3695e330d9891b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e2975b03cb515da3a2928619d485a82cc0426e740e18a1d41e3695e330d9891b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 375}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_remove_vertices"}, "properties": {"repobilityId": 57815, "scanner": "repobility-ast-engine", "fingerprint": "1ef7ada8e709919d3cdaea2b5f55e5e9d90bcc454027ef4b0a54b537237f8b75", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1ef7ada8e709919d3cdaea2b5f55e5e9d90bcc454027ef4b0a54b537237f8b75"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 351}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_vertices"}, "properties": {"repobilityId": 57814, "scanner": "repobility-ast-engine", "fingerprint": "644bab1523499033cf90411d084589fc9ad713277b5c53848ecca9ca650ed119", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|644bab1523499033cf90411d084589fc9ad713277b5c53848ecca9ca650ed119"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_matrix.py"}, "region": {"startLine": 327}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_contains_edge_exception_check"}, "properties": {"repobilityId": 57809, "scanner": "repobility-ast-engine", "fingerprint": "31d0012c711bd642f371e1a7ae21069c29c7cd7d57a916ec0862e199be27f65f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|31d0012c711bd642f371e1a7ae21069c29c7cd7d57a916ec0862e199be27f65f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 576}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_remove_edge_exception_check"}, "properties": {"repobilityId": 57808, "scanner": "repobility-ast-engine", "fingerprint": "fbe551b87668c8201064d7bdb2b293a50f834b0e1d0962afed705204c3024082", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fbe551b87668c8201064d7bdb2b293a50f834b0e1d0962afed705204c3024082"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 552}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_edge_exception_check"}, "properties": {"repobilityId": 57807, "scanner": "repobility-ast-engine", "fingerprint": "b33a9f8cb5b55ae882d76f50739b36d7b3714df21a0c00a83d17dc6bfb1256c3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b33a9f8cb5b55ae882d76f50739b36d7b3714df21a0c00a83d17dc6bfb1256c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 538}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_remove_vertex_exception_check"}, "properties": {"repobilityId": 57806, "scanner": "repobility-ast-engine", "fingerprint": "2a06d89c4f772b4938f527845f95b812c581320c9e627b68481338ced276f70c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a06d89c4f772b4938f527845f95b812c581320c9e627b68481338ced276f70c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 523}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_vertex_exception_check"}, "properties": {"repobilityId": 57805, "scanner": "repobility-ast-engine", "fingerprint": "f9341b40cb039d038a69d36de8aa113950f09b3831b45651216c659839555587", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f9341b40cb039d038a69d36de8aa113950f09b3831b45651216c659839555587"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 509}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_and_remove_edges_repeatedly"}, "properties": {"repobilityId": 57804, "scanner": "repobility-ast-engine", "fingerprint": "464bfcfd234f04cc372c3f17f0652205dcbed3bb661fe2645dd194073a4fbb7e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|464bfcfd234f04cc372c3f17f0652205dcbed3bb661fe2645dd194073a4fbb7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 475}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_remove_edge"}, "properties": {"repobilityId": 57803, "scanner": "repobility-ast-engine", "fingerprint": "da4a17597e49f2fa064731447ba4e190233f0233a0eec1e3aa75aaebcfc639d5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|da4a17597e49f2fa064731447ba4e190233f0233a0eec1e3aa75aaebcfc639d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 455}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_edge"}, "properties": {"repobilityId": 57802, "scanner": "repobility-ast-engine", "fingerprint": "b1f302ba6e00d8e3f1634ed47d6971396891305c5c912bead8187e59d7db3fdb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b1f302ba6e00d8e3f1634ed47d6971396891305c5c912bead8187e59d7db3fdb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 434}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_contains_edge"}, "properties": {"repobilityId": 57801, "scanner": "repobility-ast-engine", "fingerprint": "d01b08ef76969e7c8da0a3b85d1f8d4e844150c9bd42e836ef2a8e4ad2c46a98", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d01b08ef76969e7c8da0a3b85d1f8d4e844150c9bd42e836ef2a8e4ad2c46a98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 