{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "WEB003", "name": "Public web service has no security.txt", "shortDescription": {"text": "Public web service has no security.txt"}, "fullDescription": {"text": "Add /.well-known/security.txt with Contact, Expires, Canonical, Preferred-Languages, and Policy fields. Keep the contact endpoint monitored."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "WEB015", "name": "Public web app has no Content Security Policy", "shortDescription": {"text": "Public web app has no Content Security Policy"}, "fullDescription": {"text": "Add a Content-Security-Policy header through the web framework or hosting config. For static apps, add a CSP meta tag that restricts default-src, script-src, connect-src, img-src, and frame-ancestors."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "AGT012", "name": "Agent control bridge may listen on a network interface without visible auth", "shortDescription": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "fullDescription": {"text": "Bind local agent bridges to 127.0.0.1 by default. If remote access is required, require a bearer token or mTLS, enforce origin/CSRF checks for browser clients, and document the threat model."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "CFG006", "name": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.", "shortDescription": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "fullDescription": {"text": "Add a .gitignore appropriate for your language/framework."}, "properties": {"scanner": "repobility-threat-engine", "category": "practices", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC007", "name": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.", "shortDescription": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "fullDescription": {"text": "Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `parse_and_store` has cognitive complexity 18 (SonarSource scale). Cogniti", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `parse_and_store` has cognitive complexity 18 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursi"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 18."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "WEB011", "name": "Public web app has no humans.txt", "shortDescription": {"text": "Public web app has no humans.txt"}, "fullDescription": {"text": "Add humans.txt with team ownership, contact URL, key documentation links, and the last-updated date."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.5, "cwe": "", "owasp": ""}}, {"id": "WEB008", "name": "Public docs site has no llms.txt", "shortDescription": {"text": "Public docs site has no llms.txt"}, "fullDescription": {"text": "Add llms.txt with the product summary, canonical docs, API endpoints, security guidance, and preferred CLI workflow for AI agents."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.64, "cwe": "", "owasp": ""}}, {"id": "WEB002", "name": "Public web app has no sitemap", "shortDescription": {"text": "Public web app has no sitemap"}, "fullDescription": {"text": "Add sitemap.xml, a sitemap index, or a framework-native sitemap route and reference it from robots.txt."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "WEB001", "name": "Public web app has no robots.txt", "shortDescription": {"text": "Public web app has no robots.txt"}, "fullDescription": {"text": "Add robots.txt at the web root or a framework-native robots route. Include an explicit Sitemap directive and disallow only private paths."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequen", "shortDescription": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 22 more): Same pattern found in 22 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 22 more): Same pattern found in 22 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 22 more): Same pattern found in 22 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 22 more): Same pattern found in 22 addi", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED067", "name": "[MINED067] Python Requests No Timeout (and 28 more): Same pattern found in 28 additional files. Review if needed.", "shortDescription": {"text": "[MINED067] Python Requests No Timeout (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-400 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 28 more): Same pattern found in 28 add", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC103", "name": "[SEC103] LDAP injection \u2014 non-constant search filter (and 28 more): Same pattern found in 28 additional files. Review if", "shortDescription": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "fullDescription": {"text": "Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders)."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC078", "name": "[SEC078] Python: requests without timeout (and 28 more): Same pattern found in 28 additional files. Review if needed.", "shortDescription": {"text": "[SEC078] Python: requests without timeout (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "fullDescription": {"text": "Add `timeout=10` (or appropriate value) to every requests call."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml` pinned to mutable ref `@main`: `use", "shortDescription": {"text": "[MINED115] Action `bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml` pinned to mutable ref `@main`: `uses: bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml@main` resolves at workflow-run time. Tags and branch"}, "fullDescription": {"text": "Replace with: `uses: bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml@<40-char-sha>  # main` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` ", "shortDescription": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises Attr"}, "fullDescription": {"text": "Initialize `self.parse_and_store = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC083", "name": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported fr", "shortDescription": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "fullDescription": {"text": "Use a literal RegExp or whitelist-validate user input before constructing patterns."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "MINED018", "name": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/fi", "shortDescription": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-502 / A08:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC116", "name": "[SEC116] Ruby YAML.load / Marshal.load on untrusted input: `YAML.load` (pre-3.1) and `Marshal.load` instantiate arbitrar", "shortDescription": {"text": "[SEC116] Ruby YAML.load / Marshal.load on untrusted input: `YAML.load` (pre-3.1) and `Marshal.load` instantiate arbitrary Ruby classes \u2014 direct RCE on untrusted input. `unsafe_load` is even more dangerous."}, "fullDescription": {"text": "Use `YAML.safe_load(input, permitted_classes: [Date])` \u2014 explicit class allowlist. Never use `Marshal.load` on untrusted data; serialize as JSON instead."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC079", "name": "[SEC079] Python: yaml.load without SafeLoader: yaml.load() without explicit SafeLoader can execute arbitrary Python obje", "shortDescription": {"text": "[SEC079] Python: yaml.load without SafeLoader: yaml.load() without explicit SafeLoader can execute arbitrary Python objects (CVE-2017-18342). Ported from bandit B506 / dlint DUO109 (Apache-2.0 / BSD-3)."}, "fullDescription": {"text": "Use `yaml.safe_load(data)` or `yaml.load(data, Loader=yaml.SafeLoader)`."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1185"}, "properties": {"repository": "bugsfreeweb/LiveTVCollector", "repoUrl": "https://github.com/bugsfreeweb/LiveTVCollector", "branch": "main"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119113, "scanner": "repobility-ast-engine", "fingerprint": "78c11e74fd68046909a557d5990e29fadaadadbe253f334d980b05c5d5eec830", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|78c11e74fd68046909a557d5990e29fadaadadbe253f334d980b05c5d5eec830"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-ID.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119112, "scanner": "repobility-ast-engine", "fingerprint": "d32c45af46c4bca9dc55ed239f23771b4e861dd566804cab65c18bf022e0c1d3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d32c45af46c4bca9dc55ed239f23771b4e861dd566804cab65c18bf022e0c1d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-BD.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119111, "scanner": "repobility-ast-engine", "fingerprint": "1c8b6fd284423a8b5d370ab0c1e10858a34f0204cd76966f3b18b0cd5612ab51", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c8b6fd284423a8b5d370ab0c1e10858a34f0204cd76966f3b18b0cd5612ab51"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-BD.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119110, "scanner": "repobility-ast-engine", "fingerprint": "44666a2ba56da464e73e372b22f50c83d810de74d39b3e60e057807bb3f69557", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|44666a2ba56da464e73e372b22f50c83d810de74d39b3e60e057807bb3f69557"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-PT.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119109, "scanner": "repobility-ast-engine", "fingerprint": "caa9f91aa1ff19e47de92a3d7a77eed5a15501eb3dc9a71377b8ba3e36515ec2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|caa9f91aa1ff19e47de92a3d7a77eed5a15501eb3dc9a71377b8ba3e36515ec2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-PT.