{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "WEB003", "name": "Public web service has no security.txt", "shortDescription": {"text": "Public web service has no security.txt"}, "fullDescription": {"text": "Add /.well-known/security.txt with Contact, Expires, Canonical, Preferred-Languages, and Policy fields. Keep the contact endpoint monitored."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "WEB015", "name": "Public web app has no Content Security Policy", "shortDescription": {"text": "Public web app has no Content Security Policy"}, "fullDescription": {"text": "Add a Content-Security-Policy header through the web framework or hosting config. For static apps, add a CSP meta tag that restricts default-src, script-src, connect-src, img-src, and frame-ancestors."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "JRN005", "name": "Compliance or security claim is near a placeholder link", "shortDescription": {"text": "Compliance or security claim is near a placeholder link"}, "fullDescription": {"text": "Link trust claims to current evidence, downgrade unverifiable wording, and replace placeholder footer/legal/security links with real destinations."}, "properties": {"scanner": "repobility-journey-contract", "category": "quality", "severity": "medium", "confidence": 0.76, "cwe": "", "owasp": ""}}, {"id": "AIC004", "name": "Suspicious implementation file appears unreferenced", "shortDescription": {"text": "Suspicious implementation file appears unreferenced"}, "fullDescription": {"text": "Confirm whether this file is reachable. If not, delete it; if yes, wire it through explicit imports, routes, or entry points and add a test that proves the path executes."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "medium", "confidence": 0.78, "cwe": "", "owasp": ""}}, {"id": "CFG006", "name": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.", "shortDescription": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "fullDescription": {"text": "Add a .gitignore appropriate for your language/framework."}, "properties": {"scanner": "repobility-threat-engine", "category": "practices", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC136", "name": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns ", "shortDescription": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, retur"}, "fullDescription": {"text": "Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC041", "name": "[SEC041] Tabnabbing \u2014 target=\"_blank\" without rel=\"noopener noreferrer\": <a target=\"_blank\"> without rel=\"noopener noref", "shortDescription": {"text": "[SEC041] Tabnabbing \u2014 target=\"_blank\" without rel=\"noopener noreferrer\": <a target=\"_blank\"> without rel=\"noopener noreferrer\" leaks window.opener to the opened page. The opened page can then run window.opener.location = 'phishing-site' and"}, "fullDescription": {"text": "Add rel=\"noopener noreferrer\" to every <a target=\"_blank\">:\n  <a href=\"...\" target=\"_blank\" rel=\"noopener noreferrer\">link</a>\nFor dynamically generated links from JS, set rel on the element before appending. Even safe-looking subdomains should harden \u2014 costs nothing."}, "properties": {"scanner": "repobility-threat-engine", "category": "security", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "ERR001", "name": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG ", "shortDescription": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "fullDescription": {"text": "Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types."}, "properties": {"scanner": "repobility-threat-engine", "category": "error_handling", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC007", "name": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.", "shortDescription": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "fullDescription": {"text": "Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC087", "name": "[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces", "shortDescription": {"text": "[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes concept (Apache-2.0)."}, "fullDescription": {"text": "Use `crypto.randomBytes(32).toString('hex')` (Node) or `crypto.getRandomValues()` (browser)."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "WEB011", "name": "Public web app has no humans.txt", "shortDescription": {"text": "Public web app has no humans.txt"}, "fullDescription": {"text": "Add humans.txt with team ownership, contact URL, key documentation links, and the last-updated date."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.5, "cwe": "", "owasp": ""}}, {"id": "WEB008", "name": "Public docs site has no llms.txt", "shortDescription": {"text": "Public docs site has no llms.txt"}, "fullDescription": {"text": "Add llms.txt with the product summary, canonical docs, API endpoints, security guidance, and preferred CLI workflow for AI agents."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.64, "cwe": "", "owasp": ""}}, {"id": "WEB002", "name": "Public web app has no sitemap", "shortDescription": {"text": "Public web app has no sitemap"}, "fullDescription": {"text": "Add sitemap.xml, a sitemap index, or a framework-native sitemap route and reference it from robots.txt."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "WEB001", "name": "Public web app has no robots.txt", "shortDescription": {"text": "Public web app has no robots.txt"}, "fullDescription": {"text": "Add robots.txt at the web root or a framework-native robots route. Include an explicit Sitemap directive and disallow only private paths."}, "properties": {"scanner": "repobility-web-presence", "category": "quality", "severity": "low", "confidence": 0.74, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "AIC002", "name": "Source file name looks like an AI patch artifact", "shortDescription": {"text": "Source file name looks like an AI patch artifact"}, "fullDescription": {"text": "Rename it to the domain concept it implements or merge it into the existing module it was meant to change."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.62, "cwe": "", "owasp": ""}}, {"id": "SEC124", "name": "[SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/exists then open) lets an attacke", "shortDescription": {"text": "[SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/exists then open) lets an attacker swap the file between check and use (symlink attack). `mktemp` is deprecated for the same reason."}, "fullDescription": {"text": "Use `os.open(path, os.O_CREAT | os.O_EXCL | os.O_WRONLY)` for atomic create-only. Use `tempfile.NamedTemporaryFile()` (not `mktemp`). For locking, use `fcntl.flock`."}, "properties": {"scanner": "repobility-threat-engine", "category": "race_condition", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `shrink` has cognitive complexity 14 (SonarSource scale). Cognitive comple", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `shrink` has cognitive complexity 14 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all we"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 14."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "SEC006", "name": "[SEC006] XSS Risk: Direct HTML injection without sanitization.", "shortDescription": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "fullDescription": {"text": "Use textContent instead of innerHTML. Sanitize with DOMPurify."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "low", "confidence": 0.4, "cwe": "", "owasp": ""}}, {"id": "SEC132", "name": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the la", "shortDescription": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on it"}, "fullDescription": {"text": "Python: `f\"prefix {var} suffix\"`. JS/TS: `` `prefix ${var} suffix` ``. Add a lint rule (pyupgrade UP032, eslint prefer-template) so future PRs catch this automatically."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC040", "name": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data (and 1 more): Same pattern found in 1 additional fil", "shortDescription": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "For plain text: use el.textContent = data.value (auto-escapes).\nFor HTML you need to render: el.innerHTML = DOMPurify.sanitize(html).\nFor React/Vue/Svelte: stop using innerHTML; use the framework's binding.\nWhen data comes from CV/PDF parsers, sanitize at the parser boundary too."}, "properties": {"scanner": "repobility-threat-engine", "category": "xss", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED046", "name": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger.", "shortDescription": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED052", "name": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.", "shortDescription": {"text": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-704 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED085", "name": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM.", "shortDescription": {"text": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1075 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC001", "name": "[SEC001] Hardcoded Password: Hardcoded password found in source code.", "shortDescription": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "fullDescription": {"text": "Use environment variables or a secrets manager."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "cwe": "", "owasp": ""}}, {"id": "MINED049", "name": "[MINED049] Print Pii (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED049] Print Pii (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[SEC020] Secret Printed to Logs (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED067", "name": "[MINED067] Python Requests No Timeout (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED067] Python Requests No Timeout (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-400 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC135", "name": "[SEC135] Auth/permission check missing on AI-generated endpoint (and 1 more): Same pattern found in 1 additional files. ", "shortDescription": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Add the project's auth decorator/middleware: `@login_required` (Django/Flask), `@permission_classes([IsAuthenticated])` (DRF), `Depends(get_current_user)` (FastAPI), `requireAuth` middleware (Express). For genuinely public endpoints, add a `# public-endpoint` marker comment so future scans skip them."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC078", "name": "[SEC078] Python: requests without timeout (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[SEC078] Python: requests without timeout (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Add `timeout=10` (or appropriate value) to every requests call."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 8 more): Same pattern found in 8 addit", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context (and 2 more): Same pattern found in 2 additional files. Review if needed.", "shortDescription": {"text": "[MINED077] Python Open No Context (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 1 more): Same pattern found in 1 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED071", "name": "[MINED071] Go Panic Call: panic() crashes the process. Should return error in most cases.", "shortDescription": {"text": "[MINED071] Go Panic Call: panic() crashes the process. Should return error in most cases."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED042", "name": "[MINED042] Cpp New Without Delete (and 12 more): Same pattern found in 12 additional files. Review if needed.", "shortDescription": {"text": "[MINED042] Cpp New Without Delete (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-401 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod (and 21 more): Same pattern found in 21 additional files. Review if needed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod (and 21 more): Same pattern found in 21 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call (and 44 more): Same pattern found in 44 additional files. Review if needed.", "shortDescription": {"text": "[MINED064] Python Input Call (and 44 more): Same pattern found in 44 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 4 more): Same pattern found in 4 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED080", "name": "[MINED080] Cpp Using Namespace Std (and 122 more): Same pattern found in 122 additional files. Review if needed.", "shortDescription": {"text": "[MINED080] Cpp Using Namespace Std (and 122 more): Same pattern found in 122 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED134", "name": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary", "shortDescription": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary_CSV.cpython-38.pyc` committed in source repo: `Program's_Contributed_By_Contributors/Library Database Management System"}, "fullDescription": {"text": "Audit the binary's provenance. If it's vendored library code, document it in a VENDORED.md. If it's a build artifact, add the extension to .gitignore and rebuild from source."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/github-script` pinned to mutable ref `@v7`: `uses: actions/github-script@v7` resolves at work", "shortDescription": {"text": "[MINED115] Action `actions/github-script` pinned to mutable ref `@v7`: `uses: actions/github-script@v7` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise"}, "fullDescription": {"text": "Replace with: `uses: actions/github-script@<40-char-sha>  # v7` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED113", "name": "[MINED113] Express POST /failure has no auth: Express route POST /failure declared without an auth middleware in its han", "shortDescription": {"text": "[MINED113] Express POST /failure has no auth: Express route POST /failure declared without an auth middleware in its handler chain. Destructive methods (POST/PUT/DELETE/PATCH) on unauthenticated routes are OWASP A01:2021 broken access contr"}, "fullDescription": {"text": "Add an auth middleware: app.post('/failure', requireAuth, handler) \u2014 or mount the router under app.use('/api', authMiddleware) and ensure the path is covered. If truly public, mark with a comment."}, "properties": {"scanner": "repobility-route-auth", "category": "quality", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self.m_h_g_p` used but never assigned in __init__: Method `total` of class `Bill_App` reads `self.m_h_g_p`, ", "shortDescription": {"text": "[MINED108] `self.m_h_g_p` used but never assigned in __init__: Method `total` of class `Bill_App` reads `self.m_h_g_p`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the "}, "fullDescription": {"text": "Initialize `self.m_h_g_p = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled ", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes e"}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED009", "name": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal.", "shortDescription": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-682 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInt", "shortDescription": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC013", "name": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows ", "shortDescription": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "fullDescription": {"text": "Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "MINED017", "name": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic.", "shortDescription": {"text": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-78 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`", "shortDescription": {"text": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import queue` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED030", "name": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.", "shortDescription": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-502 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC081", "name": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary co", "shortDescription": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "fullDescription": {"text": "Use json, msgpack, or protobuf for untrusted data. If pickle is required, sign the payload with HMAC."