400}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_and_remove_vertices_repeatedly"}, "properties": {"repobilityId": 57800, "scanner": "repobility-ast-engine", "fingerprint": "aec735c51aa9ebbee6407a49fe79de66b9d6d87ad9639853a4c6e0095d97594e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aec735c51aa9ebbee6407a49fe79de66b9d6d87ad9639853a4c6e0095d97594e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 363}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_remove_vertices"}, "properties": {"repobilityId": 57799, "scanner": "repobility-ast-engine", "fingerprint": "08f40813e9e4aa7d19bc1c1eff890f544ffa29efe60a5407f640a5226eb7ef65", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|08f40813e9e4aa7d19bc1c1eff890f544ffa29efe60a5407f640a5226eb7ef65"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 339}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_add_vertices"}, "properties": {"repobilityId": 57798, "scanner": "repobility-ast-engine", "fingerprint": "38340e3ea7c782572a482014b3390678f09c20eb4fa9154c0641c570b4617b94", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|38340e3ea7c782572a482014b3390678f09c20eb4fa9154c0641c570b4617b94"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/graph_adjacency_list.py"}, "region": {"startLine": 315}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_vector"}, "properties": {"repobilityId": 57796, "scanner": "repobility-ast-engine", "fingerprint": "15f659653f15cf29f4e9c3bedda847651d9eed9b3dbde09bf548136a4ecace78", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|15f659653f15cf29f4e9c3bedda847651d9eed9b3dbde09bf548136a4ecace78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/prim.py"}, "region": {"startLine": 118}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_vector"}, "properties": {"repobilityId": 57794, "scanner": "repobility-ast-engine", "fingerprint": "48796b0cfca65eba2bfdbd5a2354c5505f67d23b2a0cf5a21b65fd96f23c2170", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|48796b0cfca65eba2bfdbd5a2354c5505f67d23b2a0cf5a21b65fd96f23c2170"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/boruvka.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_greedy"}, "properties": {"repobilityId": 57788, "scanner": "repobility-ast-engine", "fingerprint": "394926c7fbd5bb8680f97c17c2beff6157f432306b6ad4477da50e762d00c37b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|394926c7fbd5bb8680f97c17c2beff6157f432306b6ad4477da50e762d00c37b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "other/greedy.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_running_key_encrypt"}, "properties": {"repobilityId": 57786, "scanner": "repobility-ast-engine", "fingerprint": "1f250680d3daebe95a95495b78a3c206693feef1dea12abf9fd897bbada24b89", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1f250680d3daebe95a95495b78a3c206693feef1dea12abf9fd897bbada24b89"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/running_key_cipher.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_end_to_end"}, "properties": {"repobilityId": 57785, "scanner": "repobility-ast-engine", "fingerprint": "dca215a29c4d82da71e4cbc7a4312ef9a94b02da1eb66afe220ae7bccf6277bd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dca215a29c4d82da71e4cbc7a4312ef9a94b02da1eb66afe220ae7bccf6277bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ciphers/shuffled_shift_cipher.py"}, "region": {"startLine": 172}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.ror` used but never assigned in __init__"}, "properties": {"repobilityId": 57784, "scanner": "repobility-ast-engine", "fingerprint": "8c04238fa03aa8c047e1f9520db4b6367d29b0526cb48d24b1e9f097da395d56", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8c04238fa03aa8c047e1f9520db4b6367d29b0526cb48d24b1e9f097da395d56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha256.py"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.ror` used but never assigned in __init__"}, "properties": {"repobilityId": 57783, "scanner": "repobility-ast-engine", "fingerprint": "7e3196d01e98f2c640f8c90edccfebfe1f298127f88c49dd470f972a2592c0bf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7e3196d01e98f2c640f8c90edccfebfe1f298127f88c49dd470f972a2592c0bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha256.