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119108, "scanner": "repobility-ast-engine", "fingerprint": "7b316f213ba7a1090b05ad77d3a241f740a7e0076732df13ee6cd0a057218c27", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7b316f213ba7a1090b05ad77d3a241f740a7e0076732df13ee6cd0a057218c27"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-PK.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119107, "scanner": "repobility-ast-engine", "fingerprint": "99eeadade80b41d726501fdf5415b331746d50cca0148e54ffeceee7880f82db", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|99eeadade80b41d726501fdf5415b331746d50cca0148e54ffeceee7880f82db"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-PK.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119106, "scanner": "repobility-ast-engine", "fingerprint": "8bf2249a9df10903b9c7abf123328c96a881f49f196c815f740e610a548bf293", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8bf2249a9df10903b9c7abf123328c96a881f49f196c815f740e610a548bf293"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams_VOD-WW.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119105, "scanner": "repobility-ast-engine", "fingerprint": "b25d65a471454d902618f2b77dc98b28d934b959638caf3033deff7ed5eee22d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b25d65a471454d902618f2b77dc98b28d934b959638caf3033deff7ed5eee22d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams_VOD-WW.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119104, "scanner": "repobility-ast-engine", "fingerprint": "e37a34ee8cc2ba1433b1c53b2df74c937e90e1e123a9d576414679af2994c834", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e37a34ee8cc2ba1433b1c53b2df74c937e90e1e123a9d576414679af2994c834"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-TR.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119103, "scanner": "repobility-ast-engine", "fingerprint": "98785a91e6000aa37f470b3ccf5233c59d2e55688a44bf85a8db7b5cecae1314", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|98785a91e6000aa37f470b3ccf5233c59d2e55688a44bf85a8db7b5cecae1314"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-TR.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119102, "scanner": "repobility-ast-engine", "fingerprint": "2b5c3bc8e570640a02cd2a7b82b30a097c59d0065d186c8b3476f883df9039b5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2b5c3bc8e570640a02cd2a7b82b30a097c59d0065d186c8b3476f883df9039b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-VN.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119101, "scanner": "repobility-ast-engine", "fingerprint": "15a56f946e44e2aabfeaabdcdee0ee76ae063833fcea664efd80603016d4ede0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|15a56f946e44e2aabfeaabdcdee0ee76ae063833fcea664efd80603016d4ede0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-VN.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119100, "scanner": "repobility-ast-engine", "fingerprint": "556895b4e71bb00b992c2bde228ae60f8dcdeaec575e2ea01063edd793f226e3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|556895b4e71bb00b992c2bde228ae60f8dcdeaec575e2ea01063edd793f226e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-IN.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119099, "scanner": "repobility-ast-engine", "fingerprint": "b69544118b697c358afbb3d53b6177e96cbc389a92bfdbbd897e48f71f70b632", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b69544118b697c358afbb3d53b6177e96cbc389a92bfdbbd897e48f71f70b632"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-IN.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119098, "scanner": "repobility-ast-engine", "fingerprint": "f1b4d6bcd002d7a9b8d132686e325365dcb0524cf4943df26313a8fa9f3561dc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f1b4d6bcd002d7a9b8d132686e325365dcb0524cf4943df26313a8fa9f3561dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-RU.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119097, "scanner": "repobility-ast-engine", "fingerprint": "0b1605aa7fa3a2e4d86267461b8307e9a07bd964b0eb8535601ce3362350f648", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0b1605aa7fa3a2e4d86267461b8307e9a07bd964b0eb8535601ce3362350f648"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-RU.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119096, "scanner": "repobility-ast-engine", "fingerprint": "35d07494e34fc5e3e882779549f050374806597e9044e1d1bc05a192bc6fb02c", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|35d07494e34fc5e3e882779549f050374806597e9044e1d1bc05a192bc6fb02c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-MX.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119095, "scanner": "repobility-ast-engine", "fingerprint": "4d8a7fd2b0177b8bef276fc2675fb3b11174d1f4a82ae1443e1f9eaa115b3422", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4d8a7fd2b0177b8bef276fc2675fb3b11174d1f4a82ae1443e1f9eaa115b3422"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-MX.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119094, "scanner": "repobility-ast-engine", "fingerprint": "4ee7f795e6d72516fb9633cbdd0c8f5ad4a216f095e725219df5ad9b8584f29b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4ee7f795e6d72516fb9633cbdd0c8f5ad4a216f095e725219df5ad9b8584f29b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-TH.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119093, "scanner": "repobility-ast-engine", "fingerprint": "08da3be774f48fbef4d8b34e314ff9523b42942b6ae5865c5fbdba2fedb03d3e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|08da3be774f48fbef4d8b34e314ff9523b42942b6ae5865c5fbdba2fedb03d3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-TH.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119092, "scanner": "repobility-ast-engine", "fingerprint": "b55fd55534c3917bae458859035c468236f907b33946eea3f31c2b2726458d38", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b55fd55534c3917bae458859035c468236f907b33946eea3f31c2b2726458d38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-EG.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119091, "scanner": "repobility-ast-engine", "fingerprint": "8a2bd91e65ec1e70680a075bb7198a48945b30f90b1f88d5ee60d20fa13fc759", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8a2bd91e65ec1e70680a075bb7198a48945b30f90b1f88d5ee60d20fa13fc759"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-EG.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119090, "scanner": "repobility-ast-engine", "fingerprint": "5f232ba07ba3d5141bbe3abde09587a97ae031e25e90344752e149d62fed87f7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f232ba07ba3d5141bbe3abde09587a97ae031e25e90344752e149d62fed87f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-IL.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 119089, "scanner": "repobility-ast-engine", "fingerprint": "cedde7394ab6cdf2cb4700d862aa5a52b5dd6afc69de8ff216947bdae6be2720", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cedde7394ab6cdf2cb4700d862aa5a52b5dd6afc69de8ff216947bdae6be2720"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/process_streams-IL.py"}, "region": {"startLine": 183}}}]}, {"ruleId": "WEB003", "level": "warning", "message": {"text": "Public web service has no security.txt"}, "properties": {"repobilityId": 119063, "scanner": "repobility-web-presence", "fingerprint": "5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app/API but no security.txt file or route was discovered.", "evidence": {"rule_id": "WEB003", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9116", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".well-known/security.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB015", "level": "warning", "message": {"text": "Public web app has no Content Security Policy"}, "properties": {"repobilityId": 119062, "scanner": "repobility-web-presence", "fingerprint": "7eb70cae3ff63d8ed7c31706185d32b37655333b40b58ca826d740b08fb1ad63", "category": "quality", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no CSP header, framework header config, Helmet policy, or CSP meta tag was discovered.", "evidence": {"rule_id": "WEB015", "scanner": "repobility-web-presence", "references": ["https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|7eb70cae3ff63d8ed7c31706185d32b37655333b40b58ca826d740b08fb1ad63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "index.html"}, "region": {"startLine": 1}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 119057, "scanner": "repobility-agent-runtime", "fingerprint": "70e13d91bcb099bb831f9bf2f532d3fe5c05f05c44f30d10c401b77a0301d386", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|70e13d91bcb099bb831f9bf2f532d3fe5c05f05c44f30d10c401b77a0301d386"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeStreams/processed_links-MXD.json"}, "region": {"startLine": 1822}}}]}, {"ruleId": "CFG006", "level": "warning", "message": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "properties": {"repobilityId": 119026, "scanner": "repobility-threat-engine", "fingerprint": "c65fc71ce58c37a0e07837c0fe294108b731c43ef16027a2f0971c757bbe9a16", "category": "practices", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "No .gitignore file found in repository root", "evidence": {"reason": "No .gitignore file found in repository root", "rule_id": "CFG006", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "repo|practices|cfg006"}}}, {"ruleId": "SEC007", "level": "warning", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 119020, "scanner": "repobility-threat-engine", "fingerprint": "b10d75d49f00086993ccd037a41acb5cef866f287982cf52f324f83ca4b2f22d", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "yaml.