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED024", "name": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk.", "shortDescription": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-95 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED022", "name": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf.", "shortDescription": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-120 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1021"}, "properties": {"repository": "fineanmol/Hacktoberfest2025", "repoUrl": "https://github.com/fineanmol/Hacktoberfest2025", "branch": "master"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95990, "scanner": "repobility-ast-engine", "fingerprint": "e9942f1209e40c05598cf1694d4aed8ae2a248f4c7f8a5566b4f2d64fcefe0cb", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e9942f1209e40c05598cf1694d4aed8ae2a248f4c7f8a5566b4f2d64fcefe0cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class.py"}, "region": {"startLine": 470}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95989, "scanner": "repobility-ast-engine", "fingerprint": "a08024e29478d82b4a1d63d628feca219311d6dc7c9a53b4b5e2a05625194071", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a08024e29478d82b4a1d63d628feca219311d6dc7c9a53b4b5e2a05625194071"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class.py"}, "region": {"startLine": 606}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95988, "scanner": "repobility-ast-engine", "fingerprint": "33799e60ac4fc3f1e54d862b35485807a831a16e04ba4f731a32220e87cb67bc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|33799e60ac4fc3f1e54d862b35485807a831a16e04ba4f731a32220e87cb67bc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class.py"}, "region": {"startLine": 418}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95987, "scanner": "repobility-ast-engine", "fingerprint": "e9d6cf9247d3422e1a4ea50c6a1e806ed8e0cec4fc38100347dc1bb909eccd3f", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e9d6cf9247d3422e1a4ea50c6a1e806ed8e0cec4fc38100347dc1bb909eccd3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class.py"}, "region": {"startLine": 320}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95986, "scanner": "repobility-ast-engine", "fingerprint": "e79b1f33a6aa87c6fead4bb8dbb17220596ade9af6e791f83cf82e378b353a83", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e79b1f33a6aa87c6fead4bb8dbb17220596ade9af6e791f83cf82e378b353a83"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class_for_Windows.py"}, "region": {"startLine": 470}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95985, "scanner": "repobility-ast-engine", "fingerprint": "b79f18138ddc7f85d4704514b97dfdeb59c0559be06e9867faafad7d62c801ee", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b79f18138ddc7f85d4704514b97dfdeb59c0559be06e9867faafad7d62c801ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class_for_Windows.py"}, "region": {"startLine": 606}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95984, "scanner": "repobility-ast-engine", "fingerprint": "af7c4eff47bbff814d0701022c475369f51af4756e905ad92cd9cde324ee5255", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|af7c4eff47bbff814d0701022c475369f51af4756e905ad92cd9cde324ee5255"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class_for_Windows.py"}, "region": {"startLine": 418}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95983, "scanner": "repobility-ast-engine", "fingerprint": "ed98d9b68890717e964cd2ebd0e37d1880143853cf4afc20812ab03df280fa67", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ed98d9b68890717e964cd2ebd0e37d1880143853cf4afc20812ab03df280fa67"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class_for_Windows.py"}, "region": {"startLine": 320}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95982, "scanner": "repobility-ast-engine", "fingerprint": "a05b7f4ab06f8021c8aa0fafef0a23c56b47014fc61589fffb6a9ec7cab7e7d8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a05b7f4ab06f8021c8aa0fafef0a23c56b47014fc61589fffb6a9ec7cab7e7d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary.py"}, "region": {"startLine": 308}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95981, "scanner": "repobility-ast-engine", "fingerprint": "5f972ede65ad83053414596d66ace7ed808af292fb326d2b030064bf86c58398", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f972ede65ad83053414596d66ace7ed808af292fb326d2b030064bf86c58398"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary.py"}, "region": {"startLine": 442}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95980, "scanner": "repobility-ast-engine", "fingerprint": "b8946429199fb8bd1f5fe9245218bbffec7e5eedfaccbfe69220c7dad41dcdf3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b8946429199fb8bd1f5fe9245218bbffec7e5eedfaccbfe69220c7dad41dcdf3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95979, "scanner": "repobility-ast-engine", "fingerprint": "ed7818ef33de639c6a381e6d6e6509f40e3281d0f36d94809746c4b9c3ff85f8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ed7818ef33de639c6a381e6d6e6509f40e3281d0f36d94809746c4b9c3ff85f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95978, "scanner": "repobility-ast-engine", "fingerprint": "feddeb73d6b93666bc8c0ebcf4d265dd6ca172015c009069ef69a594a74865f8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|feddeb73d6b93666bc8c0ebcf4d265dd6ca172015c009069ef69a594a74865f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.py"}, "region": {"startLine": 330}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95977, "scanner": "repobility-ast-engine", "fingerprint": "80c0995b00becfd7eb53deff4dbe00b1d3f253f2ea22d462f6c3af4d76a23bcc", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|80c0995b00becfd7eb53deff4dbe00b1d3f253f2ea22d462f6c3af4d76a23bcc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.py"}, "region": {"startLine": 477}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95976, "scanner": "repobility-ast-engine", "fingerprint": "db5d96a5c01dc8ab66885b0d17967c14d824a5c24d8b5fa26012c97ebcc46f8b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|db5d96a5c01dc8ab66885b0d17967c14d824a5c24d8b5fa26012c97ebcc46f8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95975, "scanner": "repobility-ast-engine", "fingerprint": "f636e89a3b11f93155dc8158eb77347b36b38ecdf0d8e86b7d44a991ce67e3f3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f636e89a3b11f93155dc8158eb77347b36b38ecdf0d8e86b7d44a991ce67e3f3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.py"}, "region": {"startLine": 52}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95974, "scanner": "repobility-ast-engine", "fingerprint": "913725bc256da422ec4f7b4513f3720dfc770e63f757ea350818ec3b848a659d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|913725bc256da422ec4f7b4513f3720dfc770e63f757ea350818ec3b848a659d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95973, "scanner": "repobility-ast-engine", "fingerprint": "8a2bc729905b1be3c4448b10d79588f76b668a350ab8cb38e03c82673155b7c7", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8a2bc729905b1be3c4448b10d79588f76b668a350ab8cb38e03c82673155b7c7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/morse_translator.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95972, "scanner": "repobility-ast-engine", "fingerprint": "a485abbccf7ae00ea356b68b179095e7a025bb6f14683e26d598849908b268f5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a485abbccf7ae00ea356b68b179095e7a025bb6f14683e26d598849908b268f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Customized-Movie-Recommendation-System--main/Customized Movie Recommendation System.py"}, "region": {"startLine": 135}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 95971, "scanner": "repobility-ast-engine", "fingerprint": "e3a4994880be63b5448ed0851d0522d844fad94887779c3e5cb0dba5def91270", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e3a4994880be63b5448ed0851d0522d844fad94887779c3e5cb0dba5def91270"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "face recognition.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "WEB003", "level": "warning", "message": {"text": "Public web service has no security.txt"}, "properties": {"repobilityId": 95944, "scanner": "repobility-web-presence", "fingerprint": "5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app/API but no security.txt file or route was discovered.", "evidence": {"rule_id": "WEB003", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9116", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|5cd26606c5a53c9f403ff7a92a6917c19cf440a23ce03e2b90e8c493312ef8cd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".well-known/security.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB015", "level": "warning", "message": {"text": "Public web app has no Content Security Policy"}, "properties": {"repobilityId": 95943, "scanner": "repobility-web-presence", "fingerprint": "7eb70cae3ff63d8ed7c31706185d32b37655333b40b58ca826d740b08fb1ad63", "category": "quality", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no CSP header, framework header config, Helmet policy, or CSP meta tag was discovered.", "evidence": {"rule_id": "WEB015", "scanner": "repobility-web-presence", "references": ["https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|7eb70cae3ff63d8ed7c31706185d32b37655333b40b58ca826d740b08fb1ad63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "index.html"}, "region": {"startLine": 1}}}]}, {"ruleId": "JRN005", "level": "warning", "message": {"text": "Compliance or security claim is near a placeholder link"}, "properties": {"repobilityId": 95938, "scanner": "repobility-journey-contract", "fingerprint": "f434934eff7f5c87a6a40b604476d55415581fa9caddeb84f38d11fdfd13afdf", "category": "quality", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Placeholder link appears near compliance/security claim text.", "evidence": {"rule_id": "JRN005", "scanner": "repobility-journey-contract", "references": ["https://repobility.com/library/authorization/"], "correlation_key": "fp|f434934eff7f5c87a6a40b604476d55415581fa9caddeb84f38d11fdfd13afdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SSK.html"}, "region": {"startLine": 97}}}]}, {"ruleId": "JRN005", "level": "warning", "message": {"text": "Compliance or security claim is near a placeholder link"}, "properties": {"repobilityId": 95937, "scanner": "repobility-journey-contract", "fingerprint": "e99348cdccde4906905c0e289681d5867ce650b08317fc7f6574fff4a5b9d924", "category": "quality", "severity": "medium", "confidence": 0.76, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Placeholder link appears near compliance/security claim text.", "evidence": {"rule_id": "JRN005", "scanner": "repobility-journey-contract", "references": ["https://repobility.com/library/authorization/"], "correlation_key": "fp|e99348cdccde4906905c0e289681d5867ce650b08317fc7f6574fff4a5b9d924"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SSK.html"}, "region": {"startLine": 88}}}]}, {"ruleId": "AIC004", "level": "warning", "message": {"text": "Suspicious implementation file appears unreferenced"}, "properties": {"repobilityId": 95906, "scanner": "repobility-ai-code-hygiene", "fingerprint": "447fcb618654547970ad66fd9431aa51dd87ce6ec86888117817c60d9c91b929", "category": "quality", "severity": "medium", "confidence": 0.78, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Patch-style source file has no detected inbound reference from other repository files.", "evidence": {"suffix": "copy", "rule_id": "AIC004", "scanner": "repobility-ai-code-hygiene", "references": ["https://knip.dev/", "https://github.com/jendrikseipp/vulture"], "correlation_key": "fp|447fcb618654547970ad66fd9431aa51dd87ce6ec86888117817c60d9c91b929"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Shallow_Copy.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "CFG006", "level": "warning", "message": {"text": "[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts."}, "properties": {"repobilityId": 95904, "scanner": "repobility-threat-engine", "fingerprint": "c65fc71ce58c37a0e07837c0fe294108b731c43ef16027a2f0971c757bbe9a16", "category": "practices", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "No .gitignore file found in repository root", "evidence": {"reason": "No .gitignore file found in repository root", "rule_id": "CFG006", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "repo|practices|cfg006"}}}, {"ruleId": "SEC136", "level": "warning", "message": {"text": "[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws \u2014 wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated."}, "properties": {"repobilityId": 95903, "scanner": "repobility-threat-engine", "fingerprint": "7c1dfee9afb3d240fa04f99ebd419f9412a833ac25e4b95d70756dd8c3244293", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "} catch (__){\n      return null;\n    }", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC136", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|7c1dfee9afb3d240fa04f99ebd419f9412a833ac25e4b95d70756dd8c3244293"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/main.js"}, "region": {"startLine": 28}}}]}, {"ruleId": "SEC041", "level": "warning", "message": {"text": "[SEC041] Tabnabbing \u2014 target=\"_blank\" without rel=\"noopener noreferrer\": <a target=\"_blank\"> without rel=\"noopener noreferrer\" leaks window.opener to the opened page. The opened page can then run window.opener.location = 'phishing-site' and the parent tab quietly navigates to attacker-controlled content (reverse tabnabbing). OWASP-classic; modern browsers default rel='noopener' for new windows but explicit attribute is still required for compatibility."}, "properties": {"repobilityId": 95902, "scanner": "repobility-threat-engine", "fingerprint": "0ccde25a1734a902ce490fd50d94c19e459d4e2e2726a9804177d2ef026ce429", "category": "security", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "<a href=\"https://github.com/fineanmol/Hacktoberfest${currentYear}\" target=\"_blank\">", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC041", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|security|scripts/main.js|343|sec041"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/main.js"}, "region": {"startLine": 343}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 95859, "scanner": "repobility-threat-engine", "fingerprint": "1a01dae4d513a70dc4aa995edc974eb352fff3cf244c95ce2250d6a071ab8219", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except:\n                    pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1a01dae4d513a70dc4aa995edc974eb352fff3cf244c95ce2250d6a071ab8219"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Resizable_Array.py"}, "region": {"startLine": 127}}}]}, {"ruleId": "ERR001", "level": "warning", "message": {"text": "[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level."}, "properties": {"repobilityId": 95858, "scanner": "repobility-threat-engine", "fingerprint": "1462a1fde33c6966858dc4a377d8e3a7546f24d669a92fc2acfd74560395e47e", "category": "error_handling", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "except:\n        pass", "reason": "Pattern matched with no mitigating context found", "rule_id": "ERR001", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|1462a1fde33c6966858dc4a377d8e3a7546f24d669a92fc2acfd74560395e47e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "SEC007", "level": "warning", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 95841, "scanner": "repobility-threat-engine", "fingerprint": "724113c7241a660f25f0da796e883e28710e47793bc8fd454dec22e4b851dfdf", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|face recognition.py|40|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "face recognition.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC007", "level": "warning", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 95840, "scanner": "repobility-threat-engine", "fingerprint": "9ceae5954fd7dd725dfd31a90e90b6a9f7e546d302180aa31c7e7ec1c74948f8", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|program token database management system/abc.py|16|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/abc.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "SEC007", "level": "warning", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 95839, "scanner": "repobility-threat-engine", "fingerprint": "9d57a4cfbb51317ec6db0f7a2fbef8fc10ba11a945a37e007d1f641f664875ff", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|program token database management system/dbmslibrary_gui.py|19|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "SEC087", "level": "warning", "message": {"text": "[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes concept (Apache-2.0)."