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.ror` used but never assigned in __init__"}, "properties": {"repobilityId": 57782, "scanner": "repobility-ast-engine", "fingerprint": "7cae27ff0b46c79835140cb741d95f644a0a6f457cfa0a1f9519ef430a3af06f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7cae27ff0b46c79835140cb741d95f644a0a6f457cfa0a1f9519ef430a3af06f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha256.py"}, "region": {"startLine": 165}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.ror` used but never assigned in __init__"}, "properties": {"repobilityId": 57781, "scanner": "repobility-ast-engine", "fingerprint": "25fc295519a37e69932db9579042c382aa58c294b7f73ede061b662784327b05", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|25fc295519a37e69932db9579042c382aa58c294b7f73ede061b662784327b05"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha256.py"}, "region": {"startLine": 160}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.hash` used but never assigned in __init__"}, "properties": {"repobilityId": 57780, "scanner": "repobility-ast-engine", "fingerprint": "c3981a53672700bcbd711b0a2a721faf8109d12f3e579bae73c28a8f24e37708", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c3981a53672700bcbd711b0a2a721faf8109d12f3e579bae73c28a8f24e37708"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha256.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.blocks` used but never assigned in __init__"}, "properties": {"repobilityId": 57779, "scanner": "repobility-ast-engine", "fingerprint": "79a1961bceed776a2417baf9a954d9afbd5d333d13dbadefbe350044abe21e17", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|79a1961bceed776a2417baf9a954d9afbd5d333d13dbadefbe350044abe21e17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha256.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.blocks` used but never assigned in __init__"}, "properties": {"repobilityId": 57778, "scanner": "repobility-ast-engine", "fingerprint": "3bb8dae99638e6bc409c2a6413e32602e2b0544efc22ba53d2d7d5d0723c66f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3bb8dae99638e6bc409c2a6413e32602e2b0544efc22ba53d2d7d5d0723c66f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "hashes/sha256.py"}, "region": {"startLine": 128}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.membership` used but never assigned in __init__"}, "properties": {"repobilityId": 57776, "scanner": "repobility-ast-engine", "fingerprint": "d6d9465cd34bdfba881047357fe08dc72c2704c2ae04337d72792134c056f4ff", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d6d9465cd34bdfba881047357fe08dc72c2704c2ae04337d72792134c056f4ff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "fuzzy_logic/fuzzy_operations.py"}, "region": {"startLine": 164}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.text` used but never assigned in __init__"}, "properties": {"repobilityId": 57775, "scanner": "repobility-ast-engine", "fingerprint": "818c72713fce64ee3fa6e04c083ac4477c7ee581d569157050cb3aaff1836326", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|818c72713fce64ee3fa6e04c083ac4477c7ee581d569157050cb3aaff1836326"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 94}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.match_in_pattern` used but never assigned in __init__"}, "properties": {"repobilityId": 57774, "scanner": "repobility-ast-engine", "fingerprint": "f744ff41da240a016a623df3fcfcf3ae5fc82e4d965e67564796226b568314e1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f744ff41da240a016a623df3fcfcf3ae5fc82e4d965e67564796226b568314e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 94}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.patLen` used but never assigned in __init__"}, "properties": {"repobilityId": 57773, "scanner": "repobility-ast-engine", "fingerprint": "7a9132156e9bfc9fa1d314d214e018b4b0c180fcfad53005a58989ac99231250", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7a9132156e9bfc9fa1d314d214e018b4b0c180fcfad53005a58989ac99231250"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.textLen` used but never assigned in __init__"}, "properties": {"repobilityId": 57772, "scanner": "repobility-ast-engine", "fingerprint": "d2d95c461c8f66aeab72acb156aee80a7f0436c7be74d5a5a188df40db7c6b2a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2d95c461c8f66aeab72acb156aee80a7f0436c7be74d5a5a188df40db7c6b2a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.mismatch_in_text` used but never assigned in __init__"}, "properties": {"repobilityId": 57771, "scanner": "repobility-ast-engine", "fingerprint": "b89d1feeca869f2ca8a39b4cfc5a2e0d2b9cec43d89f85ec008a85410e7e1d32", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b89d1feeca869f2ca8a39b4cfc5a2e0d2b9cec43d89f85ec008a85410e7e1d32"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 