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|specialcollection.js|23|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SpecialCollection.js"}, "region": {"startLine": 23}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `parse_and_store` has cognitive complexity 18 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: and=1, elif=1, for=1, if=2, nested_bonus=10, ternary=3."}, "properties": {"repobilityId": 119001, "scanner": "repobility-threat-engine", "fingerprint": "c8226c6a820f7dafdabc93c6f0d125bcac399ee49fb51e43bc3f39b5799ff297", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 18 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "parse_and_store", "breakdown": {"if": 2, "and": 1, "for": 1, "elif": 1, "ternary": 3, "nested_bonus": 10}, "complexity": 18, "correlation_key": "fp|c8226c6a820f7dafdabc93c6f0d125bcac399ee49fb51e43bc3f39b5799ff297"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Hollywood.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `parse_and_store` has cognitive complexity 18 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: and=1, elif=1, for=1, if=2, nested_bonus=10, ternary=3."}, "properties": {"repobilityId": 118999, "scanner": "repobility-threat-engine", "fingerprint": "c4706ac38d486e446285fe2af65bf9f14500c97b2c84aa26bc8befd6c622ef6b", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 18 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "parse_and_store", "breakdown": {"if": 2, "and": 1, "for": 1, "elif": 1, "ternary": 3, "nested_bonus": 10}, "complexity": 18, "correlation_key": "fp|c4706ac38d486e446285fe2af65bf9f14500c97b2c84aa26bc8befd6c622ef6b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "WEB011", "level": "note", "message": {"text": "Public web app has no humans.txt"}, "properties": {"repobilityId": 119061, "scanner": "repobility-web-presence", "fingerprint": "bdd551fbe1ab6405480e0d5755632562c2096cb9e9a6a071ef60e4c27a6873f1", "category": "quality", "severity": "low", "confidence": 0.5, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Repository looks like a public web app but no humans.txt file or route was discovered.", "evidence": {"rule_id": "WEB011", "scanner": "repobility-web-presence", "references": ["https://github.com/Lissy93/web-check"], "correlation_key": "fp|bdd551fbe1ab6405480e0d5755632562c2096cb9e9a6a071ef60e4c27a6873f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "humans.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB008", "level": "note", "message": {"text": "Public docs site has no llms.txt"}, "properties": {"repobilityId": 119060, "scanner": "repobility-web-presence", "fingerprint": "cdce8ed8706710d39c3e7272dad572dd639cff74fd3d2ac62d8f6f522b891d76", "category": "quality", "severity": "low", "confidence": 0.64, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Repository looks public and documentation-heavy but no llms.txt file or route was discovered.", "evidence": {"rule_id": "WEB008", "scanner": "repobility-web-presence", "references": ["https://llmstxt.org/"], "correlation_key": "fp|cdce8ed8706710d39c3e7272dad572dd639cff74fd3d2ac62d8f6f522b891d76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "llms.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB002", "level": "note", "message": {"text": "Public web app has no sitemap"}, "properties": {"repobilityId": 119059, "scanner": "repobility-web-presence", "fingerprint": "fccbe72d13ca3ba9197ec37b0daa0802fb6d5ebff54b3eb9f09b59b0f8d0acdf", "category": "quality", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no sitemap file or route was discovered.", "evidence": {"rule_id": "WEB002", "scanner": "repobility-web-presence", "references": ["https://www.sitemaps.org/protocol.html", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|fccbe72d13ca3ba9197ec37b0daa0802fb6d5ebff54b3eb9f09b59b0f8d0acdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sitemap.xml"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB001", "level": "note", "message": {"text": "Public web app has no robots.txt"}, "properties": {"repobilityId": 119058, "scanner": "repobility-web-presence", "fingerprint": "cae3f2223945958e14d8eb90f7965fa26b47011cc5be29c2855a4054937e29c4", "category": "quality", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no robots.txt file or route was discovered.", "evidence": {"rule_id": "WEB001", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9309", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|cae3f2223945958e14d8eb90f7965fa26b47011cc5be29c2855a4054937e29c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "robots.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119056, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e867a51810196b20b379afea431f75791040476cdba2572229f53a5743f316ce", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|e867a51810196b20b379afea431f75791040476cdba2572229f53a5743f316ce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119055, "scanner": "repobility-ai-code-hygiene", "fingerprint": "22926219d59adb1b33f403bea2ac7190d2d847b6a74f694ffe69d5402de7f5f5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/TV-Arabic.py", "duplicate_line": 95, "correlation_key": "fp|22926219d59adb1b33f403bea2ac7190d2d847b6a74f694ffe69d5402de7f5f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119054, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f00b80a28c43ca524292a7f915659192d6175db824ec2cff57f7f1d34cd39b63", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|f00b80a28c43ca524292a7f915659192d6175db824ec2cff57f7f1d34cd39b63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119053, "scanner": "repobility-ai-code-hygiene", "fingerprint": "377353d9af3d0f28cb45558178d4a204c52971fb3e9744eda1eb475de01652f5", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|377353d9af3d0f28cb45558178d4a204c52971fb3e9744eda1eb475de01652f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119052, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b9319a537700ee93f77788c7001839fdc5cc22b9d30bb8852a2268e7f3cc88c9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/TV-Arabic.py", "duplicate_line": 95, "correlation_key": "fp|b9319a537700ee93f77788c7001839fdc5cc22b9d30bb8852a2268e7f3cc88c9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Collection.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119051, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4f56e4987620c61d664edeb133f1313ccde09dd9e2908e3c39706a804e86cd88", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|4f56e4987620c61d664edeb133f1313ccde09dd9e2908e3c39706a804e86cd88"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Collection.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119050, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1041184c2ae7ff5035e8e325dc5806447fa166798fa52672e8547d493df312e9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|1041184c2ae7ff5035e8e325dc5806447fa166798fa52672e8547d493df312e9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Collection.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119049, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d91ca7461f82d06c156c3449a0e43d936205a35fd7d76b18092da2edbe9c3c74", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/TV-Arabic.py", "duplicate_line": 95, "correlation_key": "fp|d91ca7461f82d06c156c3449a0e43d936205a35fd7d76b18092da2edbe9c3c74"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-China.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119048, "scanner": "repobility-ai-code-hygiene", "fingerprint": "82064421ce6fa8cf186dbb9cf5235961f373d8919d4e6df78a794de7991db00e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|82064421ce6fa8cf186dbb9cf5235961f373d8919d4e6df78a794de7991db00e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-China.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119047, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5ca8ab55fd53a0216e5a7ce23fed515cef3bd6c988b3630c30595aee76e86cbb", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|5ca8ab55fd53a0216e5a7ce23fed515cef3bd6c988b3630c30595aee76e86cbb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-China.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119046, "scanner": "repobility-ai-code-hygiene", "fingerprint": "0e9f4b19f5ed08281c52b68be121e212f28e6e2f0084240ca2910f32f77aee59", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/TV-Arabic.py", "duplicate_line": 95, "correlation_key": "fp|0e9f4b19f5ed08281c52b68be121e212f28e6e2f0084240ca2910f32f77aee59"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Canada.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119045, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f9642e0945cc42862692f6171331e1b6a38349066497f5a801f373c404ca3c83", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|f9642e0945cc42862692f6171331e1b6a38349066497f5a801f373c404ca3c83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Canada.