}, "properties": {"repobilityId": 95834, "scanner": "repobility-threat-engine", "fingerprint": "55d29f74d82d4bcc752988d147408be9a7314f511dec3563e8f9978d2cf765d3", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "secret) {\n  const delay = (0.5 + Math.random(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC087", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|55d29f74d82d4bcc752988d147408be9a7314f511dec3563e8f9978d2cf765d3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/JavaScript_Programs/create-promise.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 95828, "scanner": "repobility-threat-engine", "fingerprint": "6ed84d72b0234b0e60378d711bc3ebcd624dd0aa736e7114f5285be1a504c7f4", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|calculator.py|21|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "calculator.py"}, "region": {"startLine": 21}}}]}, {"ruleId": "SEC045", "level": "warning", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 95827, "scanner": "repobility-threat-engine", "fingerprint": "f399ba75c3098d95a5691764d62050e3cf938c74c648006dd904192957db5be4", "category": "injection", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "eval(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|injection|program token|19|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/JS_calculator/script.js"}, "region": {"startLine": 19}}}]}, {"ruleId": "WEB011", "level": "note", "message": {"text": "Public web app has no humans.txt"}, "properties": {"repobilityId": 95942, "scanner": "repobility-web-presence", "fingerprint": "bdd551fbe1ab6405480e0d5755632562c2096cb9e9a6a071ef60e4c27a6873f1", "category": "quality", "severity": "low", "confidence": 0.5, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Repository looks like a public web app but no humans.txt file or route was discovered.", "evidence": {"rule_id": "WEB011", "scanner": "repobility-web-presence", "references": ["https://github.com/Lissy93/web-check"], "correlation_key": "fp|bdd551fbe1ab6405480e0d5755632562c2096cb9e9a6a071ef60e4c27a6873f1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "humans.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB008", "level": "note", "message": {"text": "Public docs site has no llms.txt"}, "properties": {"repobilityId": 95941, "scanner": "repobility-web-presence", "fingerprint": "cdce8ed8706710d39c3e7272dad572dd639cff74fd3d2ac62d8f6f522b891d76", "category": "quality", "severity": "low", "confidence": 0.64, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Repository looks public and documentation-heavy but no llms.txt file or route was discovered.", "evidence": {"rule_id": "WEB008", "scanner": "repobility-web-presence", "references": ["https://llmstxt.org/"], "correlation_key": "fp|cdce8ed8706710d39c3e7272dad572dd639cff74fd3d2ac62d8f6f522b891d76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "llms.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB002", "level": "note", "message": {"text": "Public web app has no sitemap"}, "properties": {"repobilityId": 95940, "scanner": "repobility-web-presence", "fingerprint": "fccbe72d13ca3ba9197ec37b0daa0802fb6d5ebff54b3eb9f09b59b0f8d0acdf", "category": "quality", "severity": "low", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no sitemap file or route was discovered.", "evidence": {"rule_id": "WEB002", "scanner": "repobility-web-presence", "references": ["https://www.sitemaps.org/protocol.html", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|fccbe72d13ca3ba9197ec37b0daa0802fb6d5ebff54b3eb9f09b59b0f8d0acdf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "sitemap.xml"}, "region": {"startLine": 1}}}]}, {"ruleId": "WEB001", "level": "note", "message": {"text": "Public web app has no robots.txt"}, "properties": {"repobilityId": 95939, "scanner": "repobility-web-presence", "fingerprint": "cae3f2223945958e14d8eb90f7965fa26b47011cc5be29c2855a4054937e29c4", "category": "quality", "severity": "low", "confidence": 0.74, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "Repository looks like a public web app but no robots.txt file or route was discovered.", "evidence": {"rule_id": "WEB001", "scanner": "repobility-web-presence", "references": ["https://www.rfc-editor.org/rfc/rfc9309", "https://github.com/Lissy93/web-check"], "correlation_key": "fp|cae3f2223945958e14d8eb90f7965fa26b47011cc5be29c2855a4054937e29c4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "robots.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95936, "scanner": "repobility-ai-code-hygiene", "fingerprint": "95137577568cdfa4561eea4d062543b8d9e258f0b33f9360db0dca83ffe5daee", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "bubble.cpp", "duplicate_line": 17, "correlation_key": "fp|95137577568cdfa4561eea4d062543b8d9e258f0b33f9360db0dca83ffe5daee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "insertion.cpp"}, "region": {"startLine": 19}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95935, "scanner": "repobility-ai-code-hygiene", "fingerprint": "d85306713b54b4240291f83e3f12a0a3d7de70e47da6afecda70a5a1b9e4b015", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "bubble.cpp", "duplicate_line": 17, "correlation_key": "fp|d85306713b54b4240291f83e3f12a0a3d7de70e47da6afecda70a5a1b9e4b015"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bucket.cpp"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95934, "scanner": "repobility-ai-code-hygiene", "fingerprint": "fd10c2a43b340e6aaeec50511aa8322eb230b90e1617ea5709a465fc46c2ae1c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Python_Programs/BinarySearch.py", "duplicate_line": 1, "correlation_key": "fp|fd10c2a43b340e6aaeec50511aa8322eb230b90e1617ea5709a465fc46c2ae1c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "binary-search.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95933, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c02ce60242783b9c72119deebcc3b0be0492580c34f46b5d65dd324168a823ab", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++/bubblesort.cpp", "duplicate_line": 1, "correlation_key": "fp|c02ce60242783b9c72119deebcc3b0be0492580c34f46b5d65dd324168a823ab"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/bubblesort.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95932, "scanner": "repobility-ai-code-hygiene", "fingerprint": "344e2d49aa69026694d30b581df54756f26a0f4fd89c292b6b8556abefb1bf4e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Python_Programs/morse_code.py", "duplicate_line": 8, "correlation_key": "fp|344e2d49aa69026694d30b581df54756f26a0f4fd89c292b6b8556abefb1bf4e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/morse_translator.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95931, "scanner": "repobility-ai-code-hygiene", "fingerprint": "dc1848c1926ca0e3007b197379306ad1315226ca7631c0b586f286f219072d58", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Python_Programs/heap-sort.py", "duplicate_line": 1, "correlation_key": "fp|dc1848c1926ca0e3007b197379306ad1315226ca7631c0b586f286f219072d58"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/heapheapsort.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95930, "scanner": "repobility-ai-code-hygiene", "fingerprint": "72935bd2d854875d2fa41169d13b88aed0259fcfffdc72141bb35058425d4e33", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5001.py", "duplicate_line": 18, "correlation_key": "fp|72935bd2d854875d2fa41169d13b88aed0259fcfffdc72141bb35058425d4e33"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_main.py"}, "region": {"startLine": 17}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95929, "scanner": "repobility-ai-code-hygiene", "fingerprint": "451977ba8908225d972e564395f8dd3dad912ae39fd0dc0e1eaa03045284aaac", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5001.py", "duplicate_line": 3, "correlation_key": "fp|451977ba8908225d972e564395f8dd3dad912ae39fd0dc0e1eaa03045284aaac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5003.py"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95928, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f6d01ca69ac7386320ce43d4ef6fa3283675eaebb58a2fd669c479e992173414", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5001.py", "duplicate_line": 3, "correlation_key": "fp|f6d01ca69ac7386320ce43d4ef6fa3283675eaebb58a2fd669c479e992173414"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5002.py"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95927, "scanner": "repobility-ai-code-hygiene", "fingerprint": "11d787c8ec93c0bcbbeb0c1c9aef8c4967fbfdaf70927d6e714fb33cf9c56907", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Library Database Management System/GUI_Lib.py", "duplicate_line": 29, "correlation_key": "fp|11d787c8ec93c0bcbbeb0c1c9aef8c4967fbfdaf70927d6e714fb33cf9c56907"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/GUI_Main.py"}, "region": {"startLine": 33}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95926, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a30b33d97870dd6c23d88c5227665625c1b9c5bd94907a8adacd7f437a84e9c2", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary.py", "duplicate_line": 9, "correlation_key": "fp|a30b33d97870dd6c23d88c5227665625c1b9c5bd94907a8adacd7f437a84e9c2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 13}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95925, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e47da0542e17d6afca723d9f9b20aea2a75738a6772e9799657e023be26e6c1c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary.py", "duplicate_line": 28, "correlation_key": "fp|e47da0542e17d6afca723d9f9b20aea2a75738a6772e9799657e023be26e6c1c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95924, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b08b8b6787f5e74e81cde8449b11707d077853981a7323fa9fcd77e93e1de594", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Library Database Management System/Class.py", "duplicate_line": 222, "correlation_key": "fp|b08b8b6787f5e74e81cde8449b11707d077853981a7323fa9fcd77e93e1de594"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95923, "scanner": "repobility-ai-code-hygiene", "fingerprint": "467e2904849c2995303b78bea02e8deb7f784f42f1eac3713ee4afa8099d9232", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSUser_Library.py", "duplicate_line": 7, "correlation_key": "fp|467e2904849c2995303b78bea02e8deb7f784f42f1eac3713ee4afa8099d9232"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSUser_Library_withCSV.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95922, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f88dd3c00fd2048a08fd697b1d08c766271a879e9b04550e3a436b88f215d87e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Library Database Management System/Class.py", "duplicate_line": 5, "correlation_key": "fp|f88dd3c00fd2048a08fd697b1d08c766271a879e9b04550e3a436b88f215d87e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/Class_for_Windows.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95921, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f99da5bdbd0df8ecf014fe0ece3420fac27938b567408c60e2161c7fcfb6fbba", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Java_Programs/java/stack/ArrayStack.java", "duplicate_line": 52, "correlation_key": "fp|f99da5bdbd0df8ecf014fe0ece3420fac27938b567408c60e2161c7fcfb6fbba"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/java/stack/LinkedStack.java"}, "region": {"startLine": 51}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95920, "scanner": "repobility-ai-code-hygiene", "fingerprint": "df0ee549d0a40019c3745ed819660604db8f065738b061439f0117df1dc59c51", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Java_Programs/heap/BianryHeapMethods2.java", "duplicate_line": 3, "correlation_key": "fp|df0ee549d0a40019c3745ed819660604db8f065738b061439f0117df1dc59c51"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/heap/BinaryHeapMeathods.java"}, "region": {"startLine": 3}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95919, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4182cb3593a0356087d2c9c0e0857a7447bfda7430d6f240c1169b669565f52d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/Implementation_of_DS/Javascript/BinaryHeap.js", "duplicate_line": 1, "correlation_key": "fp|4182cb3593a0356087d2c9c0e0857a7447bfda7430d6f240c1169b669565f52d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Implementation_of_DS/Javascript/DoubleLinkedList.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95918, "scanner": "repobility-ai-code-hygiene", "fingerprint": "6ba9912ab258f6e999dfc02151e504a20157612170cef1515f29b6ff658dd548", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++/Sudoko Solver.cpp", "duplicate_line": 1, "correlation_key": "fp|6ba9912ab258f6e999dfc02151e504a20157612170cef1515f29b6ff658dd548"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++/sudoku.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95917, "scanner": "repobility-ai-code-hygiene", "fingerprint": "249157cc37a49ea2b100b3c5994493ba0dc69f6ac11f223d144ed17a8f7c6730", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/middlelist.cpp", "duplicate_line": 12, "correlation_key": "fp|249157cc37a49ea2b100b3c5994493ba0dc69f6ac11f223d144ed17a8f7c6730"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/reverselist.cpp"}, "region": {"startLine": 24}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95916, "scanner": "repobility-ai-code-hygiene", "fingerprint": "628804783842d0c4ffde58fa8435f359b1680c38317ac61578e63a0e245380e3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/listCycle.cpp", "duplicate_line": 7, "correlation_key": "fp|628804783842d0c4ffde58fa8435f359b1680c38317ac61578e63a0e245380e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/reverselist.cpp"}, "region": {"startLine": 19}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95915, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4a542654cd5e461fd3623231ad4c13de4eb1ec6362b9c10071637bf35b3a0840", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/middlelist.cpp", "duplicate_line": 14, "correlation_key": "fp|4a542654cd5e461fd3623231ad4c13de4eb1ec6362b9c10071637bf35b3a0840"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/removefromend.cpp"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95914, "scanner": "repobility-ai-code-hygiene", "fingerprint": "189dab3f2c4b31d15e7ca4942a1b8f48f451902f9c66f89a17f7a6dfc497a96d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/listCycle.cpp", "duplicate_line": 1, "correlation_key": "fp|189dab3f2c4b31d15e7ca4942a1b8f48f451902f9c66f89a17f7a6dfc497a96d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/removefromend.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95913, "scanner": "repobility-ai-code-hygiene", "fingerprint": "97f2ad6c486ec34aa87821b5659452b1458b2f0ad723a7b2825bc44cc4f33bf6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/listCycle.cpp", "duplicate_line": 1, "correlation_key": "fp|97f2ad6c486ec34aa87821b5659452b1458b2f0ad723a7b2825bc44cc4f33bf6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/middlelist.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95912, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9cc5549c70bc0e12967075a78bf100508ab20cda64abe21603673dbbe52eae75", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/add2num.cpp", "duplicate_line": 1, "correlation_key": "fp|9cc5549c70bc0e12967075a78bf100508ab20cda64abe21603673dbbe52eae75"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/merge2list.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95911, "scanner": "repobility-ai-code-hygiene", "fingerprint": "7177c72abc833851e28a6889f02140734b1a58596b5d7d9eff00dd74375bc8af", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/add2num.cpp", "duplicate_line": 1, "correlation_key": "fp|7177c72abc833851e28a6889f02140734b1a58596b5d7d9eff00dd74375bc8af"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/linkedlist/intersectlist.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95910, "scanner": "repobility-ai-code-hygiene", "fingerprint": "35dbffc206dafa42686d2c5aa25309d5fe0ac04768dd06f54578f1eeda8313c0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/Array/selectionsort.cpp", "duplicate_line": 11, "correlation_key": "fp|35dbffc206dafa42686d2c5aa25309d5fe0ac04768dd06f54578f1eeda8313c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/Sorting/bubblesort.cpp"}, "region": {"startLine": 15}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95909, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4d7fc41b3a1e546e529883e88c4bc846e4b7973df7eee306b191b88ddd023f8c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/Merge2sortedLInkedList.cpp", "duplicate_line": 1, "correlation_key": "fp|4d7fc41b3a1e546e529883e88c4bc846e4b7973df7eee306b191b88ddd023f8c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/MiddleLinkedList.