{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "MINED111", "name": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or ", "shortDescription": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "fullDescription": {"text": "Either narrow the exception type, log the exception with `logger.exception(...)`, or re-raise after handling."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC031", "name": "[SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like `(a+)+` or quantified alternati", "shortDescription": {"text": "[SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like `(a+)+` or quantified alternation with overlapping branches. On adversarial input these patterns exhibit exponential backtracking, freezing the process"}, "fullDescription": {"text": "Three options, pick one:\n  1. Rewrite the pattern to avoid nested quantifiers. E.g. `(a+)+` is      functionally equivalent to `a+` for matching purposes.\n  2. Use Google's re2 (`pip install google-re2`): linear-time, drop-in      replacement for `re` for most use cases.\n  3. Set a hard timeout: `signal.alarm(1)` before regex eval.\nTest patterns against `safe-regex` or `redos-detector` before shipping."}, "properties": {"scanner": "repobility-threat-engine", "category": "redos", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `decide_claim` has cognitive complexity 20 (SonarSource scale). Cognitive ", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `decide_claim` has cognitive complexity 20 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion "}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 20."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED077", "name": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.", "shortDescription": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-772 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v5`: `uses: actions/deploy-pages@v5` resolves at workfl", "shortDescription": {"text": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v5`: `uses: actions/deploy-pages@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise ("}, "fullDescription": {"text": "Replace with: `uses: actions/deploy-pages@<40-char-sha>  # v5` and let Dependabot bump it on a scheduled cadence."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, bu", "shortDescription": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the me"}, "fullDescription": {"text": "Initialize `self._de = <default>` in __init__, or add a class-level default."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC013", "name": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows ", "shortDescription": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "fullDescription": {"text": "Use os.path.realpath() and verify the path starts with your expected base directory. Use secure_filename() for uploads."}, "properties": {"scanner": "repobility-threat-engine", "category": "path_traversal", "severity": "high", "confidence": 0.8, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, ra"}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "CORE_NO_TESTS", "name": "No test files found", "shortDescription": {"text": "No test files found"}, "fullDescription": {"text": "Add a test directory (tests/ or __tests__/) with unit tests for core functionality. Use pytest (Python), Jest (JS/TS), or go test (Go). Start with tests for critical business logic and security-sensitive functions."}, "properties": {"scanner": "repobility-core", "category": "testing", "severity": "high", "confidence": null, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "[MINED107] Missing import: `warnings` used but not imported: The file uses `warnings.something(...)` but never imports `", "shortDescription": {"text": "[MINED107] Missing import: `warnings` used but not imported: The file uses `warnings.something(...)` but never imports `warnings`. This raises NameError at runtime the first time the line executes."}, "fullDescription": {"text": "Add `import warnings` at the top of the file."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1045"}, "properties": {"repository": "Klotzkette/claude-fuer-deutsches-recht", "repoUrl": "https://github.com/Klotzkette/claude-fuer-deutsches-recht", "branch": "main"}, "results": [{"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102831, "scanner": "repobility-ast-engine", "fingerprint": "f69e7a1eaf43f8fe00352d8d987aad188fbd3d621b0ad487f3239fe5b70444e5", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f69e7a1eaf43f8fe00352d8d987aad188fbd3d621b0ad487f3239fe5b70444e5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/fix-comma-numbers-in-descriptions.py"}, "region": {"startLine": 81}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102830, "scanner": "repobility-ast-engine", "fingerprint": "72a44cf6f1d8aead6c8a96dbfa3b8294a0c3a6e52e0d6e6c73379570a6bcac74", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|72a44cf6f1d8aead6c8a96dbfa3b8294a0c3a6e52e0d6e6c73379570a6bcac74"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 662}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102829, "scanner": "repobility-ast-engine", "fingerprint": "1a42b2d77dfb527de8ef72d3d7af53d1d1377c374c4d65576ab4889dda5d6fac", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1a42b2d77dfb527de8ef72d3d7af53d1d1377c374c4d65576ab4889dda5d6fac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 