90}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.text` used but never assigned in __init__"}, "properties": {"repobilityId": 57770, "scanner": "repobility-ast-engine", "fingerprint": "a9c61c1e1ea9db7a9669b24cf4ea07d5bde4f651c6dcaa1a79cd904817fb8d72", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a9c61c1e1ea9db7a9669b24cf4ea07d5bde4f651c6dcaa1a79cd904817fb8d72"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.pattern` used but never assigned in __init__"}, "properties": {"repobilityId": 57769, "scanner": "repobility-ast-engine", "fingerprint": "9dacfaa12957638797749fa52636d36808ba19c1efac236b989165b86d2f3068", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9dacfaa12957638797749fa52636d36808ba19c1efac236b989165b86d2f3068"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.patLen` used but never assigned in __init__"}, "properties": {"repobilityId": 57768, "scanner": "repobility-ast-engine", "fingerprint": "12e95aed37bcc27ed5c8d8f58b0925bbbb0759f100b17a1bb53e7c338f77446a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|12e95aed37bcc27ed5c8d8f58b0925bbbb0759f100b17a1bb53e7c338f77446a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.pattern` used but never assigned in __init__"}, "properties": {"repobilityId": 57767, "scanner": "repobility-ast-engine", "fingerprint": "b3d75dd4ce69012da51dba17d8e9bba1f279f6d2f644e0f5a07b6075d09b57c6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b3d75dd4ce69012da51dba17d8e9bba1f279f6d2f644e0f5a07b6075d09b57c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.patLen` used but never assigned in __init__"}, "properties": {"repobilityId": 57766, "scanner": "repobility-ast-engine", "fingerprint": "dcf6bcb2483f95208548db2781bcf68f125c8eb6318082d0abea7c4ae87b9f13", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dcf6bcb2483f95208548db2781bcf68f125c8eb6318082d0abea7c4ae87b9f13"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/boyer_moore_search.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._elements` used but never assigned in __init__"}, "properties": {"repobilityId": 57765, "scanner": "repobility-ast-engine", "fingerprint": "33108bc368593d47495fddc6239679799b9ce89e4fdd7e60baeb9010d6f015d5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|33108bc368593d47495fddc6239679799b9ce89e4fdd7e60baeb9010d6f015d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/autocomplete_using_trie.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._elements` used but never assigned in __init__"}, "properties": {"repobilityId": 57764, "scanner": "repobility-ast-engine", "fingerprint": "fd310b43104ebb190621f54a0d5639697881f11e8f8a82a4a4f02051197d0a82", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fd310b43104ebb190621f54a0d5639697881f11e8f8a82a4a4f02051197d0a82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/autocomplete_using_trie.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.find_next_state` used but never assigned in __init__"}, "properties": {"repobilityId": 57763, "scanner": "repobility-ast-engine", "fingerprint": "66e701799c26d2d53b9a440205b6eae150dcf35cd8278522bba90899e4ca3bd0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|66e701799c26d2d53b9a440205b6eae150dcf35cd8278522bba90899e4ca3bd0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/aho_corasick.py"}, "region": {"startLine": 77}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.find_next_state` used but never assigned in __init__"}, "properties": {"repobilityId": 57762, "scanner": "repobility-ast-engine", "fingerprint": "cb420e5dc9fed30cce6a6feb36b9b61f434c8a1fe4b5e89d6f7900ca36758660", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cb420e5dc9fed30cce6a6feb36b9b61f434c8a1fe4b5e89d6f7900ca36758660"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/aho_corasick.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.find_next_state` used but never assigned in __init__"}, "properties": {"repobilityId": 57761, "scanner": "repobility-ast-engine", "fingerprint": "9c888af707705e99070425d05569e9e063682f09b1fa371a0756a4c011c2e9b3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9c888af707705e99070425d05569e9e063682f09b1fa371a0756a4c011c2e9b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/aho_corasick.