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95908, "scanner": "repobility-ai-code-hygiene", "fingerprint": "36901a07f8535881d3219da8f177c52deaa330c905b26c8c52533385a60a798d", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Income_Cal.cpp", "duplicate_line": 1, "correlation_key": "fp|36901a07f8535881d3219da8f177c52deaa330c905b26c8c52533385a60a798d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/Income_Cal.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 95907, "scanner": "repobility-ai-code-hygiene", "fingerprint": "575f1f5249a27adbcb25c186b3a84a700e23c1b704ddfea7846955ceaaf4a14b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "Program's_Contributed_By_Contributors/C++ Programs/Array/BinarySearch.cpp", "duplicate_line": 17, "correlation_key": "fp|575f1f5249a27adbcb25c186b3a84a700e23c1b704ddfea7846955ceaaf4a14b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/Array/LinearSearch.cpp"}, "region": {"startLine": 8}}}]}, {"ruleId": "AIC002", "level": "note", "message": {"text": "Source file name looks like an AI patch artifact"}, "properties": {"repobilityId": 95905, "scanner": "repobility-ai-code-hygiene", "fingerprint": "b536099f9331ef9635067b1cb8fc188d9ee2a3b40ef4bd080e92f4c5cb080f70", "category": "quality", "severity": "low", "confidence": 0.62, "triageState": "open", "verdict": "needs_review", "isResolved": false, "reason": "Source filename contains a temporary or patch-style suffix.", "evidence": {"suffix": "copy", "rule_id": "AIC002", "scanner": "repobility-ai-code-hygiene", "references": ["https://arxiv.org/abs/2601.15195"], "correlation_key": "fp|b536099f9331ef9635067b1cb8fc188d9ee2a3b40ef4bd080e92f4c5cb080f70"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Shallow_Copy.cpp"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC124", "level": "note", "message": {"text": "[SEC124] TOCTOU file access (os.access then open): Check-then-use file pattern (access/exists then open) lets an attacker swap the file between check and use (symlink attack). `mktemp` is deprecated for the same reason."}, "properties": {"repobilityId": 95897, "scanner": "repobility-threat-engine", "fingerprint": "e8f5a94128cae02fddc03c72db216ba3a5a72d71559b51ee5284d97ce295ff3c", "category": "race_condition", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "os.path.exists(\"highscore.txt\")):\n        with open(\"highscore.txt\",\"w", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC124", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e8f5a94128cae02fddc03c72db216ba3a5a72d71559b51ee5284d97ce295ff3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Snake_game-master/Snake_game-master/snakegame.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `shrink` has cognitive complexity 14 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, else=2, except=1, for=1, if=2, nested_bonus=7."}, "properties": {"repobilityId": 95866, "scanner": "repobility-threat-engine", "fingerprint": "8475c5a16cf957bd9356fd3fa09fd8d31b0400181f678eacab6f93a6dbffd5e4", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 14 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "shrink", "breakdown": {"if": 2, "for": 1, "elif": 1, "else": 2, "except": 1, "nested_bonus": 7}, "complexity": 14, "correlation_key": "fp|8475c5a16cf957bd9356fd3fa09fd8d31b0400181f678eacab6f93a6dbffd5e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Resizable_Array.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `merge` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: break=2, else=1, if=5, nested_bonus=3, while=1."}, "properties": {"repobilityId": 95865, "scanner": "repobility-threat-engine", "fingerprint": "5d95cd2cd2590eb42d9a786a16dbb864f204715eaef41841e2832e4f456eb5f8", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 12 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "merge", "breakdown": {"if": 5, "else": 1, "break": 2, "while": 1, "nested_bonus": 3}, "complexity": 12, "correlation_key": "fp|5d95cd2cd2590eb42d9a786a16dbb864f204715eaef41841e2832e4f456eb5f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Merge_Sort.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `binary_search` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, else=2, if=2, nested_bonus=2, recursion=2."}, "properties": {"repobilityId": 95864, "scanner": "repobility-threat-engine", "fingerprint": "0f18cbd3449eb6435ff690abe75469fc73b7ca56f82481297f16795288f0f857", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "binary_search", "breakdown": {"if": 2, "elif": 1, "else": 2, "recursion": 2, "nested_bonus": 2}, "complexity": 9, "correlation_key": "fp|0f18cbd3449eb6435ff690abe75469fc73b7ca56f82481297f16795288f0f857"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/BinarySearch.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 95837, "scanner": "repobility-threat-engine", "fingerprint": "db8b8407e1f1c7eef4faef0bdb79f7f27fbbc140e30213cc723f745afed38e6d", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = `", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|ttt hacktberfest/web.js|34|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "TTT hacktberfest/web.js"}, "region": {"startLine": 34}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 95836, "scanner": "repobility-threat-engine", "fingerprint": "51536ae597b515ca20fcc6a364a2dd3a05146d0084c6257bc07d3af5e7896991", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML=c", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|rockpaperscissorgame/app.js|18|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "RockPaperScissorGame/app.js"}, "region": {"startLine": 18}}}]}, {"ruleId": "SEC006", "level": "note", "message": {"text": "[SEC006] XSS Risk: Direct HTML injection without sanitization."}, "properties": {"repobilityId": 95835, "scanner": "repobility-threat-engine", "fingerprint": "c2fb011ed92fd23cdc75af497b08e3458a79868f9619c00c2e9db582e9c3a64d", "category": "injection", "severity": "low", "confidence": 0.4, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "evidence": {"match": ".innerHTML = t", "reason": "No user-input source (request/query/fetch/URL) found \u2014 may be static content", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.4, "correlation_key": "code|injection|program token|7|sec006"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/JavaScript_Programs/formValidation.js"}, "region": {"startLine": 7}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 95832, "scanner": "repobility-threat-engine", "fingerprint": "5e2431e652148b70eedcbf9bff44dd5bbc8be48e7e804f387a1bc015ddf99844", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"The graph contains \"+ s + \" as a vertex.\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5e2431e652148b70eedcbf9bff44dd5bbc8be48e7e804f387a1bc015ddf99844"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/graph.java"}, "region": {"startLine": 50}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 95831, "scanner": "repobility-threat-engine", "fingerprint": "6ceb33a1fd3712f6eb964edf963b55ee0002a251cc2090ac3d139d5813ce7bdb", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\" divided by \" + num2 + \" equals \"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|6ceb33a1fd3712f6eb964edf963b55ee0002a251cc2090ac3d139d5813ce7bdb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/Misc/Math.java"}, "region": {"startLine": 47}}}]}, {"ruleId": "SEC132", "level": "note", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift): String built by concatenation where the language has cleaner interpolation (Python f-strings since 3.6, JS template literals since ES6). Not a vulnerability on its own, but a style signature of cross-language AI rewrites \u2014 the model wrote idiomatic Java/C# and then translated mechanically. When this style appears in only *some* files of a repo, it's a strong indicator of an AI-driven rewrite that needs a human review p"}, "properties": {"repobilityId": 95830, "scanner": "repobility-threat-engine", "fingerprint": "5e7eb771060fc62546c736ade84463987a21e57e88350225d8bf5c1655f8513e", "category": "quality", "severity": "low", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "\"Your lovescore is \" + lovescore + \"% .  You both are made for each other.\"", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5e7eb771060fc62546c736ade84463987a21e57e88350225d8bf5c1655f8513e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/JavaScript_Programs/Lovescore.js"}, "region": {"startLine": 15}}}]}, {"ruleId": "SEC040", "level": "none", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 95901, "scanner": "repobility-threat-engine", "fingerprint": "c066fdac20648ab02e6c78e05ac6d7be6049c4550b793a58bcd25dd5d0594df0", "category": "xss", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|c066fdac20648ab02e6c78e05ac6d7be6049c4550b793a58bcd25dd5d0594df0"}}}, {"ruleId": "MINED046", "level": "none", "message": {"text": "[MINED046] Dart Print: print() in Flutter goes to console. Use debugPrint / logger."}, "properties": {"repobilityId": 95894, "scanner": "repobility-threat-engine", "fingerprint": "cb15cbee02b54cae4b1b8672a4965791c537758a7f0bcf848bdc67dfa380d8ae", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "dart-print", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["dart"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348008+00:00", "triaged_in_corpus": 10, "observations_count": 1515005, "ai_coder_pattern_id": 168}, "scanner": "repobility-threat-engine", "correlation_key": "fp|cb15cbee02b54cae4b1b8672a4965791c537758a7f0bcf848bdc67dfa380d8ae"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/dart/binary_search.dart"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED052", "level": "none", "message": {"text": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety."}, "properties": {"repobilityId": 95893, "scanner": "repobility-threat-engine", "fingerprint": "ecc5994cf8aebebc106183ac3bfb44f555de845232724f22338dc69f556decb7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-any-typed", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348022+00:00", "triaged_in_corpus": 12, "observations_count": 496002, "ai_coder_pattern_id": 97}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ecc5994cf8aebebc106183ac3bfb44f555de845232724f22338dc69f556decb7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Typescript/unknown_type.ts"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED052", "level": "none", "message": {"text": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety."}, "properties": {"repobilityId": 95892, "scanner": "repobility-threat-engine", "fingerprint": "b444b005e608c3c17c4c20730af7b84264e30031d45bf257d8a6edd3887570fd", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-any-typed", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348022+00:00", "triaged_in_corpus": 12, "observations_count": 496002, "ai_coder_pattern_id": 97}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b444b005e608c3c17c4c20730af7b84264e30031d45bf257d8a6edd3887570fd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Typescript/type_conversion_using_unknown_as.ts"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED052", "level": "none", "message": {"text": "[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety."}, "properties": {"repobilityId": 95891, "scanner": "repobility-threat-engine", "fingerprint": "7abc1dd25bd4a1e6d0d681a30303d6fd22a39bbd9441413aecea060c3887aa4c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "ts-any-typed", "owasp": null, "cwe_ids": ["CWE-704"], "languages": ["typescript", "tsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348022+00:00", "triaged_in_corpus": 12, "observations_count": 496002, "ai_coder_pattern_id": 97}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7abc1dd25bd4a1e6d0d681a30303d6fd22a39bbd9441413aecea060c3887aa4c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Typescript/any.ts"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED085", "level": "none", "message": {"text": "[MINED085] Java Systemexit: System.exit() inside a library kills the whole JVM."}, "properties": {"repobilityId": 95890, "scanner": "repobility-threat-engine", "fingerprint": "080f611b4d8651adf1be997fcc90bcbf7bc92dd3234b9c22d673cdb51d65bfc8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "java-systemexit", "owasp": null, "cwe_ids": ["CWE-1075"], "languages": ["java"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348136+00:00", "triaged_in_corpus": 15, "observations_count": 970, "ai_coder_pattern_id": 127}, "scanner": "repobility-threat-engine", "correlation_key": "fp|080f611b4d8651adf1be997fcc90bcbf7bc92dd3234b9c22d673cdb51d65bfc8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Server.java"}, "region": {"startLine": 42}}}]}, {"ruleId": "SEC001", "level": "none", "message": {"text": "[SEC001] Hardcoded Password: Hardcoded password found in source code."}, "properties": {"repobilityId": 95889, "scanner": "repobility-threat-engine", "fingerprint": "7b8352bea2c2c035365eff2e02da85a775841da0884d2b526505d82984237d0a", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Value looks like a development placeholder, not a live credential", "evidence": {"match": "password = '<redacted>'", "reason": "Value looks like a development placeholder, not a live credential", "rule_id": "SEC001", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|program token|1|password redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/pdf_password_remover.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 95888, "scanner": "repobility-threat-engine", "fingerprint": "ffe0bb40951d1fe20325d6626515b6b3f5194cef1a3be6e6de11e9645a8d8a72", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|ffe0bb40951d1fe20325d6626515b6b3f5194cef1a3be6e6de11e9645a8d8a72", "aggregated_count": 1}}}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 95887, "scanner": "repobility-threat-engine", "fingerprint": "16962d2dce96c92aed0a230c3145ae6bf33877e1763a1d26e43e0e64ba1b95f6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|16962d2dce96c92aed0a230c3145ae6bf33877e1763a1d26e43e0e64ba1b95f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Typescript/classes.ts"}, "region": {"startLine": 35}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 95886, "scanner": "repobility-threat-engine", "fingerprint": "fdbd99898da271d0d33aa11d9ab072ea45004062160f07eb7e47e80f9f15a10a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|fdbd99898da271d0d33aa11d9ab072ea45004062160f07eb7e47e80f9f15a10a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/wifipasswordextractor.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 95885, "scanner": "repobility-threat-engine", "fingerprint": "3d3469002ffa8288cfee632617cce5c53b342d60eb484ed8a3b405d93a98bb69", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3d3469002ffa8288cfee632617cce5c53b342d60eb484ed8a3b405d93a98bb69"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/password_generator.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 95884, "scanner": "repobility-threat-engine", "fingerprint": "b6edddaddab6b62ff63a87b52b7d7b3bab2a5af6b4d7361c1238d18c2c6e3162", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|b6edddaddab6b62ff63a87b52b7d7b3bab2a5af6b4d7361c1238d18c2c6e3162"}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 95883, "scanner": "repobility-threat-engine", "fingerprint": "94f700ca28cab74470b8bd4bf35aadcb50d8d8e9c35dfece8e9b3ae71ad62603", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "print(wifi_names,\":\",wifi_password)", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|program token|2|print wifi_names : wifi_password"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/wifipasswordextractor.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 95882, "scanner": "repobility-threat-engine", "fingerprint": "4c17f57e86af8ef02c949527d4c3f79fafcd85bc6c96f6db3586e18b48b69f26", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "evidence": {"match": "print(\"Your password is : \")", "reason": "Log message mentions credential-related metadata but does not print a credential-bearing value", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|program token|2|print your password is :"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/password_generator.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 95879, "scanner": "repobility-threat-engine", "fingerprint": "22c0d567d696a6862689f7c9fd8c307213fa0bf7df0ff8c77916ef3d9279f800", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|22c0d567d696a6862689f7c9fd8c307213fa0bf7df0ff8c77916ef3d9279f800", "aggregated_count": 3}}}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 95878, "scanner": "repobility-threat-engine", "fingerprint": "bbd3767de956ea6e5be265b48f0474a5817f5a87c32ffe012228ca21999af7e8", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bbd3767de956ea6e5be265b48f0474a5817f5a87c32ffe012228ca21999af7e8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5003.