745}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102828, "scanner": "repobility-ast-engine", "fingerprint": "511ff175a2566ee38eb7ce6e9e5361775ef0b7c63101d9783d71cbe96be15982", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|511ff175a2566ee38eb7ce6e9e5361775ef0b7c63101d9783d71cbe96be15982"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 708}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102827, "scanner": "repobility-ast-engine", "fingerprint": "6f2fa10f0230d2ae7f73dc29db3afa7ba5485a3ecae6bc01ecdca3eb4325b6c0", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6f2fa10f0230d2ae7f73dc29db3afa7ba5485a3ecae6bc01ecdca3eb4325b6c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 678}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102826, "scanner": "repobility-ast-engine", "fingerprint": "6dacadfc47a7c6cebd982e46458174cdc5ef9e2bf2f3842a3ba3c95f80949991", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6dacadfc47a7c6cebd982e46458174cdc5ef9e2bf2f3842a3ba3c95f80949991"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 498}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102825, "scanner": "repobility-ast-engine", "fingerprint": "04ceb36501236bc18b70f92d415baa488e07c0accc4a4b2ac377280223a33b3e", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|04ceb36501236bc18b70f92d415baa488e07c0accc4a4b2ac377280223a33b3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 461}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102824, "scanner": "repobility-ast-engine", "fingerprint": "cebb4dced96240d81b3673f80586005ec5b05ab0bf4ee868ca027750ae0791e4", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cebb4dced96240d81b3673f80586005ec5b05ab0bf4ee868ca027750ae0791e4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 323}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102823, "scanner": "repobility-ast-engine", "fingerprint": "8e64d0e154308d4c9eb58716c1c3124bb99c76f0b467e5c7b7a57c2e72a8c17a", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8e64d0e154308d4c9eb58716c1c3124bb99c76f0b467e5c7b7a57c2e72a8c17a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 307}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"repobilityId": 102822, "scanner": "repobility-ast-engine", "fingerprint": "3b44f899107d059a0f7d9908cb83d6f771fa556f2d630aa288719ced43e96ef1", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3b44f899107d059a0f7d9908cb83d6f771fa556f2d630aa288719ced43e96ef1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build-testakte-gesamt-pdf.py"}, "region": {"startLine": 268}}}]}, {"ruleId": "SEC031", "level": "warning", "message": {"text": "[SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like `(a+)+` or quantified alternation with overlapping branches. On adversarial input these patterns exhibit exponential backtracking, freezing the process. CWE-1333. Real CVEs: CVE-2017-16129 (minimatch), CVE-2021-3807 (ansi-regex), and dozens more."}, "properties": {"repobilityId": 102820, "scanner": "repobility-threat-engine", "fingerprint": "addfa093a7a1192827649ae81a7e89011cc7d7094bb446cda6cb3838ed6afe98", "category": "redos", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "re.compile(r'\\b[a-z]+(?:_[a-z0-9]+)+", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC031", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|addfa093a7a1192827649ae81a7e89011cc7d7094bb446cda6cb3838ed6afe98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/fix-umlaute-protected.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `decide_claim` has cognitive complexity 20 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: if=12, nested_bonus=8."}, "properties": {"repobilityId": 102816, "scanner": "repobility-threat-engine", "fingerprint": "507bf05755368bb7b2023da4e24dd35a21fcb18b42a0f9aa85dd0d70ee132c86", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 20 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "decide_claim", "breakdown": {"if": 12, "nested_bonus": 8}, "complexity": 20, "correlation_key": "fp|507bf05755368bb7b2023da4e24dd35a21fcb18b42a0f9aa85dd0d70ee132c86"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "forderungsmanagement-klagewerkstatt/scripts/inkasso_claim_gate.py"}, "region": {"startLine": 42}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 102821, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e85689321301bd659dc26a6c639497b73a4d1b0caaefb6ecee7fd6925f7c6bca", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "scripts/generate-skills-md.py", "duplicate_line": 25, "correlation_key": "fp|e85689321301bd659dc26a6c639497b73a4d1b0caaefb6ecee7fd6925f7c6bca"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/generate-skills-overview.py"}, "region": {"startLine": 20}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `analyze` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: if=7, ternary=4."}, "properties": {"repobilityId": 102815, "scanner": "repobility-threat-engine", "fingerprint": "6c2dfb6259ef40e5f4cf59dca18abfe466fae03923fdcb1f334460489abcfca7", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "analyze", "breakdown": {"if": 7, "ternary": 4}, "complexity": 11, "correlation_key": "fp|6c2dfb6259ef40e5f4cf59dca18abfe466fae03923fdcb1f334460489abcfca7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "einfache-leichte-sprache-jura/scripts/verstaendlichkeitscheck.py"}, "region": {"startLine": 57}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `lese_anlagen` has cognitive complexity 10 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=3, for=1, if=3, nested_bonus=3."