{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "GHSA-q8mj-m7cp-5q26", "name": "qs: GHSA-q8mj-m7cp-5q26", "shortDescription": {"text": "qs: GHSA-q8mj-m7cp-5q26"}, "fullDescription": {"text": "qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "SEC007", "name": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.", "shortDescription": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "fullDescription": {"text": "Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data."}, "properties": {"scanner": "repobility-threat-engine", "category": "deserialization", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT015", "name": "Remote install command pipes network code directly to a shell", "shortDescription": {"text": "Remote install command pipes network code directly to a shell"}, "fullDescription": {"text": "Agent helper projects often publish one-line installers. `curl | sh` style commands are convenient, but they bypass review unless the script is pinned, signed, or checksum-verified."}, "properties": {"scanner": "repobility-agent-runtime", "category": "dependency", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "MINED124", "name": "requirements.txt: `pydata-sphinx-theme` has no version pin", "shortDescription": {"text": "requirements.txt: `pydata-sphinx-theme` has no version pin"}, "fullDescription": {"text": "Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "medium", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED109", "name": "Mutable default argument in `repr_args` (dict)", "shortDescription": {"text": "Mutable default argument in `repr_args` (dict)"}, "fullDescription": {"text": "`def repr_args(... = []/{}/set())` \u2014 Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `make_node` has cognitive complexity 11 (SonarSource scale). Cognitive com", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `make_node` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 11."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "low", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "DEPCUR-NPM", "name": "npm package `cypress` is minor version(s) behind (15.15.0 -> 15.16.0)", "shortDescription": {"text": "npm package `cypress` is minor version(s) behind (15.15.0 -> 15.16.0)"}, "fullDescription": {"text": "`cypress` is pinned/resolved at 15.15.0 but the latest stable release on the npm registry is 15.16.0 (minor version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise."}, "properties": {"scanner": "repobility-dependency-currency", "category": "dependency", "severity": "low", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC045", "name": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a latera", "shortDescription": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use obj"}, "fullDescription": {"text": "For literal data structures: use ast.literal_eval(text) \u2014 only parses literals, raises on code.\nFor formula evaluation: use asteval or simpleeval (purpose-built sandboxes with allow-lists).\nFor Odoo: use odoo.tools.safe_eval(expr, locals_dict, mode='exec').\nIf you genuinely need to execute admin-stored code: require explicit super-admin permission AND log every execution with a stack trace."}, "properties": {"scanner": "repobility-threat-engine", "category": "injection", "severity": "info", "confidence": 0.1, "cwe": "", "owasp": ""}}, {"id": "MINED064", "name": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.", "shortDescription": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "fullDescription": {"text": "Review and fix per the pattern semantics."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED055", "name": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of ", "shortDescription": {"text": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1357 / A06:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 10 more): Same pattern found in 10 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.", "shortDescription": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "GHSA-3xgq-45jj-v275", "name": "cross-spawn: GHSA-3xgq-45jj-v275", "shortDescription": {"text": "cross-spawn: GHSA-3xgq-45jj-v275"}, "fullDescription": {"text": "Regular Expression Denial of Service (ReDoS) in cross-spawn"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "SEC128", "name": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns", "shortDescription": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, ra"}, "fullDescription": {"text": "Add `await` before each async call, or chain with `.then`. If you intentionally want fire-and-forget, prefix with `void` (TS) or assign to `_` (Python with `asyncio.create_task`) to make the intent explicit and survive lint."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED012", "name": "[MINED012] Curl Pipe Bash: curl ... | sh / bash \u2014 runs unverified network code.", "shortDescription": {"text": "[MINED012] Curl Pipe Bash: curl ... | sh / bash \u2014 runs unverified network code."