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 95877, "scanner": "repobility-threat-engine", "fingerprint": "bd4792705fe2b668143604642144eeece3cb36b9c33ae685bf0eaa28b64ddae2", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bd4792705fe2b668143604642144eeece3cb36b9c33ae685bf0eaa28b64ddae2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5002.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED067", "level": "none", "message": {"text": "[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever."}, "properties": {"repobilityId": 95876, "scanner": "repobility-threat-engine", "fingerprint": "3eb32312833ae3c51cb03ab4f38b2697e6e576acb792c77d1534100b780006e1", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-requests-no-timeout", "owasp": null, "cwe_ids": ["CWE-400"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348058+00:00", "triaged_in_corpus": 12, "observations_count": 45429, "ai_coder_pattern_id": 122}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3eb32312833ae3c51cb03ab4f38b2697e6e576acb792c77d1534100b780006e1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5001.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "SEC135", "level": "none", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 95875, "scanner": "repobility-threat-engine", "fingerprint": "71b38a4f77a05f6bfd16b2fbcd1b951e2a53f712faa7be5e8d969d6783a4c212", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|71b38a4f77a05f6bfd16b2fbcd1b951e2a53f712faa7be5e8d969d6783a4c212"}}}, {"ruleId": "SEC078", "level": "none", "message": {"text": "[SEC078] Python: requests without timeout (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 95871, "scanner": "repobility-threat-engine", "fingerprint": "4ad6f55494afe619cae3e4cf741803a5646a33d13c8bf832506da6d5a11f8beb", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|4ad6f55494afe619cae3e4cf741803a5646a33d13c8bf832506da6d5a11f8beb"}}}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 27 more): Same pattern found in 27 additional files. Review if needed."}, "properties": {"repobilityId": 95867, "scanner": "repobility-threat-engine", "fingerprint": "26623a4384c15353821760bd652659c8310cb263e68e02d0d97e21365c6a16f3", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 27 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "binary_search", "breakdown": {"if": 2, "elif": 1, "else": 2, "recursion": 2, "nested_bonus": 2}, "aggregated": true, "complexity": 9, "correlation_key": "fp|26623a4384c15353821760bd652659c8310cb263e68e02d0d97e21365c6a16f3", "aggregated_count": 27}}}, {"ruleId": "SEC128", "level": "none", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake) (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 95863, "scanner": "repobility-threat-engine", "fingerprint": "43b81e30ecec4542d5b7c1728a77ddf506d2c87684fdce356d7b2b0e14a44049", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|43b81e30ecec4542d5b7c1728a77ddf506d2c87684fdce356d7b2b0e14a44049"}}}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context (and 2 more): Same pattern found in 2 additional files. Review if needed."}, "properties": {"repobilityId": 95857, "scanner": "repobility-threat-engine", "fingerprint": "12141f0553d729382e117e534c176ce85f05daff29205f8951ebbf5d197c5533", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 2 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|12141f0553d729382e117e534c176ce85f05daff29205f8951ebbf5d197c5533", "aggregated_count": 2}}}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 95856, "scanner": "repobility-threat-engine", "fingerprint": "21289734c0eb154a44d4bf2a698771622c69cf181f04f8ec3fca789df9993cfe", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|21289734c0eb154a44d4bf2a698771622c69cf181f04f8ec3fca789df9993cfe"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Guessthenumber.py"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 95855, "scanner": "repobility-threat-engine", "fingerprint": "8bd40ca7a02d4436936cc9e059bb857838913f66a3c871f1497e56d4a723908b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|8bd40ca7a02d4436936cc9e059bb857838913f66a3c871f1497e56d4a723908b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/abc.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 95854, "scanner": "repobility-threat-engine", "fingerprint": "7d6771ba4952bcbf89cd6195f4e48e7d212c83e2417dc32723d04003f7fd9393", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7d6771ba4952bcbf89cd6195f4e48e7d212c83e2417dc32723d04003f7fd9393"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 1 more): Same pattern found in 1 additional files. Review if needed."}, "properties": {"repobilityId": 95853, "scanner": "repobility-threat-engine", "fingerprint": "86ba1835d70968651e1fbb2569a4d94211de579a814cf34a5d1e1e2eafe3f130", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 1 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|86ba1835d70968651e1fbb2569a4d94211de579a814cf34a5d1e1e2eafe3f130", "aggregated_count": 1}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 95852, "scanner": "repobility-threat-engine", "fingerprint": "f51b2e10c2a0516e754dab78892635b80b19e1580574dc9b3c6b8f1f2f71ff8f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f51b2e10c2a0516e754dab78892635b80b19e1580574dc9b3c6b8f1f2f71ff8f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/GUI_Main.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 95851, "scanner": "repobility-threat-engine", "fingerprint": "3a9ab430e11a290166dccb5a0c7fb519d8cb2ddcbbcfe36f12d40fb80f9a5221", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3a9ab430e11a290166dccb5a0c7fb519d8cb2ddcbbcfe36f12d40fb80f9a5221"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/GUI_Lib.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 95850, "scanner": "repobility-threat-engine", "fingerprint": "02040c9ad17ca65e3c3c5c1a83e85fb4e7a6c62a5beb1084d3562ba5577815b7", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|02040c9ad17ca65e3c3c5c1a83e85fb4e7a6c62a5beb1084d3562ba5577815b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 54}}}]}, {"ruleId": "SEC006", "level": "none", "message": {"text": "[SEC006] XSS Risk (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 95838, "scanner": "repobility-threat-engine", "fingerprint": "d9f1affcacb96541cb9dfea69fa7d055adaca1abde44138d49cbaaea5562cb22", "category": "injection", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC006", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|d9f1affcacb96541cb9dfea69fa7d055adaca1abde44138d49cbaaea5562cb22"}}}, {"ruleId": "SEC132", "level": "none", "message": {"text": "[SEC132] String concat where the language has interpolation (AI style drift) (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 95833, "scanner": "repobility-threat-engine", "fingerprint": "9965b86108d0373c5a70f7ad25e6d5eebf2023c574b47d54f09feff3ed3b21a7", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC132", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|9965b86108d0373c5a70f7ad25e6d5eebf2023c574b47d54f09feff3ed3b21a7"}}}, {"ruleId": "MINED071", "level": "none", "message": {"text": "[MINED071] Go Panic Call: panic() crashes the process. Should return error in most cases."}, "properties": {"repobilityId": 95825, "scanner": "repobility-threat-engine", "fingerprint": "58e081723a7c09b0003690ce92487cf7da7c5a611e2c2e1afd1c6fdf58c371c6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "go-panic-call", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["go"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348067+00:00", "triaged_in_corpus": 12, "observations_count": 29174, "ai_coder_pattern_id": 108}, "scanner": "repobility-threat-engine", "correlation_key": "fp|58e081723a7c09b0003690ce92487cf7da7c5a611e2c2e1afd1c6fdf58c371c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Go Programs/monopoly_banker.go"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete (and 12 more): Same pattern found in 12 additional files. Review if needed."}, "properties": {"repobilityId": 95821, "scanner": "repobility-threat-engine", "fingerprint": "3a8c6815a3507b45db35ab74856e36eacd4d6a6e80b11d13f47cfbf17a0fbb52", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 12 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|3a8c6815a3507b45db35ab74856e36eacd4d6a6e80b11d13f47cfbf17a0fbb52", "aggregated_count": 12}}}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 95820, "scanner": "repobility-threat-engine", "fingerprint": "906f91bec3fdcc0cb6fa8e677e0fdca00ca59a353be6fc2c6d7c4cadfc0c9c5d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|906f91bec3fdcc0cb6fa8e677e0fdca00ca59a353be6fc2c6d7c4cadfc0c9c5d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/ReverseLinkedList.cpp"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 95819, "scanner": "repobility-threat-engine", "fingerprint": "3d37cafa0358adf2f6f4c8ab40030903c8125f894c9820bac73ffdec41c21487", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3d37cafa0358adf2f6f4c8ab40030903c8125f894c9820bac73ffdec41c21487"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/MiddleLinkedList.cpp"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED042", "level": "none", "message": {"text": "[MINED042] Cpp New Without Delete: C++ raw new without RAII / unique_ptr \u2014 memory leak risk."}, "properties": {"repobilityId": 95818, "scanner": "repobility-threat-engine", "fingerprint": "0866e984be1cb05bc7707911573abe27d3421a2e17be513602dd198a8d30e8ac", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-new-without-delete", "owasp": null, "cwe_ids": ["CWE-401"], "languages": ["cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347996+00:00", "triaged_in_corpus": 12, "observations_count": 4658256, "ai_coder_pattern_id": 134}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0866e984be1cb05bc7707911573abe27d3421a2e17be513602dd198a8d30e8ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/Merge2sortedLInkedList.cpp"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod (and 21 more): Same pattern found in 21 additional files. Review if needed."}, "properties": {"repobilityId": 95816, "scanner": "repobility-threat-engine", "fingerprint": "01bacd441727dcadbfc3b4ac75ccaad7343c34aba428e3c4f3f8ec1a23a2fb52", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 21 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|01bacd441727dcadbfc3b4ac75ccaad7343c34aba428e3c4f3f8ec1a23a2fb52", "aggregated_count": 21}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 95815, "scanner": "repobility-threat-engine", "fingerprint": "937cf23a4b77f0f3372fc50e4564960bf1badad67de9cf4080029654dec2d413", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|937cf23a4b77f0f3372fc50e4564960bf1badad67de9cf4080029654dec2d413"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Implementation_of_DS/Javascript/DoubleLinkedList.js"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 95814, "scanner": "repobility-threat-engine", "fingerprint": "a4f4cf6799cd9811e52cd5cbb789904bce5e14e20336fce799518adf0b142af1", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a4f4cf6799cd9811e52cd5cbb789904bce5e14e20336fce799518adf0b142af1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Implementation_of_DS/Javascript/BinaryHeap.js"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 95813, "scanner": "repobility-threat-engine", "fingerprint": "6b6accb862c2d7c0d1d93cb0b2a06c9c8788c79657cb37e1c346d914ccb0ecbf", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6b6accb862c2d7c0d1d93cb0b2a06c9c8788c79657cb37e1c346d914ccb0ecbf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/AvatarGeneratorGame/avatar.js"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call (and 44 more): Same pattern found in 44 additional files. Review if needed."}, "properties": {"repobilityId": 95812, "scanner": "repobility-threat-engine", "fingerprint": "4cb5b812ce3688a84f71ee518ee3c94872f97ff81c7254caa206315ca06a9686", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 44 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|4cb5b812ce3688a84f71ee518ee3c94872f97ff81c7254caa206315ca06a9686", "aggregated_count": 44}}}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 95811, "scanner": "repobility-threat-engine", "fingerprint": "0561fd6f7117fe17f3f95f01717d351651dc43d534359bdd6e71f3a7a00e6ad4", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0561fd6f7117fe17f3f95f01717d351651dc43d534359bdd6e71f3a7a00e6ad4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PatternChalange(PYTHON)/day12.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 95810, "scanner": "repobility-threat-engine", "fingerprint": "e500f49668c46eb6993cddf2d1d91737306fee0233b735b70f5d6117046d5ce6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e500f49668c46eb6993cddf2d1d91737306fee0233b735b70f5d6117046d5ce6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "PatternChalange(PYTHON)/day11.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 95809, "scanner": "repobility-threat-engine", "fingerprint": "2faee3895c77e608bcddbb4da2de485d7a202f3d80c22aa4237ea2782ca94e4f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2faee3895c77e608bcddbb4da2de485d7a202f3d80c22aa4237ea2782ca94e4f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "P22_23_24_25Mar.py"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "properties": {"repobilityId": 95808, "scanner": "repobility-threat-engine", "fingerprint": "133d0321df668823d68fda7a262cc53d13053f2174d79a753e1fabffb7f20eec", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 4 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|133d0321df668823d68fda7a262cc53d13053f2174d79a753e1fabffb7f20eec", "aggregated_count": 4}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 95807, "scanner": "repobility-threat-engine", "fingerprint": "d4787cc0a8061115a1d79cf8a54d0ae5641ec0cd434d9136f0870353be6f5d06", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d4787cc0a8061115a1d79cf8a54d0ae5641ec0cd434d9136f0870353be6f5d06"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5002.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 95806, "scanner": "repobility-threat-engine", "fingerprint": "04eb0689f53828fff51d99074561e8c688cb0844d45e3eb46960d99ffed7693e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|04eb0689f53828fff51d99074561e8c688cb0844d45e3eb46960d99ffed7693e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5001.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 95805, "scanner": "repobility-threat-engine", "fingerprint": "0ec7e289a3b0d0ef47a1dc2538b8c61662f7149bed2b311962bab168998cae1a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|0ec7e289a3b0d0ef47a1dc2538b8c61662f7149bed2b311962bab168998cae1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "P22_23_24_25Mar.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std (and 122 more): Same pattern found in 122 additional files. Review if needed."}, "properties": {"repobilityId": 95804, "scanner": "repobility-threat-engine", "fingerprint": "ec5aa2c39bf7f4f665560db5e85d22487463ff35b87fe969709fcfbb1bd4408c", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 122 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|ec5aa2c39bf7f4f665560db5e85d22487463ff35b87fe969709fcfbb1bd4408c", "aggregated_count": 122}}}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 95803, "scanner": "repobility-threat-engine", "fingerprint": "f1fba3e120e82d3d736fddde40bfdf0bdf01b61398aa8abc5687468b5b8928cb", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|f1fba3e120e82d3d736fddde40bfdf0bdf01b61398aa8abc5687468b5b8928cb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Cpp/Parentheses_Checker.cpp"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 95802, "scanner": "repobility-threat-engine", "fingerprint": "67e08ec19e416bb60f77034444e5cf7bce5cb855e098ba88b5b70d10c1a95a0e", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|67e08ec19e416bb60f77034444e5cf7bce5cb855e098ba88b5b70d10c1a95a0e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "BellmanFord-algo.cpp"}, "region": {"startLine": 11}}}]}, {"ruleId": "MINED080", "level": "none", "message": {"text": "[MINED080] Cpp Using Namespace Std: using namespace std; pollutes the global namespace."