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119044, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fe267d5c2011a1bfd25bea9dca3a882a88e9ffeb0434c900eafaa7f8e34372b4", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|fe267d5c2011a1bfd25bea9dca3a882a88e9ffeb0434c900eafaa7f8e34372b4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Canada.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119043, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6d82896e59763f5f57cfb6997e8e07d6a38a2f47358ded4bd8d82a18539f6285", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/TV-Arabic.py", "duplicate_line": 95, "correlation_key": "fp|6d82896e59763f5f57cfb6997e8e07d6a38a2f47358ded4bd8d82a18539f6285"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Brazil.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119042, "scanner": "repobility-ai-code-hygiene", "fingerprint": "03f0efa2a89981c4de58f6ba3243146d3e7e084f7604ff10a9eb92bb415d97c6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|03f0efa2a89981c4de58f6ba3243146d3e7e084f7604ff10a9eb92bb415d97c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Brazil.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119041, "scanner": "repobility-ai-code-hygiene", "fingerprint": "899aa38d505b689de8c3a5d74cbbf580ac8487c0b04166c2c46435c7a96f9490", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|899aa38d505b689de8c3a5d74cbbf580ac8487c0b04166c2c46435c7a96f9490"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Brazil.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119040, "scanner": "repobility-ai-code-hygiene", "fingerprint": "38fc8d68ee030886e5aa1f7d1961c9f066eceef98784200d4bac73903dc417cc", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/TV-Arabic.py", "duplicate_line": 95, "correlation_key": "fp|38fc8d68ee030886e5aa1f7d1961c9f066eceef98784200d4bac73903dc417cc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bangladesh.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119039, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d94c41f2dc803d47e0c98472e9510aad29c80da1d73f40bc9ca0f4f62ebd9798", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|d94c41f2dc803d47e0c98472e9510aad29c80da1d73f40bc9ca0f4f62ebd9798"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bangladesh.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119038, "scanner": "repobility-ai-code-hygiene", "fingerprint": "71db4f0e3af4e3b0bb3e274d980b507855f54c1c8af701a42e4e676b7b0b2129", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|71db4f0e3af4e3b0bb3e274d980b507855f54c1c8af701a42e4e676b7b0b2129"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bangladesh.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119037, "scanner": "repobility-ai-code-hygiene", "fingerprint": "591ad8462b9ad2b85f7f8a285cbeda3bffd1ad9be9f72efd4574d4fdeb92f559", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/TV-Arabic.py", "duplicate_line": 95, "correlation_key": "fp|591ad8462b9ad2b85f7f8a285cbeda3bffd1ad9be9f72efd4574d4fdeb92f559"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bahrain.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119036, "scanner": "repobility-ai-code-hygiene", "fingerprint": "79fc39a91a2da66f59ce6c28fc0d6514d24dd4863d88f9291ba7de348be3bebe", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|79fc39a91a2da66f59ce6c28fc0d6514d24dd4863d88f9291ba7de348be3bebe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bahrain.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119035, "scanner": "repobility-ai-code-hygiene", "fingerprint": "60bd824a9cc41fedd6310e02a5d069eb7ac500125460d6c6155634416e403979", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|60bd824a9cc41fedd6310e02a5d069eb7ac500125460d6c6155634416e403979"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bahrain.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119034, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8d178984ff44ac8fa98dbe2bcdf0ea08c8414a50113417da7abedd0f1f2fc111", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|8d178984ff44ac8fa98dbe2bcdf0ea08c8414a50113417da7abedd0f1f2fc111"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Arabic.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119033, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ce868524376ee1165b98876299afb529e691aa006ca1dc6cba4ee561ff5a685f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Private.py", "duplicate_line": 16, "correlation_key": "fp|ce868524376ee1165b98876299afb529e691aa006ca1dc6cba4ee561ff5a685f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Arabic.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119032, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c437fffa501cd1bb194693f39128c0e61aaa5676c05845845a08a7d280b8d6a1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 16, "correlation_key": "fp|c437fffa501cd1bb194693f39128c0e61aaa5676c05845845a08a7d280b8d6a1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Worldwide.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119031, "scanner": "repobility-ai-code-hygiene", "fingerprint": "cf4d7e25c64f2d68e1094a2d35332489e7373e2889e5d95cfe4c893feb3ebb05", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 16, "correlation_key": "fp|cf4d7e25c64f2d68e1094a2d35332489e7373e2889e5d95cfe4c893feb3ebb05"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-WorldCollection.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119030, "scanner": "repobility-ai-code-hygiene", "fingerprint": "33c7cac2d33b191e3c170bb81a3b3bf5bce372093d16462faad607b46e82213a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 16, "correlation_key": "fp|33c7cac2d33b191e3c170bb81a3b3bf5bce372093d16462faad607b46e82213a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-VOD.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119029, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1028854b9cc6d3164ab27360fd51aa64d336bdd9a4f6bba5eadaa57f0cd1694f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 16, "correlation_key": "fp|1028854b9cc6d3164ab27360fd51aa64d336bdd9a4f6bba5eadaa57f0cd1694f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-SecretWorld.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119028, "scanner": "repobility-ai-code-hygiene", "fingerprint": "59e62de359b5f245bde3333374ffdc2367b6e47e93c96632da0278acdbad85e1", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 36, "correlation_key": "fp|59e62de359b5f245bde3333374ffdc2367b6e47e93c96632da0278acdbad85e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 119027, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a79e700bf202fbd95a4f08124cb6e1f9b7a1deaf0f31a3e6d6d91e3b724fc8ef", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "BugsfreeMain/Movies-Bollywood.py", "duplicate_line": 16, "correlation_key": "fp|a79e700bf202fbd95a4f08124cb6e1f9b7a1deaf0f31a3e6d6d91e3b724fc8ef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Hollywood.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `extract_stream_urls_from_html` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: for=1, if=4, nested_bonus=4."}, "properties": {"repobilityId": 119000, "scanner": "repobility-threat-engine", "fingerprint": "6bc4e982833199b1c959d6e79917fc08b6d96be4eea1a3cb4c292298c9ee9a47", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "extract_stream_urls_from_html", "breakdown": {"if": 4, "for": 1, "nested_bonus": 4}, "complexity": 9, "correlation_key": "fp|6bc4e982833199b1c959d6e79917fc08b6d96be4eea1a3cb4c292298c9ee9a47"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 119025, "scanner": "repobility-threat-engine", "fingerprint": "1372f800bc6163b326043d5a80a2f07cc5827142639195150ab60ddbcb51254d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|1372f800bc6163b326043d5a80a2f07cc5827142639195150ab60ddbcb51254d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SpecialCollection.js"}, "region": {"startLine": 25}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 119019, "scanner": "repobility-threat-engine", "fingerprint": "c8fa7e476c7751060c907a030df14e6fb170b52d2e1bbbe88d46678e60a064d6", "category": "credential_exposure", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe context pattern detected", "evidence": {"match": "console.error('Error loading config.yml:', error.message)", "reason": "Safe context pattern detected", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "secret|specialcollection.js|2|console.error error loading config.yml: error.message"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SpecialCollection.js"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "properties": {"repobilityId": 119018, "scanner": "repobility-threat-engine", "fingerprint": "c9cae91cd733d435a9447dd8129f08031b61cb65a6612f50fe8694f62b973f93", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 22 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|c9cae91cd733d435a9447dd8129f08031b61cb65a6612f50fe8694f62b973f93", "aggregated_count": 22}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 119017, "scanner": "repobility-threat-engine", "fingerprint": "b92c77c9e6d412369a51b6956ad3d773089e65d26b7b99d08a6b1af3c6dfdfab", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b92c77c9e6d412369a51b6956ad3d773089e65d26b7b99d08a6b1af3c6dfdfab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bahrain.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 119016, "scanner": "repobility-threat-engine", "fingerprint": "b149e3d99432f2d998388b9fc4814a7190b50c3c79f0fe9e64439f950c71030c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b149e3d99432f2d998388b9fc4814a7190b50c3c79f0fe9e64439f950c71030c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Arabic.