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.find_next_state` used but never assigned in __init__"}, "properties": {"repobilityId": 57760, "scanner": "repobility-ast-engine", "fingerprint": "4a6216f563a50b54a5c0b0811f9144b92ceb3d3d38faeea1286aa430931e6dc4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4a6216f563a50b54a5c0b0811f9144b92ceb3d3d38faeea1286aa430931e6dc4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/aho_corasick.py"}, "region": {"startLine": 57}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.find_next_state` used but never assigned in __init__"}, "properties": {"repobilityId": 57759, "scanner": "repobility-ast-engine", "fingerprint": "5f1d42930b22b7074927afe79d150f0cfa4e393f5aa7a31c2c09820eb2dfe30c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f1d42930b22b7074927afe79d150f0cfa4e393f5aa7a31c2c09820eb2dfe30c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/aho_corasick.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57828, "scanner": "repobility-ast-engine", "fingerprint": "e2ed1650bd42b194988262502c05fa554f1cf17e2a411b59227f1b3bf49d8380", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e2ed1650bd42b194988262502c05fa554f1cf17e2a411b59227f1b3bf49d8380"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/queues/priority_queue_using_list.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57827, "scanner": "repobility-ast-engine", "fingerprint": "3ca531a743e0248dc6d4a1fb2983487c817e77d079078e954b6b9907ce6ce102", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3ca531a743e0248dc6d4a1fb2983487c817e77d079078e954b6b9907ce6ce102"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/binary_tree/diff_views_of_binary_tree.py"}, "region": {"startLine": 138}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57826, "scanner": "repobility-ast-engine", "fingerprint": "344caf9fd6426f9741e13136a958a198423d648e74eccc1b721c7d962a2974dd", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|344caf9fd6426f9741e13136a958a198423d648e74eccc1b721c7d962a2974dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "data_structures/binary_tree/segment_tree_other.py"}, "region": {"startLine": 207}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57825, "scanner": "repobility-ast-engine", "fingerprint": "1b0e30dc0b474f124d65f01a1ab0257390e59c95311e8abccf8ce8ba06e32769", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1b0e30dc0b474f124d65f01a1ab0257390e59c95311e8abccf8ce8ba06e32769"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "networking_flow/ford_fulkerson.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57824, "scanner": "repobility-ast-engine", "fingerprint": "c4c2c2caf7fe797b8386f493199e5b7dcfd7b98d19228e6250ed3546974d7ae7", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c4c2c2caf7fe797b8386f493199e5b7dcfd7b98d19228e6250ed3546974d7ae7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "networking_flow/minimum_cut.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `html` used but not imported"}, "properties": {"repobilityId": 57823, "scanner": "repobility-ast-engine", "fingerprint": "3728689b79d9e931a65b1f76991c4e826cd739a3c06b4b6615e99b09cfef6107", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3728689b79d9e931a65b1f76991c4e826cd739a3c06b4b6615e99b09cfef6107"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "web_programming/download_images_from_google_query.py"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `string` used but not imported"}, "properties": {"repobilityId": 57813, "scanner": "repobility-ast-engine", "fingerprint": "7f629ad7d428f721126193f6ac0796076a4e24f86377dbf0ce81e5b511761420", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7f629ad7d428f721126193f6ac0796076a4e24f86377dbf0ce81e5b511761420"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/minimum_spanning_tree_boruvka.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57812, "scanner": "repobility-ast-engine", "fingerprint": "0f5f06556b3df12ddf78eb3d1b69d24ed88623ea04ed869e099616a2a2142df8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0f5f06556b3df12ddf78eb3d1b69d24ed88623ea04ed869e099616a2a2142df8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/breadth_first_search_zero_one_shortest_path.py"}, "region": {"startLine": 115}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57811, "scanner": "repobility-ast-engine", "fingerprint": "59f73addeadf6dbde8c676e55b9d7827ac88db9f021c6066718ba327980385e8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|59f73addeadf6dbde8c676e55b9d7827ac88db9f021c6066718ba327980385e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/kahns_algorithm_topo.py"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57810, "scanner": "repobility-ast-engine", "fingerprint": "a231bb2f31606d93717cd4800ad315a38edfa290c3adc37773697c0682cb4823", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a231bb2f31606d93717cd4800ad315a38edfa290c3adc37773697c0682cb4823"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/bidirectional_search.