}, "properties": {"repobilityId": 95801, "scanner": "repobility-threat-engine", "fingerprint": "95f5d6e11d94956a58c7fd43fc8109cfac61a884e3254f1cd06437f67078c726", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "cpp-using-namespace-std", "owasp": null, "cwe_ids": [], "languages": ["cpp", "h", "hpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348123+00:00", "triaged_in_corpus": 12, "observations_count": 3566, "ai_coder_pattern_id": 133}, "scanner": "repobility-threat-engine", "correlation_key": "fp|95f5d6e11d94956a58c7fd43fc8109cfac61a884e3254f1cd06437f67078c726"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Array_STL.cpp"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary_CSV.cpython-38.pyc` committed in source repo: `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary_CSV.cpython-38.pyc` is a .pyc binary (11,817 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in "}, "properties": {"repobilityId": 96025, "scanner": "repobility-supply-chain", "fingerprint": "9ddbfec9b6320d6d09e708544d75d42f7d30e460be775eb7d5cbfcb8cfc81127", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9ddbfec9b6320d6d09e708544d75d42f7d30e460be775eb7d5cbfcb8cfc81127"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary_CSV.cpython-38.pyc"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMS.cpython-37.pyc` committed in source repo: `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMS.cpython-37.pyc` is a .pyc binary (6,657 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets exec"}, "properties": {"repobilityId": 96024, "scanner": "repobility-supply-chain", "fingerprint": "1b91d81774490c9853b1ab282ce24abfbc196f023005c1043c9a3541166c44cf", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1b91d81774490c9853b1ab282ce24abfbc196f023005c1043c9a3541166c44cf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMS.cpython-37.pyc"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary_CSV.cpython-37.pyc` committed in source repo: `Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary_CSV.cpython-37.pyc` is a .pyc binary (12,838 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in "}, "properties": {"repobilityId": 96023, "scanner": "repobility-supply-chain", "fingerprint": "f8030adbf43af333b9e6ea063ea5a0605eeb309207f28c868efd04a18640e50b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f8030adbf43af333b9e6ea063ea5a0605eeb309207f28c868efd04a18640e50b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/__pycache__/DBMSlibrary_CSV.cpython-37.pyc"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Java_Programs/Misc/Palinedrome.class` committed in source repo: `Program's_Contributed_By_Contributors/Java_Programs/Misc/Palinedrome.class` is a .class binary (1,460 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96022, "scanner": "repobility-supply-chain", "fingerprint": "994b29b3277b06c0608656ee4db64a2374b486d5b1601c812e24f26462975123", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|994b29b3277b06c0608656ee4db64a2374b486d5b1601c812e24f26462975123"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/Misc/Palinedrome.class"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Java_Programs/Misc/Math.class` committed in source repo: `Program's_Contributed_By_Contributors/Java_Programs/Misc/Math.class` is a .class binary (2,361 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96021, "scanner": "repobility-supply-chain", "fingerprint": "08402f052b07ab351789ab6b9fe01f3fd7592e88ecb898995879b38dee254d16", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|08402f052b07ab351789ab6b9fe01f3fd7592e88ecb898995879b38dee254d16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/Misc/Math.class"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Java_Programs/LinkedListSample.class` committed in source repo: `Program's_Contributed_By_Contributors/Java_Programs/LinkedListSample.class` is a .class binary (424 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96020, "scanner": "repobility-supply-chain", "fingerprint": "e20a57f90acd031950246ef6df0540f61009b4c0b97f0a8b44ad5f3d9a0f7474", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e20a57f90acd031950246ef6df0540f61009b4c0b97f0a8b44ad5f3d9a0f7474"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/LinkedListSample.class"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Java_Programs/pascals_triangle.class` committed in source repo: `Program's_Contributed_By_Contributors/Java_Programs/pascals_triangle.class` is a .class binary (1,237 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96019, "scanner": "repobility-supply-chain", "fingerprint": "a92a09dc5aa0eabfa4a9162caa1cc3ac3d5e417597241eb2a3040f8be501fb8b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a92a09dc5aa0eabfa4a9162caa1cc3ac3d5e417597241eb2a3040f8be501fb8b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/pascals_triangle.class"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Java_Programs/Josephus.class` committed in source repo: `Program's_Contributed_By_Contributors/Java_Programs/Josephus.class` is a .class binary (860 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96018, "scanner": "repobility-supply-chain", "fingerprint": "c7968f5ed8441318090491078e7cdd92ed94b4f307c3a3fa0725db12566ce094", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c7968f5ed8441318090491078e7cdd92ed94b4f307c3a3fa0725db12566ce094"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/Josephus.class"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Java_Programs/Prime_Number_In_given.class` committed in source repo: `Program's_Contributed_By_Contributors/Java_Programs/Prime_Number_In_given.class` is a .class binary (500 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96017, "scanner": "repobility-supply-chain", "fingerprint": "36b33f7501ea583d71627dabd4749d3ace1955a4baff0ba3caceac7bdd236dad", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|36b33f7501ea583d71627dabd4749d3ace1955a4baff0ba3caceac7bdd236dad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/Prime_Number_In_given.class"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Java_Programs/NQueens.class` committed in source repo: `Program's_Contributed_By_Contributors/Java_Programs/NQueens.class` is a .class binary (1,832 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96016, "scanner": "repobility-supply-chain", "fingerprint": "a1096cd95757f1c2f07cd013a7738cbb0dd85fe003336688ca0730446ce93c7e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a1096cd95757f1c2f07cd013a7738cbb0dd85fe003336688ca0730446ce93c7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Java_Programs/NQueens.class"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/C++/BFS.exe` committed in source repo: `Program's_Contributed_By_Contributors/C++/BFS.exe` is a .exe binary (132,758 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96015, "scanner": "repobility-supply-chain", "fingerprint": "a5ad0ea580da5cbebfe731307a16518acbac62e0d78a8e2c1867f8610931a49f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a5ad0ea580da5cbebfe731307a16518acbac62e0d78a8e2c1867f8610931a49f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++/BFS.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/C++/peak_index_in_a_mountain_array.exe` committed in source repo: `Program's_Contributed_By_Contributors/C++/peak_index_in_a_mountain_array.exe` is a .exe binary (45,341 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96014, "scanner": "repobility-supply-chain", "fingerprint": "3089fbe5232f607f0e42af4f6521dcfbbb4cc1a9dcfd3537ca58577be2b7275f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3089fbe5232f607f0e42af4f6521dcfbbb4cc1a9dcfd3537ca58577be2b7275f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++/peak_index_in_a_mountain_array.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/C++/DoubleyLinkedList.exe` committed in source repo: `Program's_Contributed_By_Contributors/C++/DoubleyLinkedList.exe` is a .exe binary (127,671 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96013, "scanner": "repobility-supply-chain", "fingerprint": "c09e22a7ea606e016b203441dc36a071cd9afe71f6cb7272ba1978a60acc4c3c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c09e22a7ea606e016b203441dc36a071cd9afe71f6cb7272ba1978a60acc4c3c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++/DoubleyLinkedList.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.pyc` committed in source repo: `Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.pyc` is a .pyc binary (15,772 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96012, "scanner": "repobility-supply-chain", "fingerprint": "9a6bf9b4d29fd0514ec6c6390272185de217d56e56d6e979cf06ab5f1b9c73c6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9a6bf9b4d29fd0514ec6c6390272185de217d56e56d6e979cf06ab5f1b9c73c6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_CSV.pyc"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `Flask/url_shortner/__pycache__/app.cpython-310.pyc` committed in source repo: `Flask/url_shortner/__pycache__/app.cpython-310.pyc` is a .pyc binary (2,118 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96011, "scanner": "repobility-supply-chain", "fingerprint": "5661a69b7516883810cf199867352b1adebd2eb4e014189379dff467d69bebda", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5661a69b7516883810cf199867352b1adebd2eb4e014189379dff467d69bebda"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Flask/url_shortner/__pycache__/app.cpython-310.pyc"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `quick.exe` committed in source repo: `quick.exe` is a .exe binary (80,383 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96010, "scanner": "repobility-supply-chain", "fingerprint": "523345da64a1b65f5aff2540ad654a20c76f2bea7a62bf3765056d6d860ef179", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|523345da64a1b65f5aff2540ad654a20c76f2bea7a62bf3765056d6d860ef179"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "quick.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `insertion.exe` committed in source repo: `insertion.exe` is a .exe binary (79,142 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96009, "scanner": "repobility-supply-chain", "fingerprint": "c2a53e14b85c16e446efdea27f825fef87b8c4ad61a53c3510a2d5e40db9e685", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c2a53e14b85c16e446efdea27f825fef87b8c4ad61a53c3510a2d5e40db9e685"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "insertion.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `radix.exe` committed in source repo: `radix.exe` is a .exe binary (47,319 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96008, "scanner": "repobility-supply-chain", "fingerprint": "2d8bef2aa65a0e2f45c43ffd5a81dc1c40d2e91cbf8edc7bc9d18db421d45276", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2d8bef2aa65a0e2f45c43ffd5a81dc1c40d2e91cbf8edc7bc9d18db421d45276"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "radix.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `selection.exe` committed in source repo: `selection.exe` is a .exe binary (79,869 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96007, "scanner": "repobility-supply-chain", "fingerprint": "cdf0f773cfbb7dcc54d8045ae0ad181ed2f40f67138a51a30024b6b440d50d29", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cdf0f773cfbb7dcc54d8045ae0ad181ed2f40f67138a51a30024b6b440d50d29"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "selection.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `counting.exe` committed in source repo: `counting.exe` is a .exe binary (77,724 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96006, "scanner": "repobility-supply-chain", "fingerprint": "ba8d787c1bb1356ce2de8bf3b45d8a560da4765b746f6ae4e0d4a741ba6177f7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ba8d787c1bb1356ce2de8bf3b45d8a560da4765b746f6ae4e0d4a741ba6177f7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "counting.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `shell.exe` committed in source repo: `shell.exe` is a .exe binary (80,220 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96005, "scanner": "repobility-supply-chain", "fingerprint": "ec0891a46ecfd47e92445442b06cc6dbb2987b6a34f13a19837f9536c194ae4a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ec0891a46ecfd47e92445442b06cc6dbb2987b6a34f13a19837f9536c194ae4a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "shell.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `merge.exe` committed in source repo: `merge.exe` is a .exe binary (79,705 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96004, "scanner": "repobility-supply-chain", "fingerprint": "64663b7c69c536c9776e09bab6072cac610e7892f5860199e258ca4988accebc", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|64663b7c69c536c9776e09bab6072cac610e7892f5860199e258ca4988accebc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "merge.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `bubble.exe` committed in source repo: `bubble.exe` is a .exe binary (79,869 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96003, "scanner": "repobility-supply-chain", "fingerprint": "8c275bab6a2bbfb1c31adf25e9c67b6afc96e5b289a9dcf4a70a06059ff9cdd8", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8c275bab6a2bbfb1c31adf25e9c67b6afc96e5b289a9dcf4a70a06059ff9cdd8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "bubble.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `HeapMemory.exe` committed in source repo: `HeapMemory.exe` is a .exe binary (52,857 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96002, "scanner": "repobility-supply-chain", "fingerprint": "23d0c912c9381f7cab04db6f312e955b14cb1595b839a18ed504723de845d6b7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|23d0c912c9381f7cab04db6f312e955b14cb1595b839a18ed504723de845d6b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "HeapMemory.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED134", "level": "error", "message": {"text": "[MINED134] Binary file `reverse_array.exe` committed in source repo: `reverse_array.exe` is a .exe binary (49,171 bytes) committed to a repo that otherwise has 473 source files. Trojan binaries inside otherwise-normal source repos are a known supply-chain attack: a compromised dependency or PR slips in a binary that gets executed by build scripts."}, "properties": {"repobilityId": 96001, "scanner": "repobility-supply-chain", "fingerprint": "9c1a5a393abe27a16af19a5380db1945ee076d9df1426001cff5bb7c3322011f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "suspicious-binary-in-src", "owasp": null, "cwe_ids": ["CWE-506"], "languages": ["any"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9c1a5a393abe27a16af19a5380db1945ee076d9df1426001cff5bb7c3322011f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "reverse_array.exe"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/github-script` pinned to mutable ref `@v7`: `uses: actions/github-script@v7` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 96000, "scanner": "repobility-supply-chain", "fingerprint": "af4c32911f1bce14dffeea677a8dbbd0e8eac2e2a77649f919bd301375bec53f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|af4c32911f1bce14dffeea677a8dbbd0e8eac2e2a77649f919bd301375bec53f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pr-automation.yml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v4`: `uses: actions/deploy-pages@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 95999, "scanner": "repobility-supply-chain", "fingerprint": "092e81102a2bc93cabdd1e706489e864272101501da3aa23b4b9b971f04f901e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|092e81102a2bc93cabdd1e706489e864272101501da3aa23b4b9b971f04f901e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-pages-artifact` pinned to mutable ref `@v3`: `uses: actions/upload-pages-artifact@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 95998, "scanner": "repobility-supply-chain", "fingerprint": "d695faa450596d3b4b2d3b782f7272664088d95f741913490ed7cd48c4b2a1fa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d695faa450596d3b4b2d3b782f7272664088d95f741913490ed7cd48c4b2a1fa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/configure-pages` pinned to mutable ref `@v5`: `uses: actions/configure-pages@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 95997, "scanner": "repobility-supply-chain", "fingerprint": "c8f049075b53f99bd7fbf19c4cf398047c99a6feaf3a683dfbe72647004a4eb6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c8f049075b53f99bd7fbf19c4cf398047c99a6feaf3a683dfbe72647004a4eb6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 95996, "scanner": "repobility-supply-chain", "fingerprint": "3dfee8184fd1b188ef6b9a9e11d0e391e76cbbc2604b82de0ffd924e63c57b1a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3dfee8184fd1b188ef6b9a9e11d0e391e76cbbc2604b82de0ffd924e63c57b1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/github-script` pinned to mutable ref `@v7`: `uses: actions/github-script@v7` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 95995, "scanner": "repobility-supply-chain", "fingerprint": "f6105a610d529e08f6f578fa9402c4b93199bd15ecc6c14d1fc3f71482f98817", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f6105a610d529e08f6f578fa9402c4b93199bd15ecc6c14d1fc3f71482f98817"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/auto-comment.yml"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/github-script` pinned to mutable ref `@v7`: `uses: actions/github-script@v7` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 95994, "scanner": "repobility-supply-chain", "fingerprint": "b2cca7b99ac3677a3ee7ae1f68944a6f7f8e5126230d3b068b95311a754bd101", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b2cca7b99ac3677a3ee7ae1f68944a6f7f8e5126230d3b068b95311a754bd101"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/auto-comment.yml"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 95993, "scanner": "repobility-supply-chain", "fingerprint": "5bf2b0ef8a03568934af4bf3d0174984749ff5f60f19e7973cd4708d1b5a2a13", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5bf2b0ef8a03568934af4bf3d0174984749ff5f60f19e7973cd4708d1b5a2a13"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/validate-site.