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 119015, "scanner": "repobility-threat-engine", "fingerprint": "cac6433355b3183026578b3d46fd26847da5b38fa191b9f3c305638b0bdbf594", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cac6433355b3183026578b3d46fd26847da5b38fa191b9f3c305638b0bdbf594"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 108}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "properties": {"repobilityId": 119014, "scanner": "repobility-threat-engine", "fingerprint": "8573bef0f9f08bb8c306aed8c575e04960d1d44dea2699897dc79d4acb1295e1", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 22 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|8573bef0f9f08bb8c306aed8c575e04960d1d44dea2699897dc79d4acb1295e1", "aggregated_count": 22}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 119013, "scanner": "repobility-threat-engine", "fingerprint": "3ebbb24ddee5692efcd386c72c3514afaeaebb110027baa94a7444fb96913a5d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3ebbb24ddee5692efcd386c72c3514afaeaebb110027baa94a7444fb96913a5d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bahrain.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 119012, "scanner": "repobility-threat-engine", "fingerprint": "1042334231867122432ddfb5194ed2bae8d754d8ce7a38cbee0868bf2406d3ca", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|1042334231867122432ddfb5194ed2bae8d754d8ce7a38cbee0868bf2406d3ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Arabic.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 119011, "scanner": "repobility-threat-engine", "fingerprint": "eafefa13f1cfdbb0791e16c9bb371466566e3d9c16226b0893ed8f5433dd4f95", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|eafefa13f1cfdbb0791e16c9bb371466566e3d9c16226b0893ed8f5433dd4f95"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 99}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "properties": {"repobilityId": 119010, "scanner": "repobility-threat-engine", "fingerprint": "18db77f30d3227ad274822c7e639363fb77b761a1bd5c2635880d2cbb654bc29", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 22 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|18db77f30d3227ad274822c7e639363fb77b761a1bd5c2635880d2cbb654bc29", "aggregated_count": 22}}}, {"ruleId": "SEC029", "level": "none", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input (and 22 more): Same pattern found in 22 additional files. Review if needed."}, "properties": {"repobilityId": 119006, "scanner": "repobility-threat-engine", "fingerprint": "2e3607151b79226e1f988d03377240b01f057a39282b8ee7334800f3ede61bb1", "category": "ssrf", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 22 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 22 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|2e3607151b79226e1f988d03377240b01f057a39282b8ee7334800f3ede61bb1"}}}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 84 more): Same pattern found in 84 additional files. Review if needed."}, "properties": {"repobilityId": 119002, "scanner": "repobility-threat-engine", "fingerprint": "e79de6df6909a07c03211588d44b178989c5f92bacb94af79fa67d86ae8c6527", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 84 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "parse_and_store", "breakdown": {"if": 2, "and": 1, "for": 1, "elif": 1, "ternary": 3, "nested_bonus": 10}, "aggregated": true, "complexity": 18, "correlation_key": "fp|e79de6df6909a07c03211588d44b178989c5f92bacb94af79fa67d86ae8c6527", "aggregated_count": 84}}}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "properties": {"repobilityId": 118998, "scanner": "repobility-threat-engine", "fingerprint": "8e2cb0b8186b90f5707c5d2a9cf7e9e7ffb5d99491dc0c31a59f5f61993ac995", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 28 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|8e2cb0b8186b90f5707c5d2a9cf7e9e7ffb5d99491dc0c31a59f5f61993ac995", "aggregated_count": 28}}}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 118997, "scanner": "repobility-threat-engine", "fingerprint": "b73981dd13c0a1b3c26b7707e704f1a61217d36580374b267d1a2385c8d1e755", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b73981dd13c0a1b3c26b7707e704f1a61217d36580374b267d1a2385c8d1e755"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 118996, "scanner": "repobility-threat-engine", "fingerprint": "7c3032a4a81b3816b816031c239ff1cfee13d0f9449dd569b5260214480c8668", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7c3032a4a81b3816b816031c239ff1cfee13d0f9449dd569b5260214480c8668"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Hollywood.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 118995, "scanner": "repobility-threat-engine", "fingerprint": "d1d783ba1422ce2767dd9d262a4d662ef87b46b73d2e964fbb37731a889154e7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d1d783ba1422ce2767dd9d262a4d662ef87b46b73d2e964fbb37731a889154e7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "properties": {"repobilityId": 118994, "scanner": "repobility-threat-engine", "fingerprint": "1e4f61a7cc798e772fe465a9b2fc3f5eeb9e4e9ca1f8bbff71b19875a5a6edc8", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 28 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 28 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|1e4f61a7cc798e772fe465a9b2fc3f5eeb9e4e9ca1f8bbff71b19875a5a6edc8"}}}, {"ruleId": "SEC103", "level": "none", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "properties": {"repobilityId": 118990, "scanner": "repobility-threat-engine", "fingerprint": "59c61ece41b9e9ed5ccb5976b31146220a00cdd3a507a3fd724f923494633ea7", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 28 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 28 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|59c61ece41b9e9ed5ccb5976b31146220a00cdd3a507a3fd724f923494633ea7"}}}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout (and 28 more): Same pattern found in 28 additional files. Review if needed."}, "properties": {"repobilityId": 118987, "scanner": "repobility-threat-engine", "fingerprint": "0ed9ae83e7d599ddc3423863fa99ce234ea17ab07def12354a55016fc36da7f8", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 28 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 28 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|0ed9ae83e7d599ddc3423863fa99ce234ea17ab07def12354a55016fc36da7f8"}}}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 118986, "scanner": "repobility-threat-engine", "fingerprint": "39b84116392b22e32c3517175ff21979320772ba53a3867109039cd1c738371a", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'timeout\\s*=' detected on same line", "evidence": {"match": "requests.get(", "reason": "Safe pattern 'timeout\\s*=' detected on same line", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "fp|39b84116392b22e32c3517175ff21979320772ba53a3867109039cd1c738371a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 118985, "scanner": "repobility-threat-engine", "fingerprint": "1d89b61f296aa0190afc303b5e84a1455ee3c7f5f0fcdbd04cb9ad5f469dfcc9", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'timeout\\s*=' detected on same line", "evidence": {"match": "requests.get(", "reason": "Safe pattern 'timeout\\s*=' detected on same line", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "fp|1d89b61f296aa0190afc303b5e84a1455ee3c7f5f0fcdbd04cb9ad5f469dfcc9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Hollywood.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 118984, "scanner": "repobility-threat-engine", "fingerprint": "91c5886fbee96b545e4a11e45ce72112bb2053dbea23d42c2c8f582590252bad", "category": "quality", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern 'timeout\\s*=' detected on same line", "evidence": {"match": "requests.get(", "reason": "Safe pattern 'timeout\\s*=' detected on same line", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "fp|91c5886fbee96b545e4a11e45ce72112bb2053dbea23d42c2c8f582590252bad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml` pinned to mutable ref `@main`: `uses: bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119138, "scanner": "repobility-supply-chain", "fingerprint": "62f361ca074a795a79892def17832aa88440baa052d28d4b94812e16f414e710", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|62f361ca074a795a79892def17832aa88440baa052d28d4b94812e16f414e710"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-China.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v4`: `uses: actions/setup-python@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119137, "scanner": "repobility-supply-chain", "fingerprint": "9362965b5c29213fc84229677453a857dcd4e40512604f81d726553a17f25724", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9362965b5c29213fc84229677453a857dcd4e40512604f81d726553a17f25724"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-China.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v3`: `uses: actions/checkout@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119136, "scanner": "repobility-supply-chain", "fingerprint": "fa3f15d35d7844c58baaa4a486f1961cfdb796cfc990bbfdc8dc9fe5b53ba9d2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fa3f15d35d7844c58baaa4a486f1961cfdb796cfc990bbfdc8dc9fe5b53ba9d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-China.