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-494 / A08:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`", "shortDescription": {"text": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`"}, "fullDescription": {"text": "`uses: prefix-dev/setup-pixi@v0.9.6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "pre-commit hook `https://github.com/astral-sh/ruff-pre-commit` pinned to mutable rev `v0.14.4`", "shortDescription": {"text": "pre-commit hook `https://github.com/astral-sh/ruff-pre-commit` pinned to mutable rev `v0.14.4`"}, "fullDescription": {"text": "`.pre-commit-config.yaml` references `https://github.com/astral-sh/ruff-pre-commit` at `rev: v0.14.4`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_wrong_cols_input_type", "shortDescription": {"text": "Phantom test coverage: test_wrong_cols_input_type"}, "fullDescription": {"text": "Test function `test_wrong_cols_input_type` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.all_outputs_` used but never assigned in __init__", "shortDescription": {"text": "`self.all_outputs_` used but never assigned in __init__"}, "fullDescription": {"text": "Method `fit_transform` of class `ApplyToSubFrame` reads `self.all_outputs_`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED030", "name": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__.", "shortDescription": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-502 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED018", "name": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/fi", "shortDescription": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-502 / A08:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC081", "name": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary co", "shortDescription": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "fullDescription": {"text": "Use json, msgpack, or protobuf for untrusted data. If pickle is required, sign the payload with HMAC."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED116", "name": "Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger", "shortDescription": {"text": "Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger"}, "fullDescription": {"text": "This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.CODECOV_TOKEN }` lets a PR from any fork exfiltrate the secret (modify a script, log the value, etc.). Use `pull_request_target` ONLY with strict checkout discipline (no fork code in the trusted context)."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "critical", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED107", "name": "Missing import: `array` used but not imported", "shortDescription": {"text": "Missing import: `array` used but not imported"}, "fullDescription": {"text": "The file uses `array.something(...)` but never imports `array`. This raises NameError at runtime the first time the line executes."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "critical", "confidence": 1.0, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/1034"}, "properties": {"repository": "skrub-data/skrub", "repoUrl": "https://github.com/skrub-data/skrub", "branch": "main"}, "results": [{"ruleId": "GHSA-q8mj-m7cp-5q26", "level": "warning", "message": {"text": "qs: GHSA-q8mj-m7cp-5q26"}, "properties": {"repobilityId": 96890, "scanner": "osv-scanner", "fingerprint": "23dad917c0394e9820e674a68ff63ebd27285e13ac86ad331468118b0a541fcb", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-8723"], "package": "qs", "rule_id": "GHSA-q8mj-m7cp-5q26", "scanner": "osv-scanner", "correlation_key": "vuln|qs|CVE-2026-8723|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_reporting/js_tests/package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC007", "level": "warning", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 96879, "scanner": "repobility-threat-engine", "fingerprint": "40313154dd3f86f4fdca1509616ac580f1d3dea1bae8b408da26bbfbb97625ca", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.loads(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|skrub/_data_ops/_utils.py|56|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_utils.py"}, "region": {"startLine": 56}}}]}, {"ruleId": "SEC007", "level": "warning", "message": {"text": "[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code."}, "properties": {"repobilityId": 96878, "scanner": "repobility-threat-engine", "fingerprint": "2058410c1b80b82bd4ce91c6a2668134f7000f1bcf426b3b3a2deea9555fc121", "category": "deserialization", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.loads(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC007", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "code|deserialization|token|173|sec007"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tutorials/1110_data_ops_intro.