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED113", "level": "error", "message": {"text": "[MINED113] Express POST /failure has no auth: Express route POST /failure declared without an auth middleware in its handler chain. Destructive methods (POST/PUT/DELETE/PATCH) on unauthenticated routes are OWASP A01:2021 broken access control."}, "properties": {"repobilityId": 95992, "scanner": "repobility-route-auth", "fingerprint": "23734cff985cfd22e61fcafbdce286c3f855afab4f9a104b3127c7901b508be8", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "express-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 7836}, "scanner": "repobility-route-auth", "correlation_key": "fp|23734cff985cfd22e61fcafbdce286c3f855afab4f9a104b3127c7901b508be8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Newsletter-Signup/app.js"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED113", "level": "error", "message": {"text": "[MINED113] Express POST / has no auth: Express route POST / declared without an auth middleware in its handler chain. Destructive methods (POST/PUT/DELETE/PATCH) on unauthenticated routes are OWASP A01:2021 broken access control."}, "properties": {"repobilityId": 95991, "scanner": "repobility-route-auth", "fingerprint": "f7f3e3b94f9d53deff1269ef8517753fddb122ba5ef04da1f2707055c94d3c7e", "category": "quality", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "express-destructive-unauth", "owasp": "A01:2021", "cwe_ids": ["CWE-306", "CWE-862"], "languages": ["python", "javascript"], "observations_count": 7836}, "scanner": "repobility-route-auth", "correlation_key": "fp|f7f3e3b94f9d53deff1269ef8517753fddb122ba5ef04da1f2707055c94d3c7e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Newsletter-Signup/app.js"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.m_h_g_p` used but never assigned in __init__: Method `total` of class `Bill_App` reads `self.m_h_g_p`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95970, "scanner": "repobility-ast-engine", "fingerprint": "76804d3396c214fc4eec5745e10eb8e46ed86073b70a981664c3b97a52b0771c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|76804d3396c214fc4eec5745e10eb8e46ed86073b70a981664c3b97a52b0771c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "billing_system.py"}, "region": {"startLine": 241}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.setup_game` used but never assigned in __init__: Method `game_loop` of class `Game` reads `self.setup_game`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95969, "scanner": "repobility-ast-engine", "fingerprint": "9cbb283e6493a72d2dd6600783a38904e272f99db20f707fd085ae33a7eaeb34", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9cbb283e6493a72d2dd6600783a38904e272f99db20f707fd085ae33a7eaeb34"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.after` used but never assigned in __init__: Method `game_loop` of class `Game` reads `self.after`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95968, "scanner": "repobility-ast-engine", "fingerprint": "a87577a62c342d9e1d8edc423c4e7df8bd1b04fa02be6e7fa40d53967009cda9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a87577a62c342d9e1d8edc423c4e7df8bd1b04fa02be6e7fa40d53967009cda9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.draw_text` used but never assigned in __init__: Method `game_loop` of class `Game` reads `self.draw_text`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95967, "scanner": "repobility-ast-engine", "fingerprint": "976ab3bf76ad482a94b640832fda37cf48673e0a52173f07b9fe7749f3ccba1a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|976ab3bf76ad482a94b640832fda37cf48673e0a52173f07b9fe7749f3ccba1a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 186}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.game_loop` used but never assigned in __init__: Method `game_loop` of class `Game` reads `self.game_loop`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95966, "scanner": "repobility-ast-engine", "fingerprint": "04527d259a6339fa327d8ea74560e228233415d3125cda4b6d4d85753dbc9f49", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|04527d259a6339fa327d8ea74560e228233415d3125cda4b6d4d85753dbc9f49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.after` used but never assigned in __init__: Method `game_loop` of class `Game` reads `self.after`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95965, "scanner": "repobility-ast-engine", "fingerprint": "92cdeb12877b86e74c8a263599de716960fff9d489fc266b0f7392311c5ff033", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|92cdeb12877b86e74c8a263599de716960fff9d489fc266b0f7392311c5ff033"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.draw_text` used but never assigned in __init__: Method `game_loop` of class `Game` reads `self.draw_text`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95964, "scanner": "repobility-ast-engine", "fingerprint": "7e92a4a22b6b21965bfac6b2ebee3da5931f70921de71db2e32e5170b5c6072e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7e92a4a22b6b21965bfac6b2ebee3da5931f70921de71db2e32e5170b5c6072e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 181}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.check_collisions` used but never assigned in __init__: Method `game_loop` of class `Game` reads `self.check_collisions`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95963, "scanner": "repobility-ast-engine", "fingerprint": "821549e3a4f36b3a61e7e6cfee6e49ac4c03f8dcc70de04862a47844bed2e7a0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|821549e3a4f36b3a61e7e6cfee6e49ac4c03f8dcc70de04862a47844bed2e7a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 177}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.game_loop` used but never assigned in __init__: Method `start_game` of class `Game` reads `self.game_loop`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95962, "scanner": "repobility-ast-engine", "fingerprint": "412eb8d473851b9ccc18538f0148743f22c6be6d67862b3e88579229b74eeab7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|412eb8d473851b9ccc18538f0148743f22c6be6d67862b3e88579229b74eeab7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 174}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.text` used but never assigned in __init__: Method `start_game` of class `Game` reads `self.text`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95961, "scanner": "repobility-ast-engine", "fingerprint": "d66caea74ba1e9680c157f982e7cd49f2659939fdee929119ade4cfdd937891e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d66caea74ba1e9680c157f982e7cd49f2659939fdee929119ade4cfdd937891e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 172}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.draw_text` used but never assigned in __init__: Method `update_lives_text` of class `Game` reads `self.draw_text`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95960, "scanner": "repobility-ast-engine", "fingerprint": "c2d1045cea6198a43ab402eed143f1bd0386813820cb2f932f381be86dc99aa5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c2d1045cea6198a43ab402eed143f1bd0386813820cb2f932f381be86dc99aa5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 166}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.start_game` used but never assigned in __init__: Method `setup_game` of class `Game` reads `self.start_game`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95959, "scanner": "repobility-ast-engine", "fingerprint": "3146b2f0d323e1f6b5e044ec1bb8ad3eb777dbfa4fd8e149a02017c0cbc14673", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3146b2f0d323e1f6b5e044ec1bb8ad3eb777dbfa4fd8e149a02017c0cbc14673"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.draw_text` used but never assigned in __init__: Method `setup_game` of class `Game` reads `self.draw_text`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95958, "scanner": "repobility-ast-engine", "fingerprint": "5a7290ca2a90acb3325d2db88535096d19db8dbcee0de62a8b39989efcee8ba4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5a7290ca2a90acb3325d2db88535096d19db8dbcee0de62a8b39989efcee8ba4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 142}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.update_lives_text` used but never assigned in __init__: Method `setup_game` of class `Game` reads `self.update_lives_text`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95957, "scanner": "repobility-ast-engine", "fingerprint": "fcca648f5bcb37316bd9898ba4978f381eec2f070093fc4f72cbf0d347c3e21a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fcca648f5bcb37316bd9898ba4978f381eec2f070093fc4f72cbf0d347c3e21a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 141}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.add_ball` used but never assigned in __init__: Method `setup_game` of class `Game` reads `self.add_ball`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95956, "scanner": "repobility-ast-engine", "fingerprint": "995b67f075864640172ea24c6303a60bd37c49c35a9c47a872475280d14d2bee", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|995b67f075864640172ea24c6303a60bd37c49c35a9c47a872475280d14d2bee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 140}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.text` used but never assigned in __init__: Method `setup_game` of class `Game` reads `self.text`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95955, "scanner": "repobility-ast-engine", "fingerprint": "064f49cf2bfd138a3c8c13c5515669aea25403d74cc02350544ae7a451073a1c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|064f49cf2bfd138a3c8c13c5515669aea25403d74cc02350544ae7a451073a1c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 142}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.canvas` used but never assigned in __init__: Method `hit` of class `Brick` reads `self.canvas`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95954, "scanner": "repobility-ast-engine", "fingerprint": "4fcbce973eea678fe4f624438185bcd50f311c7ad14ded8f2756b13199f8bd8f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4fcbce973eea678fe4f624438185bcd50f311c7ad14ded8f2756b13199f8bd8f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.item` used but never assigned in __init__: Method `hit` of class `Brick` reads `self.item`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95953, "scanner": "repobility-ast-engine", "fingerprint": "dca5a36384c06580b34421b41a2e91bd1a07d4873e83b22f8e7b36f1e2adfcb5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dca5a36384c06580b34421b41a2e91bd1a07d4873e83b22f8e7b36f1e2adfcb5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 105}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.delete` used but never assigned in __init__: Method `hit` of class `Brick` reads `self.delete`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95952, "scanner": "repobility-ast-engine", "fingerprint": "a2492881d0ef0b34b78149f6f8d34a034abf0f555797fa005d39f80e3f9149fc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a2492881d0ef0b34b78149f6f8d34a034abf0f555797fa005d39f80e3f9149fc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.canvas` used but never assigned in __init__: Method `move` of class `Paddle` reads `self.canvas`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95951, "scanner": "repobility-ast-engine", "fingerprint": "c21dbc4aac13ff1d94113b4430ac685b23242add0fd0f29a1b66b37f9e5ce657", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c21dbc4aac13ff1d94113b4430ac685b23242add0fd0f29a1b66b37f9e5ce657"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.get_position` used but never assigned in __init__: Method `move` of class `Paddle` reads `self.get_position`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95950, "scanner": "repobility-ast-engine", "fingerprint": "23e00fb2013798a08297bcd12b2f4667c5fa891a358c42c6975154f60083fcc6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|23e00fb2013798a08297bcd12b2f4667c5fa891a358c42c6975154f60083fcc6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 77}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.get_position` used but never assigned in __init__: Method `collide` of class `Ball` reads `self.get_position`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95949, "scanner": "repobility-ast-engine", "fingerprint": "1b7b88e2f3c4d0976bc9f561c5b725f3f70439ee64ed1bb9e8a2df444ae2efa7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1b7b88e2f3c4d0976bc9f561c5b725f3f70439ee64ed1bb9e8a2df444ae2efa7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.canvas` used but never assigned in __init__: Method `update` of class `Ball` reads `self.canvas`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95948, "scanner": "repobility-ast-engine", "fingerprint": "7f50e9220b028109aa0f1b8b1244a1e4a03470331c1cdfcebb1c5d78264cb2da", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7f50e9220b028109aa0f1b8b1244a1e4a03470331c1cdfcebb1c5d78264cb2da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.move` used but never assigned in __init__: Method `update` of class `Ball` reads `self.move`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95947, "scanner": "repobility-ast-engine", "fingerprint": "83a12f5afb3ea6ea33643f0bd455c72017c2f087b5185bb4e685f4e636740757", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|83a12f5afb3ea6ea33643f0bd455c72017c2f087b5185bb4e685f4e636740757"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.get_position` used but never assigned in __init__: Method `update` of class `Ball` reads `self.get_position`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 95946, "scanner": "repobility-ast-engine", "fingerprint": "784f9f17470e7ff9d1713c8501e46f922fa2fbc9c0cbd9ced5531090134bef24", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|784f9f17470e7ff9d1713c8501e46f922fa2fbc9c0cbd9ced5531090134bef24"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "brick_game.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 95900, "scanner": "repobility-threat-engine", "fingerprint": "c1e85090553517ff8d7302e366899a6f63a60e05ffe4416da198e74ea203afdb", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".innerHTML = `You guys are awesome, we have again passed the GitHub rate limit this hour. <a href=\"h", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c1e85090553517ff8d7302e366899a6f63a60e05ffe4416da198e74ea203afdb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/main.js"}, "region": {"startLine": 343}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 95899, "scanner": "repobility-threat-engine", "fingerprint": "464457330d6c62d1647bc8af2c470ce2b5c87e197c722f338824a0d915c48b80", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".innerHTML = `\n        <h2>Thanks <span class=\"modal-display-name\">${fullName}", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|464457330d6c62d1647bc8af2c470ce2b5c87e197c722f338824a0d915c48b80"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "cookie-consent-app/index.js"}, "region": {"startLine": 39}}}]}, {"ruleId": "SEC040", "level": "error", "message": {"text": "[SEC040] innerHTML XSS \u2014 template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflected XSS vector. The browser parses the HTML and executes any <script> or event-handler attributes in the data. CWE-79. Especially dangerous when the data comes from a CV parser, profile field, or any user-input pipeline."