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml` pinned to mutable ref `@main`: `uses: bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119135, "scanner": "repobility-supply-chain", "fingerprint": "31f4344b8821d88999478ce000e9b3c5ba8fa18331e2d2863fd19d2a41a1d9a0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|31f4344b8821d88999478ce000e9b3c5ba8fa18331e2d2863fd19d2a41a1d9a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Movies-WorldCollection.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v4`: `uses: actions/setup-python@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119134, "scanner": "repobility-supply-chain", "fingerprint": "30a19db7dfeae393571e7d0747d7843b15aff0dabcaa37f21aa5cce70e3fb489", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|30a19db7dfeae393571e7d0747d7843b15aff0dabcaa37f21aa5cce70e3fb489"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Movies-WorldCollection.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v3`: `uses: actions/checkout@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119133, "scanner": "repobility-supply-chain", "fingerprint": "ce9fb15de13fd41d15a2c24156507517c94f9f5a8d0134a42e774f745f9503e3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ce9fb15de13fd41d15a2c24156507517c94f9f5a8d0134a42e774f745f9503e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Movies-WorldCollection.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml` pinned to mutable ref `@main`: `uses: bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119132, "scanner": "repobility-supply-chain", "fingerprint": "8326d4aa5c0fb51330aa9c4794e15185fd7a71de9e435ffe03d04acfcaf9638a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8326d4aa5c0fb51330aa9c4794e15185fd7a71de9e435ffe03d04acfcaf9638a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Collection.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v4`: `uses: actions/setup-python@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119131, "scanner": "repobility-supply-chain", "fingerprint": "f04b19cef0fdd82758bc05c130fb37f9de5d1370196eb2aa4fcae5a6c35ab3cf", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f04b19cef0fdd82758bc05c130fb37f9de5d1370196eb2aa4fcae5a6c35ab3cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Collection.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v3`: `uses: actions/checkout@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119130, "scanner": "repobility-supply-chain", "fingerprint": "db3dadfd76b1220ab9526c3654ae3a4786d9478dd78e68ca5fd35590b9fd3cae", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|db3dadfd76b1220ab9526c3654ae3a4786d9478dd78e68ca5fd35590b9fd3cae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Collection.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml` pinned to mutable ref `@main`: `uses: bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119129, "scanner": "repobility-supply-chain", "fingerprint": "3dc0650c89b82905eb35b11bddc8ed75591ca0c70409e0ad7ad0870d53ba1ce1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3dc0650c89b82905eb35b11bddc8ed75591ca0c70409e0ad7ad0870d53ba1ce1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Mexico.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v4`: `uses: actions/setup-python@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119128, "scanner": "repobility-supply-chain", "fingerprint": "1e9a30137a286d3c05d9fa597d7ef2b00394a1593c6071c9a6fb86019cab8055", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1e9a30137a286d3c05d9fa597d7ef2b00394a1593c6071c9a6fb86019cab8055"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Mexico.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v3`: `uses: actions/checkout@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119127, "scanner": "repobility-supply-chain", "fingerprint": "65d61680668fff2f5d5c0e978c50d64c6c890c4d788ed8dc7bf0946a799192b2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|65d61680668fff2f5d5c0e978c50d64c6c890c4d788ed8dc7bf0946a799192b2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Mexico.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml` pinned to mutable ref `@main`: `uses: bugsfreeweb/LiveTVCollector/.github/workflows/update-indexes.yml@main` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119126, "scanner": "repobility-supply-chain", "fingerprint": "64a8082b03d949d008c7b0ae655d9e375aaec8c43e95d75c5657290d29412dd7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|64a8082b03d949d008c7b0ae655d9e375aaec8c43e95d75c5657290d29412dd7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Brazil.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v4`: `uses: actions/setup-python@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119125, "scanner": "repobility-supply-chain", "fingerprint": "0eea40f6b19e217aac273e19681af7c3b8e695b9a043bfa762aec63d2f936801", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|0eea40f6b19e217aac273e19681af7c3b8e695b9a043bfa762aec63d2f936801"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Brazil.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v3`: `uses: actions/checkout@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119124, "scanner": "repobility-supply-chain", "fingerprint": "9a386aedf6487b9a70dbe069dec1ca4f75de85b9ce0ffea3cc39822f79a8849c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9a386aedf6487b9a70dbe069dec1ca4f75de85b9ce0ffea3cc39822f79a8849c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/TV-Brazil.yml"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-node` pinned to mutable ref `@v3`: `uses: actions/setup-node@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119123, "scanner": "repobility-supply-chain", "fingerprint": "3c93beace243d1044a9378b1573a5fe83629d6602db5f3b02e8ec8239d7e15a6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3c93beace243d1044a9378b1573a5fe83629d6602db5f3b02e8ec8239d7e15a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/SpecialCollection.yml"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v3`: `uses: actions/checkout@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119122, "scanner": "repobility-supply-chain", "fingerprint": "2a9b5af7e90d8a0dc7e69e761671aa72e6f9d0db148eb22a9b16d90a173582fe", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2a9b5af7e90d8a0dc7e69e761671aa72e6f9d0db148eb22a9b16d90a173582fe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/SpecialCollection.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119121, "scanner": "repobility-supply-chain", "fingerprint": "50eac1df06844e8dc9dbe40808d84396529e874cc80cc20ac4fba958c5743a1e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|50eac1df06844e8dc9dbe40808d84396529e874cc80cc20ac4fba958c5743a1e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checkerVOD-WW.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119120, "scanner": "repobility-supply-chain", "fingerprint": "6b313d2bff7d1faf709c4f2c598802f8b0cc44b413eb77e49413dc72710a51fa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6b313d2bff7d1faf709c4f2c598802f8b0cc44b413eb77e49413dc72710a51fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checkerVOD-WW.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119119, "scanner": "repobility-supply-chain", "fingerprint": "fcd38750c2f108669fedfb925a2d84cccd6368f41b4d9c68f72a27a70b72bd23", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|fcd38750c2f108669fedfb925a2d84cccd6368f41b4d9c68f72a27a70b72bd23"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checker-BD.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119118, "scanner": "repobility-supply-chain", "fingerprint": "078069fbd208380b2e65a2c73f6d58f88bc5527b4c2244aa1db6f1f2003e5011", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|078069fbd208380b2e65a2c73f6d58f88bc5527b4c2244aa1db6f1f2003e5011"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checker-BD.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119117, "scanner": "repobility-supply-chain", "fingerprint": "c5f9467ed7cbcf1c6907415d93bd1391f1c2931c83a2cbc962885d6813fd01ca", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c5f9467ed7cbcf1c6907415d93bd1391f1c2931c83a2cbc962885d6813fd01ca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checker-IL.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119116, "scanner": "repobility-supply-chain", "fingerprint": "784104324c3d459d1b98ff81d60bc7c08fcb5397071f3015f7e5b79e55e91292", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|784104324c3d459d1b98ff81d60bc7c08fcb5397071f3015f7e5b79e55e91292"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checker-IL.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119115, "scanner": "repobility-supply-chain", "fingerprint": "b5cae4deecf5a2dc8395ecb7cca25225a755b8f0c1dea844c4fa9044ba189161", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b5cae4deecf5a2dc8395ecb7cca25225a755b8f0c1dea844c4fa9044ba189161"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checker-MX.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 119114, "scanner": "repobility-supply-chain", "fingerprint": "c0087e9915bdb0331712d9e3fc3ca82690c95366edcec236a9edad1c3131230b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c0087e9915bdb0331712d9e3fc3ca82690c95366edcec236a9edad1c3131230b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/Stream_checker-MX.