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57797, "scanner": "repobility-ast-engine", "fingerprint": "9778db527cc8487c59a70fa9661126ef80cbd8c3e35c249dbac54cd5422eacfc", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9778db527cc8487c59a70fa9661126ef80cbd8c3e35c249dbac54cd5422eacfc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/bi_directional_dijkstra.py"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57795, "scanner": "repobility-ast-engine", "fingerprint": "467a50793429025bcba8009b51763403600b2a70e114567fcbbe01c6b300dcb0", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|467a50793429025bcba8009b51763403600b2a70e114567fcbbe01c6b300dcb0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/breadth_first_search.py"}, "region": {"startLine": 61}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57793, "scanner": "repobility-ast-engine", "fingerprint": "6db513ec2eb3f86fcbfc7dc4ae7fa015f7d31c46d872d7ee02e6bccb758fcfbb", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6db513ec2eb3f86fcbfc7dc4ae7fa015f7d31c46d872d7ee02e6bccb758fcfbb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/kahns_algorithm_long.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57792, "scanner": "repobility-ast-engine", "fingerprint": "b21c041498dd510de949bcf4e2a92389e3fb35bdcbd1e0f8e48300f67e8d6479", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b21c041498dd510de949bcf4e2a92389e3fb35bdcbd1e0f8e48300f67e8d6479"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/breadth_first_search_shortest_path.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57791, "scanner": "repobility-ast-engine", "fingerprint": "1da2965745de9390892bfef7c9311cddeac787ad4303c8e2429fe50a0a5be82f", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1da2965745de9390892bfef7c9311cddeac787ad4303c8e2429fe50a0a5be82f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/breadth_first_search_2.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57790, "scanner": "repobility-ast-engine", "fingerprint": "7084b4ce71ac8c7faf943310f1fc0f7b87256117da61f3f3b49dee5bd44305a1", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7084b4ce71ac8c7faf943310f1fc0f7b87256117da61f3f3b49dee5bd44305a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/breadth_first_search_shortest_path_2.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 57789, "scanner": "repobility-ast-engine", "fingerprint": "ff9405479c95f234faf0b68bad61cac56bc3e118e9c1aa4bfa6a8fe3c9207b68", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ff9405479c95f234faf0b68bad61cac56bc3e118e9c1aa4bfa6a8fe3c9207b68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "graphs/check_bipatrite.py"}, "region": {"startLine": 139}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `array` used but not imported"}, "properties": {"repobilityId": 57787, "scanner": "repobility-ast-engine", "fingerprint": "e7cff32824a7a8dd734b58c78f0fb752ec376640e983e84dafc39beeb8f78f6a", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e7cff32824a7a8dd734b58c78f0fb752ec376640e983e84dafc39beeb8f78f6a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "other/number_container_system.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `email` used but not imported"}, "properties": {"repobilityId": 57758, "scanner": "repobility-ast-engine", "fingerprint": "c7c39d3a09b0bd460b980b58c71c9b7e1c73d5dc8c2b18b36e20666de399a784", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c7c39d3a09b0bd460b980b58c71c9b7e1c73d5dc8c2b18b36e20666de399a784"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/is_valid_email_address.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `string` used but not imported"}, "properties": {"repobilityId": 57757, "scanner": "repobility-ast-engine", "fingerprint": "48ec565c0c1f0db56f97964a907f12009814fb123c548b9cfe6034da8e97e66e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|48ec565c0c1f0db56f97964a907f12009814fb123c548b9cfe6034da8e97e66e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/min_cost_string_conversion.py"}, "region": {"startLine": 149}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `string` used but not imported"}, "properties": {"repobilityId": 57756, "scanner": "repobility-ast-engine", "fingerprint": "1bd5fb4db1963965691c8caf46d676a398b989d08284f6b51531b5f8c2790941", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1bd5fb4db1963965691c8caf46d676a398b989d08284f6b51531b5f8c2790941"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "strings/is_isogram.py"}, "region": {"startLine": 22}}}]}]}]}