}, "properties": {"repobilityId": 102814, "scanner": "repobility-threat-engine", "fingerprint": "9fa6f42e7a07058f8e93073556754055b2dbc6e1f890815e21d38f280e576da8", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 10 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "lese_anlagen", "breakdown": {"if": 3, "for": 1, "continue": 3, "nested_bonus": 3}, "complexity": 10, "correlation_key": "fp|9fa6f42e7a07058f8e93073556754055b2dbc6e1f890815e21d38f280e576da8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "anlagen-zu-schriftsaetzen/skills/anlagen-zu-schriftsaetzen/werkzeuge/build_anlagenkonvolut.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED077", "level": "none", "message": {"text": "[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles."}, "properties": {"repobilityId": 102819, "scanner": "repobility-threat-engine", "fingerprint": "48da67df7a28c4fc7906337849a0cba5665600f58fa0bfacca230503711e8ce6", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-open-no-context", "owasp": null, "cwe_ids": ["CWE-772"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348081+00:00", "triaged_in_corpus": 12, "observations_count": 7864, "ai_coder_pattern_id": 123}, "scanner": "repobility-threat-engine", "correlation_key": "fp|48da67df7a28c4fc7906337849a0cba5665600f58fa0bfacca230503711e8ce6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "jveg-kostenpruefer/scripts/jveg_zeugenentschaedigung.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 21 more): Same pattern found in 21 additional files. Review if needed."}, "properties": {"repobilityId": 102817, "scanner": "repobility-threat-engine", "fingerprint": "6c1739a25480e631cd2f17add4a118c8853a3b1189f29a71e7b0267126319610", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 21 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "lese_anlagen", "breakdown": {"if": 3, "for": 1, "continue": 3, "nested_bonus": 3}, "aggregated": true, "complexity": 10, "correlation_key": "fp|6c1739a25480e631cd2f17add4a118c8853a3b1189f29a71e7b0267126319610", "aggregated_count": 21}}}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/deploy-pages` pinned to mutable ref `@v5`: `uses: actions/deploy-pages@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 102856, "scanner": "repobility-supply-chain", "fingerprint": "1fe47e85e014fa15bc0a8a82fd2ccf933ef190733f4889f78acbf3b2084c9853", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|1fe47e85e014fa15bc0a8a82fd2ccf933ef190733f4889f78acbf3b2084c9853"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 37}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-pages-artifact` pinned to mutable ref `@v5`: `uses: actions/upload-pages-artifact@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 102855, "scanner": "repobility-supply-chain", "fingerprint": "56df09702e30aa0691a4b50ff8df4d6ebba0becee6df0006a1ccaeaeef24a8ea", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|56df09702e30aa0691a4b50ff8df4d6ebba0becee6df0006a1ccaeaeef24a8ea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 32}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/configure-pages` pinned to mutable ref `@v6`: `uses: actions/configure-pages@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 102854, "scanner": "repobility-supply-chain", "fingerprint": "eb8e826da9a6021d0fbb25ef3f8adfa851bcfb0e194c4c1d0c3be62d55e463dc", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|eb8e826da9a6021d0fbb25ef3f8adfa851bcfb0e194c4c1d0c3be62d55e463dc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 30}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 102853, "scanner": "repobility-supply-chain", "fingerprint": "c5339dfe2966c490ffdd966ad8860a05fe3782c50103406a4b8c409ec415f1d1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c5339dfe2966c490ffdd966ad8860a05fe3782c50103406a4b8c409ec415f1d1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/pages.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v7`: `uses: actions/upload-artifact@v7` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 102852, "scanner": "repobility-supply-chain", "fingerprint": "53306b82f961d491a0ae44efb39620ba58f8c246b04ded91b6c2c83e395bf1c0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|53306b82f961d491a0ae44efb39620ba58f8c246b04ded91b6c2c83e395bf1c0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-plugin-zips.yml"}, "region": {"startLine": 161}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "[MINED115] Action `actions/checkout` pinned to mutable ref `@v5`: `uses: actions/checkout@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"repobilityId": 102851, "scanner": "repobility-supply-chain", "fingerprint": "4efd54404e983d79d054a4ce21cdaf31f282ac03fc1a0610195729da7ce9ac65", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4efd54404e983d79d054a4ce21cdaf31f282ac03fc1a0610195729da7ce9ac65"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release-plugin-zips.