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119088, "scanner": "repobility-ast-engine", "fingerprint": "9e543a963d07e5fe0836d49a47c52338dda7ed36a047f99d6fbbe881148bba84", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9e543a963d07e5fe0836d49a47c52338dda7ed36a047f99d6fbbe881148bba84"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-China.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119087, "scanner": "repobility-ast-engine", "fingerprint": "971fa78ee8aac1c76c3d8857cd295b022f5255dbc14d318699d225e5139ef754", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|971fa78ee8aac1c76c3d8857cd295b022f5255dbc14d318699d225e5139ef754"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-China.py"}, "region": {"startLine": 190}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119086, "scanner": "repobility-ast-engine", "fingerprint": "81c05d3e273719323f74d1f169a858f2ce49fe5777bd7b8f066e2120a76b716f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|81c05d3e273719323f74d1f169a858f2ce49fe5777bd7b8f066e2120a76b716f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-China.py"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.check_link_active` used but never assigned in __init__: Method `filter_active_channels` of class `M3UCollector` reads `self.check_link_active`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119085, "scanner": "repobility-ast-engine", "fingerprint": "143f82f4182eec5c69d1720b5b2b5c63d885e246b1311d5151d2e431610b8d05", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|143f82f4182eec5c69d1720b5b2b5c63d885e246b1311d5151d2e431610b8d05"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-China.py"}, "region": {"startLine": 158}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119084, "scanner": "repobility-ast-engine", "fingerprint": "24538e97c82407b17bbf7c8c6b8f8e9f06ecaf40cd5226c1d40685d7713d6efa", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|24538e97c82407b17bbf7c8c6b8f8e9f06ecaf40cd5226c1d40685d7713d6efa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 147}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.extract_stream_urls_from_html` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.extract_stream_urls_from_html`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119083, "scanner": "repobility-ast-engine", "fingerprint": "349751e3a42ff95cc4df2f1bbcd98e30173991743a728688231bc15983056fdf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|349751e3a42ff95cc4df2f1bbcd98e30173991743a728688231bc15983056fdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filter_active_channels` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.filter_active_channels`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119082, "scanner": "repobility-ast-engine", "fingerprint": "660f58171570f07f73d1f93c8d92f9327c45a0afe468ebab7fce488a5d3829dc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|660f58171570f07f73d1f93c8d92f9327c45a0afe468ebab7fce488a5d3829dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 154}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119081, "scanner": "repobility-ast-engine", "fingerprint": "c86516de0e65991b5940018a1ce3abfb6c870d2e636a36889387a0f74cb447f3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c86516de0e65991b5940018a1ce3abfb6c870d2e636a36889387a0f74cb447f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119080, "scanner": "repobility-ast-engine", "fingerprint": "a0c53363c08692f20721f7669349d9545fd3bc020b134efd262980e829b83c75", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a0c53363c08692f20721f7669349d9545fd3bc020b134efd262980e829b83c75"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119079, "scanner": "repobility-ast-engine", "fingerprint": "0d6823b85bb854259d539683b2e7d5279d7f1c71d4fc381969c43e7c77f27c69", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0d6823b85bb854259d539683b2e7d5279d7f1c71d4fc381969c43e7c77f27c69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 142}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.check_link_active` used but never assigned in __init__: Method `filter_active_channels` of class `M3UCollector` reads `self.check_link_active`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119078, "scanner": "repobility-ast-engine", "fingerprint": "8705fe45fce42c27ef765fb8e1a7c42a85aab6140d45fdcfed8952819ea59a83", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8705fe45fce42c27ef765fb8e1a7c42a85aab6140d45fdcfed8952819ea59a83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119077, "scanner": "repobility-ast-engine", "fingerprint": "71fd71e566d1261299014e7021002202f947749d886a6dbf889b104dfe6a050e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|71fd71e566d1261299014e7021002202f947749d886a6dbf889b104dfe6a050e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 187}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.extract_stream_urls_from_html` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.extract_stream_urls_from_html`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119076, "scanner": "repobility-ast-engine", "fingerprint": "599c759ee839c5920d77d68341072ff4463d6c8c5bc330d102fde09f264df8b5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|599c759ee839c5920d77d68341072ff4463d6c8c5bc330d102fde09f264df8b5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 184}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filter_active_channels` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.filter_active_channels`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119075, "scanner": "repobility-ast-engine", "fingerprint": "675618dc0898157d7c088e00afadcc02611195acd7909ff0e1861242057a2cd2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|675618dc0898157d7c088e00afadcc02611195acd7909ff0e1861242057a2cd2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 194}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119074, "scanner": "repobility-ast-engine", "fingerprint": "3626001b06d728a5b775a2ee47dff4e62e2bc828321d51582a0b536def72f709", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3626001b06d728a5b775a2ee47dff4e62e2bc828321d51582a0b536def72f709"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119073, "scanner": "repobility-ast-engine", "fingerprint": "0d073881d00755623915f37598e6bbaa19a1c355193222e421d6874b750d6d19", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0d073881d00755623915f37598e6bbaa19a1c355193222e421d6874b750d6d19"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 190}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119072, "scanner": "repobility-ast-engine", "fingerprint": "9f85078230708aa3a2ba3f14e1186f79b548c9dd85281ef16d243cdf38ad07a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9f85078230708aa3a2ba3f14e1186f79b548c9dd85281ef16d243cdf38ad07a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.check_link_active` used but never assigned in __init__: Method `filter_active_channels` of class `M3UCollector` reads `self.check_link_active`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119071, "scanner": "repobility-ast-engine", "fingerprint": "7d1b7b066161b4b461242519cb31ebd027ab6f7a51ecf94d90aa0d275a570ffb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7d1b7b066161b4b461242519cb31ebd027ab6f7a51ecf94d90aa0d275a570ffb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-France.py"}, "region": {"startLine": 158}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119070, "scanner": "repobility-ast-engine", "fingerprint": "c4777af2978f3224913e3c125e7ca1973409e2bdd573c4697905ff4a9db0a387", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c4777af2978f3224913e3c125e7ca1973409e2bdd573c4697905ff4a9db0a387"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 187}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.extract_stream_urls_from_html` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.extract_stream_urls_from_html`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119069, "scanner": "repobility-ast-engine", "fingerprint": "a96518cdd5cfddbd44c2a3c5c595ca555a017ef2cee5acb56585272703170ca2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a96518cdd5cfddbd44c2a3c5c595ca555a017ef2cee5acb56585272703170ca2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 184}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.filter_active_channels` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.filter_active_channels`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119068, "scanner": "repobility-ast-engine", "fingerprint": "3540c3df78a0ed5e3b2a256406a3850db5eb794fd1509fbf50c5cfa3a13fef4c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3540c3df78a0ed5e3b2a256406a3850db5eb794fd1509fbf50c5cfa3a13fef4c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 194}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.parse_and_store` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.parse_and_store`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119067, "scanner": "repobility-ast-engine", "fingerprint": "d06fd85d73ce56288b32a8c3c590d1c578b4cc508569dd12c1eb6f52ac6128c7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d06fd85d73ce56288b32a8c3c590d1c578b4cc508569dd12c1eb6f52ac6128c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119066, "scanner": "repobility-ast-engine", "fingerprint": "bd99fa6d637c6be37b6e2c77b8ff0cdf6a55a42b99822c4796500c65883d8aff", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bd99fa6d637c6be37b6e2c77b8ff0cdf6a55a42b99822c4796500c65883d8aff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 190}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.fetch_content` used but never assigned in __init__: Method `process_sources` of class `M3UCollector` reads `self.fetch_content`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119065, "scanner": "repobility-ast-engine", "fingerprint": "db9ca9f3bc75f5d94e86a3a244bdb3935af124f64e72d90307cc1887375ece42", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|db9ca9f3bc75f5d94e86a3a244bdb3935af124f64e72d90307cc1887375ece42"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 182}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.check_link_active` used but never assigned in __init__: Method `filter_active_channels` of class `M3UCollector` reads `self.check_link_active`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 119064, "scanner": "repobility-ast-engine", "fingerprint": "e36acbc5d2ecd48f4840e29cdf8d5db53b0ddb6dc206b939252b9f4fb61b3521", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e36acbc5d2ecd48f4840e29cdf8d5db53b0ddb6dc206b939252b9f4fb61b3521"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Egypt.py"}, "region": {"startLine": 158}}}]}, {"ruleId": "SEC083", "level": "error", "message": {"text": "[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) \u2014 variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0)."