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 96866, "scanner": "repobility-agent-runtime", "fingerprint": "aa6c369f32ee76b3634b78eade3100fe5f7c4d59820602a0d1b00cbf52fde054", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|aa6c369f32ee76b3634b78eade3100fe5f7c4d59820602a0d1b00cbf52fde054"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_tools/circle/build_doc.sh"}, "region": {"startLine": 101}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `pydata-sphinx-theme` has no version pin"}, "properties": {"repobilityId": 96844, "scanner": "repobility-supply-chain", "fingerprint": "5d0dcb9452ee38401bb8ce8adf64e4b4bd7466c8907f0a29d2578431beb6e3da", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5d0dcb9452ee38401bb8ce8adf64e4b4bd7466c8907f0a29d2578431beb6e3da"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".binder/requirements.txt"}, "region": {"startLine": 7}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `statsmodels` has no version pin"}, "properties": {"repobilityId": 96843, "scanner": "repobility-supply-chain", "fingerprint": "2a6d46af5ab9260af905a4e168f7690253191e0f6a9662f18c2a8f696d395411", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|2a6d46af5ab9260af905a4e168f7690253191e0f6a9662f18c2a8f696d395411"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".binder/requirements.txt"}, "region": {"startLine": 6}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `seaborn` has no version pin"}, "properties": {"repobilityId": 96842, "scanner": "repobility-supply-chain", "fingerprint": "3fb834e26d6ae9bc239b24faaed7525ff04d44175ec0ec28c134d6a543da4f16", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|3fb834e26d6ae9bc239b24faaed7525ff04d44175ec0ec28c134d6a543da4f16"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".binder/requirements.txt"}, "region": {"startLine": 5}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `matplotlib` has no version pin"}, "properties": {"repobilityId": 96841, "scanner": "repobility-supply-chain", "fingerprint": "6b781ae5e0fc87d599329b88666085ea20c26107e867474fd6ebcbeb1bb4e839", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6b781ae5e0fc87d599329b88666085ea20c26107e867474fd6ebcbeb1bb4e839"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".binder/requirements.txt"}, "region": {"startLine": 4}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `sphinxext-opengraph` has no version pin"}, "properties": {"repobilityId": 96840, "scanner": "repobility-supply-chain", "fingerprint": "f9775ab5dfbe7734fe16faa96125b01d28617243c074c54e041dbcb09a0fd0a6", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f9775ab5dfbe7734fe16faa96125b01d28617243c074c54e041dbcb09a0fd0a6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".binder/requirements.txt"}, "region": {"startLine": 3}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `dirty-cat` has no version pin"}, "properties": {"repobilityId": 96839, "scanner": "repobility-supply-chain", "fingerprint": "63ba533d79472da94b3272a0fa812ff7140808a4ab7f2e668aa3ad9c5c884ab9", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|63ba533d79472da94b3272a0fa812ff7140808a4ab7f2e668aa3ad9c5c884ab9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".binder/requirements.txt"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED124", "level": "warning", "message": {"text": "requirements.txt: `sphinx-gallery` has no version pin"}, "properties": {"repobilityId": 96838, "scanner": "repobility-supply-chain", "fingerprint": "4c32ffae41e19109c691be9afe9182332a425a5598b4d7cfa0b96e6becd10df7", "category": "dependency", "severity": "medium", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "unpinned-pip-requirement", "owasp": null, "cwe_ids": ["CWE-1357"], "languages": ["python"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4c32ffae41e19109c691be9afe9182332a425a5598b4d7cfa0b96e6becd10df7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".binder/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96834, "scanner": "repobility-ast-engine", "fingerprint": "b85074ad18bf0a241e90e73d450de6bf708093508eff8fa2c8ed6fc66f345a93", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b85074ad18bf0a241e90e73d450de6bf708093508eff8fa2c8ed6fc66f345a93"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/sphinxext/github_link.py"}, "region": {"startLine": 59}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96833, "scanner": "repobility-ast-engine", "fingerprint": "efa69077f34ccda6d3aa0a65e4bfee1930e436c468cac1859d09e32d011152f8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|efa69077f34ccda6d3aa0a65e4bfee1930e436c468cac1859d09e32d011152f8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/sphinxext/github_link.py"}, "region": {"startLine": 67}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96832, "scanner": "repobility-ast-engine", "fingerprint": "7379d172ef0fbd54baeab53b2c88e30f0bc88c1affb56bd9c525d16ad2056369", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7379d172ef0fbd54baeab53b2c88e30f0bc88c1affb56bd9c525d16ad2056369"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/sphinxext/github_link.py"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96829, "scanner": "repobility-ast-engine", "fingerprint": "88fb3696f4370c9c76deba7e8b75d775696f9f9808ecc33fc6aaced36fb4845b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|88fb3696f4370c9c76deba7e8b75d775696f9f9808ecc33fc6aaced36fb4845b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/datasets/_utils.py"}, "region": {"startLine": 