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102850, "scanner": "repobility-ast-engine", "fingerprint": "58dd2d5d100ef5559605dc765e6535c33556447a8aac8ce07c7bbb4d67f9930b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|58dd2d5d100ef5559605dc765e6535c33556447a8aac8ce07c7bbb4d67f9930b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 161}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102849, "scanner": "repobility-ast-engine", "fingerprint": "1c21966e7be16b1c9ce71cf45f6a2003a9210c357a42171f8f3fe25e31d47f40", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c21966e7be16b1c9ce71cf45f6a2003a9210c357a42171f8f3fe25e31d47f40"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 160}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102848, "scanner": "repobility-ast-engine", "fingerprint": "ee7a5011f497680acbf8f4018ff64c18cbe5fe10e0587822996af0b6c0d840b8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ee7a5011f497680acbf8f4018ff64c18cbe5fe10e0587822996af0b6c0d840b8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 159}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102847, "scanner": "repobility-ast-engine", "fingerprint": "4f08ac6797d9ae9abfa004d50b909f13c17be916cf8bcd9fb0b0036245ecd6c3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4f08ac6797d9ae9abfa004d50b909f13c17be916cf8bcd9fb0b0036245ecd6c3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 158}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102846, "scanner": "repobility-ast-engine", "fingerprint": "3177e88d0a2db3135629b0b04ec723017ee20366662bfa5fd7ecb714fed6e311", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3177e88d0a2db3135629b0b04ec723017ee20366662bfa5fd7ecb714fed6e311"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 157}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102845, "scanner": "repobility-ast-engine", "fingerprint": "013221472f1c8c7bc03457d288700b71432422c87c0245970b9032aea181b578", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|013221472f1c8c7bc03457d288700b71432422c87c0245970b9032aea181b578"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 156}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102844, "scanner": "repobility-ast-engine", "fingerprint": "8886942927868a61e84baf08101b140afaa89d6da93a5d75fe63addc33f04463", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8886942927868a61e84baf08101b140afaa89d6da93a5d75fe63addc33f04463"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 155}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._de` used but never assigned in __init__: Method `als_text` of class `RVGErgebnis` reads `self._de`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102843, "scanner": "repobility-ast-engine", "fingerprint": "d8a2e0765492da37bfd34066caef0d0ca148e60392a9f144691f6c61cae3e3d6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d8a2e0765492da37bfd34066caef0d0ca148e60392a9f144691f6c61cae3e3d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "kanzlei-allgemein/skills/rechnungserstellung-rvg/werkzeuge/rvg_gebuehrenrechner.py"}, "region": {"startLine": 154}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._intern_string` used but never assigned in __init__: Method `_sheet_xml` of class `XlsxWorkbook` reads `self._intern_string`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102841, "scanner": "repobility-ast-engine", "fingerprint": "ccbcf69cadfef2cae95e7667f64b731e3e3e0d8b7d791a79dd99da7e115a3d06", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ccbcf69cadfef2cae95e7667f64b731e3e3e0d8b7d791a79dd99da7e115a3d06"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 673}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._shared_strings_xml` used but never assigned in __init__: Method `save` of class `XlsxWorkbook` reads `self._shared_strings_xml`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102840, "scanner": "repobility-ast-engine", "fingerprint": "e3cee95942fd63e1fe3535985fbfdfd8e5c9cb50fd541d0a13c465909264786a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e3cee95942fd63e1fe3535985fbfdfd8e5c9cb50fd541d0a13c465909264786a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 369}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._styles_xml` used but never assigned in __init__: Method `save` of class `XlsxWorkbook` reads `self._styles_xml`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102839, "scanner": "repobility-ast-engine", "fingerprint": "215567269838268d67e33a017737f986b82b44bb60e14d34f2ff482913cf5bc9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|215567269838268d67e33a017737f986b82b44bb60e14d34f2ff482913cf5bc9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 368}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._workbook_rels_xml` used but never assigned in __init__: Method `save` of class `XlsxWorkbook` reads `self._workbook_rels_xml`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102838, "scanner": "repobility-ast-engine", "fingerprint": "9566b768d15371fd2f56d47c82724e1333dd9d0963cb2be670a464bf47f79576", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9566b768d15371fd2f56d47c82724e1333dd9d0963cb2be670a464bf47f79576"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 367}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._workbook_xml` used but never assigned in __init__: Method `save` of class `XlsxWorkbook` reads `self._workbook_xml`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102837, "scanner": "repobility-ast-engine", "fingerprint": "7e4a2e07d4b5f0e572f6681686553f89324e621709b0f263597591cde64a8ede", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7e4a2e07d4b5f0e572f6681686553f89324e621709b0f263597591cde64a8ede"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 366}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._rels_xml` used but never assigned in __init__: Method `save` of class `XlsxWorkbook` reads `self._rels_xml`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102836, "scanner": "repobility-ast-engine", "fingerprint": "ac2150c85dda2c6c56722eb43cb8bf6a249846d5278001c0ce9b7d7e0e1cc7d9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ac2150c85dda2c6c56722eb43cb8bf6a249846d5278001c0ce9b7d7e0e1cc7d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 365}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._content_types_xml` used but never assigned in __init__: Method `save` of class `XlsxWorkbook` reads `self._content_types_xml`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102835, "scanner": "repobility-ast-engine", "fingerprint": "2d23a3bf1c1d76838aa82da8e3c4e63a83b6b40902f8f710f88a862893b4ac91", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2d23a3bf1c1d76838aa82da8e3c4e63a83b6b40902f8f710f88a862893b4ac91"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 364}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self._sheet_xml` used but never assigned in __init__: Method `save` of class `XlsxWorkbook` reads `self._sheet_xml`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102834, "scanner": "repobility-ast-engine", "fingerprint": "4e907147f5c1ac2bab799d2e5f74893914f0312060f7dbac3ac4e74d45a9bbd2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4e907147f5c1ac2bab799d2e5f74893914f0312060f7dbac3ac4e74d45a9bbd2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "liquiditaetsplanung/skills/liquiditaetsvorschau-3-6-12-monate/werkzeuge/build_liquiditaetsplan.py"}, "region": {"startLine": 362}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.zinssatz` used but never assigned in __init__: Method `zinsen` of class `Periode` reads `self.zinssatz`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102833, "scanner": "repobility-ast-engine", "fingerprint": "447dc6b325f6dde1db018d0afe30072387369720d6e1d5733f8edb732e4588f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|447dc6b325f6dde1db018d0afe30072387369720d6e1d5733f8edb732e4588f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "forderungsmanagement-klagewerkstatt/skills/klage-aus-eigenem-skill/werkzeuge/verzugszins_rechner.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "[MINED108] `self.tage` used but never assigned in __init__: Method `zinsen` of class `Periode` reads `self.tage`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"repobilityId": 102832, "scanner": "repobility-ast-engine", "fingerprint": "68dcdb6a837d9845405aba79a10f2d3927d56ff618b685e1711dee3ede691f2d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|68dcdb6a837d9845405aba79a10f2d3927d56ff618b685e1711dee3ede691f2d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "forderungsmanagement-klagewerkstatt/skills/klage-aus-eigenem-skill/werkzeuge/verzugszins_rechner.py"}, "region": {"startLine": 126}}}]}, {"ruleId": "SEC013", "level": "error", "message": {"text": "[SEC013] Path Traversal \u2014 User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files."}, "properties": {"repobilityId": 102818, "scanner": "repobility-threat-engine", "fingerprint": "45706d7ea046abda72a4af53d7791659f22c6710e4738b1f2117fe49f41ecb33", "category": "path_traversal", "severity": "high", "confidence": 0.8, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "User-controlled input detected in file path construction", "evidence": {"match": "open(args.input, encoding=\"utf-8\").read() if args.input", "reason": "User-controlled input detected in file path construction", "rule_id": "SEC013", "scanner": "repobility-threat-engine", "confidence": 0.8, "correlation_key": "code|path_traversal|token|22|sec013"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "jveg-kostenpruefer/scripts/jveg_zeugenentschaedigung.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 102813, "scanner": "repobility-threat-engine", "fingerprint": "a45a584de5aadf9d91cc37f26e5842a7eb78c0950e13167780f756e4da0c5879", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "c.save()", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|a45a584de5aadf9d91cc37f26e5842a7eb78c0950e13167780f756e4da0c5879"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "anlagen-zu-schriftsaetzen/skills/anlagen-zu-schriftsaetzen/werkzeuge/build_anlagenkonvolut.py"}, "region": {"startLine": 149}}}]}, {"ruleId": "CORE_NO_TESTS", "level": "error", "message": {"text": "No test files found"}, "properties": {"repobilityId": 102812, "scanner": "repobility-core", "fingerprint": "0200e9918bc2a7bf9c116d0907e50ac3df640c758b93852cf1890ec6e14d870d", "category": "testing", "severity": "high", "confidence": null, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"rule_id": "CORE_NO_TESTS", "scanner": "repobility-core", "correlation_key": "repo|testing|core_no_tests"}}}, {"ruleId": "MINED107", "level": "error", "message": {"text": "[MINED107] Missing import: `warnings` used but not imported: The file uses `warnings.something(...)` but never imports `warnings`. This raises NameError at runtime the first time the line executes."}, "properties": {"repobilityId": 102842, "scanner": "repobility-ast-engine", "fingerprint": "5ae678eba94d89fd5d0dc2b38516bd56bd469ccfbaa7e1882129efced506e484", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5ae678eba94d89fd5d0dc2b38516bd56bd469ccfbaa7e1882129efced506e484"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "einfache-leichte-sprache-jura/scripts/verstaendlichkeitscheck.py"}, "region": {"startLine": 77}}}]}]}]}