}, "properties": {"repobilityId": 119022, "scanner": "repobility-threat-engine", "fingerprint": "478ede55baff36181146ce25f7be348824891d46febc1de4f031f59cc3f61412", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "new RegExp(foundCountry", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC083", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|478ede55baff36181146ce25f7be348824891d46febc1de4f031f59cc3f61412"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SpecialCollection.js"}, "region": {"startLine": 179}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 119009, "scanner": "repobility-threat-engine", "fingerprint": "a9431e09713d59eb1ba5ca3673728a000abe2cc4af0e77f4a3c91efa9ba63d58", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a9431e09713d59eb1ba5ca3673728a000abe2cc4af0e77f4a3c91efa9ba63d58"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bahrain.py"}, "region": {"startLine": 107}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 119008, "scanner": "repobility-threat-engine", "fingerprint": "b5534e60646320e5394e66c806c1ddf85dda1e09d56cadce73e2a766361016e8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b5534e60646320e5394e66c806c1ddf85dda1e09d56cadce73e2a766361016e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Arabic.py"}, "region": {"startLine": 107}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 119007, "scanner": "repobility-threat-engine", "fingerprint": "889913ecf361ebb54b8d42150e96ebd3235c20a68ace220cffbff36a7aea72a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|889913ecf361ebb54b8d42150e96ebd3235c20a68ace220cffbff36a7aea72a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 107}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 119005, "scanner": "repobility-threat-engine", "fingerprint": "013ea39d14dc5e62f6fe4dac8d3a62236fb028344f99e95c2203f9d6c631a1ad", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.head(alt_url", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|013ea39d14dc5e62f6fe4dac8d3a62236fb028344f99e95c2203f9d6c631a1ad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Bahrain.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 119004, "scanner": "repobility-threat-engine", "fingerprint": "82307c2341173c74b70c6098172ba24422d7ecb238c2485d182bfbb64d16f42f", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.head(alt_url", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|82307c2341173c74b70c6098172ba24422d7ecb238c2485d182bfbb64d16f42f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/TV-Arabic.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 119003, "scanner": "repobility-threat-engine", "fingerprint": "48e1a669eca788534e7e7a4c4c748b783f7795ace38f3b5cce4d2db0fb2e1278", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.head(alt_url", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|48e1a669eca788534e7e7a4c4c748b783f7795ace38f3b5cce4d2db0fb2e1278"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 118993, "scanner": "repobility-threat-engine", "fingerprint": "3b3ae47121aa6ab2b2e2047b64cdf6a564576cebabd871ad1a46afe1e7f319bf", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "all_m3u_urls.update(m3u_urls)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|3b3ae47121aa6ab2b2e2047b64cdf6a564576cebabd871ad1a46afe1e7f319bf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 185}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 118992, "scanner": "repobility-threat-engine", "fingerprint": "db7a4a96bc987df7e04b5af67b283d550eeb124868d45c59760a6bfaa8eda6f7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "all_m3u_urls.update(m3u_urls)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|db7a4a96bc987df7e04b5af67b283d550eeb124868d45c59760a6bfaa8eda6f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Hollywood.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 118991, "scanner": "repobility-threat-engine", "fingerprint": "52f4e52099f489e18e22075a1052b40a6c8b452945bc93c2f1f721fa7997459d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "all_m3u_urls.update(m3u_urls)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|52f4e52099f489e18e22075a1052b40a6c8b452945bc93c2f1f721fa7997459d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 145}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 118989, "scanner": "repobility-threat-engine", "fingerprint": "5c7af84faec0131bfd8f5c1e45c3fe20f2ea7e3230ec1090b36400599634316b", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".search(r',(.+)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|126|sec103"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Private.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "SEC103", "level": "error", "message": {"text": "[SEC103] LDAP injection \u2014 non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts."}, "properties": {"repobilityId": 118988, "scanner": "repobility-threat-engine", "fingerprint": "bbfce41842d680d2ded4eaddef72846362b607b7548fefc4191a9cf151ba8f96", "category": "injection", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": ".search(r',(.+)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC103", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|token|93|sec103", "duplicate_count": 1, "duplicate_rule_ids": ["SEC103"], "duplicate_scanners": ["repobility-threat-engine"], "duplicate_fingerprints": ["bbfce41842d680d2ded4eaddef72846362b607b7548fefc4191a9cf151ba8f96", "e1d1f525031204b4afea6032949f7c627aa1f2e24d5eb9823c0a50a8657b9725"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BugsfreeMain/Movies-Bollywood.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 118983, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "MINED018", "level": "error", "message": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "properties": {"repobilityId": 119024, "scanner": "repobility-threat-engine", "fingerprint": "287d86ef9691f02a344d9fbc143a9554c4b0bddcd7bf600d8c5de16343a6bbd6", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "unsafe-deserialization-pickle", "owasp": "A08:2021", "cwe_ids": ["CWE-502"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347940+00:00", "triaged_in_corpus": 20, "observations_count": 58759, "ai_coder_pattern_id": 32}, "scanner": "repobility-threat-engine", "correlation_key": "fp|287d86ef9691f02a344d9fbc143a9554c4b0bddcd7bf600d8c5de16343a6bbd6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SpecialCollection.js"}, "region": {"startLine": 23}}}]}, {"ruleId": "SEC116", "level": "error", "message": {"text": "[SEC116] Ruby YAML.load / Marshal.load on untrusted input: `YAML.load` (pre-3.1) and `Marshal.load` instantiate arbitrary Ruby classes \u2014 direct RCE on untrusted input. `unsafe_load` is even more dangerous."}, "properties": {"repobilityId": 119023, "scanner": "repobility-threat-engine", "fingerprint": "29f88f4e9788f50830ccc6f32caf97df076a7ad8ac847c104481c9978fb18529", "category": "deserialization", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "yaml.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC116", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|specialcollection.js|23|sec116"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SpecialCollection.js"}, "region": {"startLine": 23}}}]}, {"ruleId": "SEC079", "level": "error", "message": {"text": "[SEC079] Python: yaml.load without SafeLoader: yaml.load() without explicit SafeLoader can execute arbitrary Python objects (CVE-2017-18342). Ported from bandit B506 / dlint DUO109 (Apache-2.0 / BSD-3)."}, "properties": {"repobilityId": 119021, "scanner": "repobility-threat-engine", "fingerprint": "12c2db304baa1fb687a7fbe8de1a19162cac10c2e7527556102d091c6c4776ce", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "yaml.load(configContent)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC079", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|12c2db304baa1fb687a7fbe8de1a19162cac10c2e7527556102d091c6c4776ce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SpecialCollection.js"}, "region": {"startLine": 23}}}]}]}]}