351}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96799, "scanner": "repobility-ast-engine", "fingerprint": "847f022f0a559463743fd0ff86d369b8dbdac581ded41b01e5bfdf9b5eee5c93", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|847f022f0a559463743fd0ff86d369b8dbdac581ded41b01e5bfdf9b5eee5c93"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_data_ops.py"}, "region": {"startLine": 250}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96798, "scanner": "repobility-ast-engine", "fingerprint": "537f2264082da340935f1f48ae40235df20396993c02c529d02bda6618985160", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|537f2264082da340935f1f48ae40235df20396993c02c529d02bda6618985160"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_data_ops.py"}, "region": {"startLine": 2017}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96797, "scanner": "repobility-ast-engine", "fingerprint": "2aec78b58f9f125556af77292fa1bd492491fdd4f82ff53d7b56a4430404252b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2aec78b58f9f125556af77292fa1bd492491fdd4f82ff53d7b56a4430404252b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_data_ops.py"}, "region": {"startLine": 745}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96796, "scanner": "repobility-ast-engine", "fingerprint": "51dbc700fd1d51455322d71c4b15129391c9c5a273f0e239963f52e15f30c766", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|51dbc700fd1d51455322d71c4b15129391c9c5a273f0e239963f52e15f30c766"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_data_ops.py"}, "region": {"startLine": 410}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96795, "scanner": "repobility-ast-engine", "fingerprint": "59fe90fb8611ab65c233a44d98596ffbca1e0b87f6a187a0be7e71e44d2d7c8d", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|59fe90fb8611ab65c233a44d98596ffbca1e0b87f6a187a0be7e71e44d2d7c8d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_data_ops.py"}, "region": {"startLine": 1386}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96794, "scanner": "repobility-ast-engine", "fingerprint": "9453823bdf1ba3f9aaf69ee379d3c9709b694397d633129a26ef33425fbe5df8", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9453823bdf1ba3f9aaf69ee379d3c9709b694397d633129a26ef33425fbe5df8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_inspection.py"}, "region": {"startLine": 70}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96793, "scanner": "repobility-ast-engine", "fingerprint": "aa4a33562c94bab26b65129c5851cd8be733cae5615500967250cab5e57b5b07", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa4a33562c94bab26b65129c5851cd8be733cae5615500967250cab5e57b5b07"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_inspection.py"}, "region": {"startLine": 156}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96792, "scanner": "repobility-ast-engine", "fingerprint": "2327b998369829f0f9e5113cd0f2083acb63455b292facb086e1bd5734a653d2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2327b998369829f0f9e5113cd0f2083acb63455b292facb086e1bd5734a653d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_utils.py"}, "region": {"startLine": 85}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96791, "scanner": "repobility-ast-engine", "fingerprint": "678b8d9c687d94abe4fb7a00da1398fc31b62cd7a1d76fc9055d70dd4f2b0a61", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|678b8d9c687d94abe4fb7a00da1398fc31b62cd7a1d76fc9055d70dd4f2b0a61"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_utils.py"}, "region": {"startLine": 161}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96790, "scanner": "repobility-ast-engine", "fingerprint": "413e4c67c0f4f2f53d48ba1b45a3980b2e5f721739aa3a7c6f0c4f28e740d525", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|413e4c67c0f4f2f53d48ba1b45a3980b2e5f721739aa3a7c6f0c4f28e740d525"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/_optuna.py"}, "region": {"startLine": 272}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96789, "scanner": "repobility-ast-engine", "fingerprint": "d1505fb76333b35c29a7676600a4c12f9bb85c2f0619dddf762eebe24580060b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d1505fb76333b35c29a7676600a4c12f9bb85c2f0619dddf762eebe24580060b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/selectors/_selectors.py"}, "region": {"startLine": 573}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96788, "scanner": "repobility-ast-engine", "fingerprint": "d3a4c7f1c80176fb7512d9d946cc6761621cd8697f3eb325917cdee15556266b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d3a4c7f1c80176fb7512d9d946cc6761621cd8697f3eb325917cdee15556266b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_interpolation_joiner.py"}, "region": {"startLine": 442}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96787, "scanner": "repobility-ast-engine", "fingerprint": "6e012dfb42db95939179bff70da3a0e1e9fe12c3e55555d5732345d46a5c3104", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6e012dfb42db95939179bff70da3a0e1e9fe12c3e55555d5732345d46a5c3104"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_interpolation_joiner.py"}, "region": {"startLine": 426}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 