}, "properties": {"repobilityId": 95898, "scanner": "repobility-threat-engine", "fingerprint": "0ddc5482229cfca90e86c136347f292bb2b4fff23ffa3628af1713fdaa4d1d3f", "category": "xss", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": ".innerHTML = `${letterToSymbol(letter)}", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC040", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|0ddc5482229cfca90e86c136347f292bb2b4fff23ffa3628af1713fdaa4d1d3f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "TTT hacktberfest/web.js"}, "region": {"startLine": 34}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 95896, "scanner": "repobility-threat-engine", "fingerprint": "d06dc84a1873193455b1f8b2b678be1a0b4470e3745e5d5cb5553569cec56794", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "Url(p", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|d06dc84a1873193455b1f8b2b678be1a0b4470e3745e5d5cb5553569cec56794"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/main.js"}, "region": {"startLine": 9}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 95895, "scanner": "repobility-threat-engine", "fingerprint": "3d4874c676217bbaae91a54b3d3c92eff01c9650617c9f631c80213293ad79ac", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "URL(f", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|3d4874c676217bbaae91a54b3d3c92eff01c9650617c9f631c80213293ad79ac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "QR code Scanner/script.js"}, "region": {"startLine": 17}}}]}, {"ruleId": "SEC020", "level": "error", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 95881, "scanner": "repobility-threat-engine", "fingerprint": "8f41d552baff455a3d37d0da5cac670c8e9e592458f663fefbfe9351a4537d10", "category": "credential_exposure", "severity": "high", "confidence": 0.85, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Credential-bearing variable appears to be printed or logged", "evidence": {"match": "print(\"{:<30}| {:<}\".format(\"Wi-Fi Name\", \"Password\")", "reason": "Credential-bearing variable appears to be printed or logged", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.85, "correlation_key": "secret|wifipasswordextractor.py|3|print : 30 : .format wi-fi name password"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "wifipasswordextractor.py"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED009", "level": "error", "message": {"text": "[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal."}, "properties": {"repobilityId": 95880, "scanner": "repobility-threat-engine", "fingerprint": "5c8d5bf84d312deca9e02cb49c60c95b8f75c034f306ce5200fb5c41a4372e6d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "floats-for-money", "owasp": null, "cwe_ids": ["CWE-682"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347918+00:00", "triaged_in_corpus": 15, "observations_count": 208571, "ai_coder_pattern_id": 20}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5c8d5bf84d312deca9e02cb49c60c95b8f75c034f306ce5200fb5c41a4372e6d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/coffee shop program.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 95874, "scanner": "repobility-threat-engine", "fingerprint": "c319bd059107fb9a179d8a5dc6de6399e5515201e3430a8d5aa7bcd83db6f6bd", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@app.route('/add_transaction', methods = ['POST'])", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|c319bd059107fb9a179d8a5dc6de6399e5515201e3430a8d5aa7bcd83db6f6bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5003.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 95873, "scanner": "repobility-threat-engine", "fingerprint": "f094291ac6fc97a00a31d9ff0704844fa4e4e114f184aa47eae6ca2b08fd2eb8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@app.route('/add_transaction', methods = ['POST'])", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|f094291ac6fc97a00a31d9ff0704844fa4e4e114f184aa47eae6ca2b08fd2eb8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5002.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "SEC135", "level": "error", "message": {"text": "[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we see in AI-generated SaaS code: the AI builds the route, builds the handler, and forgets to wire the auth check that the rest of the codebase uses. CWE-862 (missing authorization). High-severity because the route is fully functional, just unprotected \u2014 attackers can call it directly."}, "properties": {"repobilityId": 95872, "scanner": "repobility-threat-engine", "fingerprint": "e0f2149509d15a109e25f33c7cd70c71225bb05f80c78b2f04073bc661f31073", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "@app.route('/add_transaction', methods = ['POST'])", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC135", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|e0f2149509d15a109e25f33c7cd70c71225bb05f80c78b2f04073bc661f31073"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5001.py"}, "region": {"startLine": 176}}}]}, {"ruleId": "SEC078", "level": "error", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 95870, "scanner": "repobility-threat-engine", "fingerprint": "18a157e0080a8e3c8ef20d00d46a43d252f149b7f12b14e601763fec222e7571", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|18a157e0080a8e3c8ef20d00d46a43d252f149b7f12b14e601763fec222e7571"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5003.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "SEC078", "level": "error", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 95869, "scanner": "repobility-threat-engine", "fingerprint": "b407a52fec1d3e2ece2a2cae34304c8ff70255a91ab3ca6cfb8dd69bcc83564c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|b407a52fec1d3e2ece2a2cae34304c8ff70255a91ab3ca6cfb8dd69bcc83564c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5002.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "SEC078", "level": "error", "message": {"text": "[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-2.0). NOTE: this regex is heuristic; a real AST check is preferred for accuracy."}, "properties": {"repobilityId": 95868, "scanner": "repobility-threat-engine", "fingerprint": "5e6c910bad10133c9b6460db7d4b9a3f19eb3a2f93a202d0ee6a3c8663ae7132", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "requests.get(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC078", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|5e6c910bad10133c9b6460db7d4b9a3f19eb3a2f93a202d0ee6a3c8663ae7132"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Blockchain implementation/blockchain_5001.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 95862, "scanner": "repobility-threat-engine", "fingerprint": "8fc149aa1c3b1cc3c3d5a9ae050b11451d9307b22315ab35274ebd282d68e5e0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "img.save(file)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|8fc149aa1c3b1cc3c3d5a9ae050b11451d9307b22315ab35274ebd282d68e5e0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Image_Resizer.py"}, "region": {"startLine": 44}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 95861, "scanner": "repobility-threat-engine", "fingerprint": "3fbd64352e8cc44fe2ba7be81628125f883bc3cec170cc2c71f41b91d22bfe0a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "window.destroy()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|3fbd64352e8cc44fe2ba7be81628125f883bc3cec170cc2c71f41b91d22bfe0a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/GUI_Main.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 95860, "scanner": "repobility-threat-engine", "fingerprint": "3a4d4ca0b6a9a578ed00bb9cefc331526cfb2a1acf3e605358ee749a6716dd06", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "window.destroy()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|3a4d4ca0b6a9a578ed00bb9cefc331526cfb2a1acf3e605358ee749a6716dd06"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/GUI_Lib.py"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 95846, "scanner": "repobility-threat-engine", "fingerprint": "ab5dfd10d0d06c63c2bdad5bc494756c5189f2cc0b969338faf9bee40038f939", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|ab5dfd10d0d06c63c2bdad5bc494756c5189f2cc0b969338faf9bee40038f939"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/Resizable_Array.py"}, "region": {"startLine": 127}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 95845, "scanner": "repobility-threat-engine", "fingerprint": "79d52890c2f61d4030bb5c1d04c813cb63eea3d443d4cb0c998040621f842cb3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|79d52890c2f61d4030bb5c1d04c813cb63eea3d443d4cb0c998040621f842cb3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 95824, "scanner": "repobility-threat-engine", "fingerprint": "1b3383c0c6d3f885bf133456d499696fa880e32dae2736018143cd8e06866308", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|program token|5|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/remove_bg.py"}, "region": {"startLine": 5}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 95823, "scanner": "repobility-threat-engine", "fingerprint": "07b00997750c30629b792fdf47fd1434cf915c08ef647193fc4d989dded8ac46", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open('Files\\\\'+i, password = '<redacted>', allow_overwriting_input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|program token|15|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Python_Programs/pdf_password_remover.py"}, "region": {"startLine": 15}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 95822, "scanner": "repobility-threat-engine", "fingerprint": "d50f756a515abb9f807d4d80b9bf01cdd90e41e39e891d2249e8a6a5eee9b99a", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(\"input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|program token algorithm.cpp|43|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++/Dijkstra Algorithm.cpp"}, "region": {"startLine": 43}}}]}, {"ruleId": "MINED017", "level": "error", "message": {"text": "[MINED017] C System Call: system() invokes shell. command injection if any arg is dynamic."}, "properties": {"repobilityId": 95817, "scanner": "repobility-threat-engine", "fingerprint": "4058c56f57bf8f6247f2cf1f0f0573f1c65ef924ca0d10d8ba7dd6274f86dc3d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-system-call", "owasp": null, "cwe_ids": ["CWE-78"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347937+00:00", "triaged_in_corpus": 15, "observations_count": 77748, "ai_coder_pattern_id": 132}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4058c56f57bf8f6247f2cf1f0f0573f1c65ef924ca0d10d8ba7dd6274f86dc3d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/C++ Programs/LoginSystem.cpp"}, "region": {"startLine": 39}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 95945, "scanner": "repobility-ast-engine", "fingerprint": "456414e118521364763a8236eaffc342575a6069efc8688b74d08f3b0055496b", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|456414e118521364763a8236eaffc342575a6069efc8688b74d08f3b0055496b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "breadh.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED030", "level": "error", "message": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "properties": {"repobilityId": 95849, "scanner": "repobility-threat-engine", "fingerprint": "055581de186e84cebc329cacaf1cca3496b500b8fcd702202d8a2ce128c96b6d", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pickle-loads", "owasp": null, "cwe_ids": ["CWE-502"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347968+00:00", "triaged_in_corpus": 20, "observations_count": 6314, "ai_coder_pattern_id": 119}, "scanner": "repobility-threat-engine", "correlation_key": "fp|055581de186e84cebc329cacaf1cca3496b500b8fcd702202d8a2ce128c96b6d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "face recognition.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED030", "level": "error", "message": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "properties": {"repobilityId": 95848, "scanner": "repobility-threat-engine", "fingerprint": "2681d1d07b08490e1110e1b61e695fff5fbaf72d0ff5b57c6e1a6801bbd2ef98", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pickle-loads", "owasp": null, "cwe_ids": ["CWE-502"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347968+00:00", "triaged_in_corpus": 20, "observations_count": 6314, "ai_coder_pattern_id": 119}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2681d1d07b08490e1110e1b61e695fff5fbaf72d0ff5b57c6e1a6801bbd2ef98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/abc.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED030", "level": "error", "message": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "properties": {"repobilityId": 95847, "scanner": "repobility-threat-engine", "fingerprint": "a1001cd13bb689099ed6498190be88818fb394c30f4ee8011b974dbbd2f64989", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pickle-loads", "owasp": null, "cwe_ids": ["CWE-502"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347968+00:00", "triaged_in_corpus": 20, "observations_count": 6314, "ai_coder_pattern_id": 119}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a1001cd13bb689099ed6498190be88818fb394c30f4ee8011b974dbbd2f64989"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "SEC081", "level": "error", "message": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "properties": {"repobilityId": 95844, "scanner": "repobility-threat-engine", "fingerprint": "70b7dab2620696bfd2689e2f1bbe7aa2c1496001c29452f2f98aa95cac4175b9", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC081", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|70b7dab2620696bfd2689e2f1bbe7aa2c1496001c29452f2f98aa95cac4175b9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "face recognition.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "SEC081", "level": "error", "message": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "properties": {"repobilityId": 95843, "scanner": "repobility-threat-engine", "fingerprint": "f3c7e5a43353430ff75279428e27f765a94885dcd657151a0b42b0d598b13f4e", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC081", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|f3c7e5a43353430ff75279428e27f765a94885dcd657151a0b42b0d598b13f4e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/abc.py"}, "region": {"startLine": 16}}}]}, {"ruleId": "SEC081", "level": "error", "message": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "properties": {"repobilityId": 95842, "scanner": "repobility-threat-engine", "fingerprint": "326c8b020a401c1f78415dd54425b6589572f152ca19fe2617d983abe74673ef", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.load(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC081", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|326c8b020a401c1f78415dd54425b6589572f152ca19fe2617d983abe74673ef"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Library Database Management System/DBMSlibrary_GUI.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED024", "level": "error", "message": {"text": "[MINED024] Js Eval Usage: eval() executes arbitrary code. Code injection risk."}, "properties": {"repobilityId": 95829, "scanner": "repobility-threat-engine", "fingerprint": "7b132c3afe7ed0d29fdad7c17befb56d6eb02fbd8b917a67b28ed726525d45d8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-eval-usage", "owasp": null, "cwe_ids": ["CWE-95"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347954+00:00", "triaged_in_corpus": 20, "observations_count": 35589, "ai_coder_pattern_id": 103}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7b132c3afe7ed0d29fdad7c17befb56d6eb02fbd8b917a67b28ed726525d45d8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/JS_calculator/script.js"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED022", "level": "error", "message": {"text": "[MINED022] C Strcpy: strcpy/strcat dont bounds-check; use strncpy or snprintf."}, "properties": {"repobilityId": 95826, "scanner": "repobility-threat-engine", "fingerprint": "d7583a5ad90d6eede8792f20121bc255fbecd67a7dc630504fade80c11764e3b", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "c-strcpy", "owasp": null, "cwe_ids": ["CWE-120"], "languages": ["c", "cpp"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347949+00:00", "triaged_in_corpus": 20, "observations_count": 39114, "ai_coder_pattern_id": 130}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d7583a5ad90d6eede8792f20121bc255fbecd67a7dc630504fade80c11764e3b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "Program's_Contributed_By_Contributors/Implementation_of_DS/prefix_to_posfix.c"}, "region": {"startLine": 23}}}]}]}]}