{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "CORE_NO_CI", "name": "No CI/CD configuration found", "shortDescription": {"text": "No CI/CD configuration found"}, "fullDescription": {"text": "Add a CI/CD pipeline: create .github/workflows/ci.yml for GitHub Actions with steps to lint, test, and build on every push and pull request."}, "properties": {"scanner": "repobility-core", "category": "practices", "severity": "medium", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "QA001", "name": "[QA001] No Tests Found: No test files or test directories found.", "shortDescription": {"text": "[QA001] No Tests Found: No test files or test directories found."}, "fullDescription": {"text": "Add unit tests. Start with critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility", "category": "testing", "severity": "medium", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_CI", "name": "No CI/CD configuration found", "shortDescription": {"text": "No CI/CD configuration found"}, "fullDescription": {"text": "Add a CI/CD pipeline: create .github/workflows/ci.yml for GitHub Actions with steps to lint, test, and build on every push and pull request."}, "properties": {"scanner": "repobility", "category": "practices", "severity": "medium", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `update_orientation` has cognitive complexity 12 (SonarSource scale). Cogn", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `update_orientation` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recu"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 12."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_LICENSE", "name": "No LICENSE file", "shortDescription": {"text": "No LICENSE file"}, "fullDescription": {"text": "Add a LICENSE file to your repository. Use choosealicense.com to pick the right license (MIT for permissive, Apache 2.0 for patent protection, GPL for copyleft)."}, "properties": {"scanner": "repobility-core", "category": "documentation", "severity": "low", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "QA002", "name": "[QA002] No CI/CD Configuration: No CI/CD pipeline found. Note: some CI systems (Gitea Actions, Drone) may be configured ", "shortDescription": {"text": "[QA002] No CI/CD Configuration: No CI/CD pipeline found. Note: some CI systems (Gitea Actions, Drone) may be configured externally."}, "fullDescription": {"text": "Add GitHub Actions, GitLab CI, or similar."}, "properties": {"scanner": "repobility", "category": "practices", "severity": "low", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_LICENSE", "name": "No LICENSE file", "shortDescription": {"text": "No LICENSE file"}, "fullDescription": {"text": "Add a LICENSE file to your repository. Use choosealicense.com to pick the right license (MIT for permissive, Apache 2.0 for patent protection, GPL for copyleft)."}, "properties": {"scanner": "repobility", "category": "documentation", "severity": "low", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "QA003", "name": "[QA003] No LICENSE File: No license file found. Others cannot legally use or contribute to this code.", "shortDescription": {"text": "[QA003] No LICENSE File: No license file found. Others cannot legally use or contribute to this code."}, "fullDescription": {"text": "Add a LICENSE file. Use choosealicense.com to pick the right one."}, "properties": {"scanner": "repobility", "category": "documentation", "severity": "info", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/13"}, "properties": {"repository": "jezen/is-thirteen", "repoUrl": "https://github.com/jezen/is-thirteen", "branch": "master"}, "results": [{"ruleId": "CORE_NO_CI", "level": "warning", "message": {"text": "No CI/CD configuration found"}, "properties": {"repobilityId": 3761, "scanner": "repobility-core", "fingerprint": "ca5da3551af97272c4f099fc472740148135a15816b81b90bd862e8f91ec66ce", "category": "practices", "severity": "medium", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_CI", "scanner": "repobility-core", "correlation_key": "repo|practices|core_no_ci"}}}, {"ruleId": "QA001", "level": "warning", "message": {"text": "[QA001] No Tests Found: No test files or test directories found."}, "properties": {"repobilityId": 1160, "scanner": "repobility", "fingerprint": "be028542411e0ec312e12d2f50c11c24019b2976e2d4ab2f349dbb0805b2af21", "category": "testing", "severity": "medium", "confidence": null, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "No test files or standard test directories detected", "evidence": {}}}, {"ruleId": "CORE_NO_CI", "level": "warning", "message": {"text": "No CI/CD configuration found"}, "properties": {"repobilityId": 1159, "scanner": "repobility", "fingerprint": "a32c1a70db101787faa12d0b464c454fac4eda94d9635330c0aafab94ad0025f", "category": "practices", "severity": "medium", "confidence": null, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {}}}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `update_orientation` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: if=5, nested_bonus=7."}, "properties": {"repobilityId": 42134, "scanner": "repobility-threat-engine", "fingerprint": "84e1cec0c9fd30086789d0e4529f1d7fbb592ee75f3a84e8254d149b91ba5176", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 12 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "update_orientation", "breakdown": {"if": 5, "nested_bonus": 7}, "complexity": 12, "correlation_key": "fp|84e1cec0c9fd30086789d0e4529f1d7fbb592ee75f3a84e8254d149b91ba5176"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Deep13_Image_Classifier/Deep13.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "CORE_NO_LICENSE", "level": "note", "message": {"text": "No LICENSE file"}, "properties": {"repobilityId": 3760, "scanner": "repobility-core", "fingerprint": "9314e9238cd99885865b92490d1aaa96ca62b1390c9377878d5f3d99227e1c3c", "category": "documentation", "severity": "low", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_LICENSE", "scanner": "repobility-core", "correlation_key": "repo|documentation|core_no_license"}}}, {"ruleId": "QA002", "level": "note", "message": {"text": "[QA002] No CI/CD Configuration: No CI/CD pipeline found. Note: some CI systems (Gitea Actions, Drone) may be configured externally."}, "properties": {"repobilityId": 1161, "scanner": "repobility", "fingerprint": "40585ee1ee112f949b34e55e68a3e84102f978dc6172e8e31dd501bbf93145a9", "category": "practices", "severity": "low", "confidence": null, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "No standard CI config files found \u2014 CI may be configured externally", "evidence": {}}}, {"ruleId": "CORE_NO_LICENSE", "level": "note", "message": {"text": "No LICENSE file"}, "properties": {"repobilityId": 1158, "scanner": "repobility", "fingerprint": "3df0e2549464b2489053834d0e70ec040a26201a0e2a5b39b2a168fae93ee262", "category": "documentation", "severity": "low", "confidence": null, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 42135, "scanner": "repobility-threat-engine", "fingerprint": "dc182042b31e222180edcc7c708e4cb5d936bee247234af7e30b13d07a4c72ea", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|dc182042b31e222180edcc7c708e4cb5d936bee247234af7e30b13d07a4c72ea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "consts.js"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 42133, "scanner": "repobility-threat-engine", "fingerprint": "5e68a3ecaf4b9fc2ec2437a41cf352ebb97fe58a37a3ab50a333048afe677e98", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'test\\b' detected on same line", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5e68a3ecaf4b9fc2ec2437a41cf352ebb97fe58a37a3ab50a333048afe677e98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Deep13_Image_Classifier/Deep13.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "QA003", "level": "none", "message": {"text": "[QA003] No LICENSE File: No license file found. Others cannot legally use or contribute to this code."}, "properties": {"repobilityId": 1162, "scanner": "repobility", "fingerprint": "1f11837f77d3a1acc9f5c85a589323e47956f412c13f5c7d1c03153ba7e4ed2b", "category": "documentation", "severity": "info", "confidence": null, "triageState": "fixed", "verdict": "confirmed", "isResolved": true, "reason": "No LICENSE file in repository root", "evidence": {}}}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 3759, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 1157, "scanner": "repobility", "fingerprint": "c0fd07c57880ff3ddc2207c562f846fba34028fad3c8ac3a333df1b705cffd65", "category": "testing", "severity": "high", "confidence": null, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {}}}]}]}