96784, "scanner": "repobility-ast-engine", "fingerprint": "b7198cbde09414106b975cfd149703f6742d0a0ff5f36744f50f66c4d97f3aeb", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b7198cbde09414106b975cfd149703f6742d0a0ff5f36744f50f66c4d97f3aeb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_single_column_transformer.py"}, "region": {"startLine": 345}}}]}, {"ruleId": "MINED109", "level": "warning", "message": {"text": "Mutable default argument in `repr_args` (dict)"}, "properties": {"repobilityId": 96783, "scanner": "repobility-ast-engine", "fingerprint": "8008967b97276fbcdda73bd16ec63aeb8984d9aadbb3ea53d40df86619abd3d2", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "mutable-default-arg", "owasp": null, "cwe_ids": ["CWE-1023"], "languages": ["python"], "observations_count": 64867}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8008967b97276fbcdda73bd16ec63aeb8984d9aadbb3ea53d40df86619abd3d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_utils.py"}, "region": {"startLine": 194}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `make_node` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: elif=1, else=2, if=4, nested_bonus=3, or=1."}, "properties": {"repobilityId": 96872, "scanner": "repobility-threat-engine", "fingerprint": "a843ac10e759ae778a41a1505f8706f6de9be89cbadd6d5cfbd7f71adbf7a848", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 11 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "make_node", "breakdown": {"if": 4, "or": 1, "elif": 1, "else": 2, "nested_bonus": 3}, "complexity": 11, "correlation_key": "fp|a843ac10e759ae778a41a1505f8706f6de9be89cbadd6d5cfbd7f71adbf7a848"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/sphinxext/sphinx_issues.py"}, "region": {"startLine": 91}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `_linkcode_resolve` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: except=3, if=5, nested_bonus=1."}, "properties": {"repobilityId": 96871, "scanner": "repobility-threat-engine", "fingerprint": "c2daf7f655607f2aaeae6efdf7fc313a950dc17b5a2f56a7632ff94eadcf2c7d", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "_linkcode_resolve", "breakdown": {"if": 5, "except": 3, "nested_bonus": 1}, "complexity": 9, "correlation_key": "fp|c2daf7f655607f2aaeae6efdf7fc313a950dc17b5a2f56a7632ff94eadcf2c7d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/sphinxext/github_link.py"}, "region": {"startLine": 24}}}]}, {"ruleId": "COMP001", "level": "note", "message": {"text": "[COMP001] High cognitive complexity: Function `extract_code` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, for=1, if=3, nested_bonus=4."}, "properties": {"repobilityId": 96870, "scanner": "repobility-threat-engine", "fingerprint": "db1b125bf66775cf87b3fd7f200027768cb5170a2802de642746046d33b445ee", "category": "quality", "severity": "low", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 9 (severity threshold for low: 8+).", "evidence": {"scanner": "repobility-threat-engine", "function": "extract_code", "breakdown": {"if": 3, "for": 1, "continue": 1, "nested_bonus": 4}, "complexity": 9, "correlation_key": "fp|db1b125bf66775cf87b3fd7f200027768cb5170a2802de642746046d33b445ee"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/generate_data_ops_example_for_index.py"}, "region": {"startLine": 86}}}]}, {"ruleId": "DEPCUR-NPM", "level": "note", "message": {"text": "npm package `cypress` is minor version(s) behind (15.15.0 -> 15.16.0)"}, "properties": {"repobilityId": 96865, "scanner": "repobility-dependency-currency", "fingerprint": "1c6912d91f83f7e5f225cc847fe501f454d8e0be89db4681b9ff9cf836dfd1f0", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "cypress", "scanner": "repobility-dependency-currency", "ecosystem": "npm", "languages": ["javascript"], "latest_version": "15.16.0", "correlation_key": "fp|1c6912d91f83f7e5f225cc847fe501f454d8e0be89db4681b9ff9cf836dfd1f0", "current_version": "15.15.0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_reporting/js_tests/package.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96757, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4120ca753f5c30b8136edee648710b26d886cda91ad17849fc689e70e423528c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/selectors/_base.py", "duplicate_line": 6, "correlation_key": "fp|4120ca753f5c30b8136edee648710b26d886cda91ad17849fc689e70e423528c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/selectors/_selectors.py"}, "region": {"startLine": 30}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96756, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5e5d3d5a92c75aaaa1ed8524e2cc7c038b1061680e0ced1b45410bca238bd46c", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_datetime_encoder.py", "duplicate_line": 424, "correlation_key": "fp|5e5d3d5a92c75aaaa1ed8524e2cc7c038b1061680e0ced1b45410bca238bd46c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_text_encoder.py"}, "region": {"startLine": 329}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96755, "scanner": "repobility-ai-code-hygiene", "fingerprint": "3f64b6091a884c457b2c892865b8069542c36cc9e8d81c416b47107e7cae9ab0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_datetime_encoder.py", "duplicate_line": 424, "correlation_key": "fp|3f64b6091a884c457b2c892865b8069542c36cc9e8d81c416b47107e7cae9ab0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_string_encoder.py"}, "region": {"startLine": 225}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96754, "scanner": "repobility-ai-code-hygiene", "fingerprint": "5ae7f7d356f4316f6b2ea54ce3d5e1b01758a72af2f7fb9cb5c13e7e992b85b3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_minhash_encoder.py", "duplicate_line": 252, "correlation_key": "fp|5ae7f7d356f4316f6b2ea54ce3d5e1b01758a72af2f7fb9cb5c13e7e992b85b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_string_encoder.py"}, "region": {"startLine": 223}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96753, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f8eccd83e4c06f667daf26f6fac823ab3f1abfc0548f42f1d94d6513651e2ea8", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_apply_to_each_col.py", "duplicate_line": 125, "correlation_key": "fp|f8eccd83e4c06f667daf26f6fac823ab3f1abfc0548f42f1d94d6513651e2ea8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_single_column_transformer.py"}, "region": {"startLine": 37}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96752, "scanner": "repobility-ai-code-hygiene", "fingerprint": "56fff81462d0ff7f2640ed4b4699a0af7be5abfafccb7c1baf62dda1fb9ca83e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_datetime_encoder.py", "duplicate_line": 424, "correlation_key": "fp|56fff81462d0ff7f2640ed4b4699a0af7be5abfafccb7c1baf62dda1fb9ca83e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_minhash_encoder.py"}, "region": {"startLine": 254}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96751, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9794179827f6c1e10ce19488d14c234c56e7321596131ad1579ac2aff4822402", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_apply_to_each_col.py", "duplicate_line": 329, "correlation_key": "fp|9794179827f6c1e10ce19488d14c234c56e7321596131ad1579ac2aff4822402"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_datetime_encoder.py"}, "region": {"startLine": 404}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96750, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4c84c5500dccc6f907aa8d7c8a03bec054e6699778dcaf0d7c527a01afec4569", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_apply_to_cols.py", "duplicate_line": 267, "correlation_key": "fp|4c84c5500dccc6f907aa8d7c8a03bec054e6699778dcaf0d7c527a01afec4569"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 137}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 96749, "scanner": "repobility-ai-code-hygiene", "fingerprint": "c23a6507030c2210c98abdb821db8defe0589ae5fdd7891b73d442571e4d6f3e", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "skrub/_apply_to_cols.py", "duplicate_line": 41, "correlation_key": "fp|c23a6507030c2210c98abdb821db8defe0589ae5fdd7891b73d442571e4d6f3e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_each_col.py"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 96888, "scanner": "repobility-threat-engine", "fingerprint": "7e2db9d63cd79b75213d9471c7eb45a4037d1a4c084ca3b8454916cb9028d663", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7e2db9d63cd79b75213d9471c7eb45a4037d1a4c084ca3b8454916cb9028d663"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_reporting/_data/templates/data_ops/data_ops-report.js"}, "region": {"startLine": 32}}}]}, {"ruleId": "SEC045", "level": "none", "message": {"text": "[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data \u2014 even admin-stored data \u2014 is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ cleared) are escapable: attackers use object introspection (().__class__.__mro__[-1].__subclasses__()) to reach os.system. CWE-95 (eval injection)."}, "properties": {"repobilityId": 96885, "scanner": "repobility-threat-engine", "fingerprint": "961b6eab43a90c1323a647aa55f4396e4040660bf95b664a2479f4de553e5650", "category": "injection", "severity": "info", "confidence": 0.1, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Safe pattern '\\.eval\\(' detected on same line", "evidence": {"match": ".eval(", "reason": "Safe pattern '\\.eval\\(' detected on same line", "rule_id": "SEC045", "scanner": "repobility-threat-engine", "confidence": 0.1, "correlation_key": "code|injection|skrub/_dispatch.py|259|sec045"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_dispatch.py"}, "region": {"startLine": 259}}}]}, {"ruleId": "MINED064", "level": "none", "message": {"text": "[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services."}, "properties": {"repobilityId": 96884, "scanner": "repobility-threat-engine", "fingerprint": "3107c3d8ff6302aeaaf4797024421599ddd9bc3fd9e1c5ae60703355758a2bcf", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-input-call", "owasp": null, "cwe_ids": [], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348050+00:00", "triaged_in_corpus": 12, "observations_count": 66378, "ai_coder_pattern_id": 124}, "scanner": "repobility-threat-engine", "correlation_key": "fp|3107c3d8ff6302aeaaf4797024421599ddd9bc3fd9e1c5ae60703355758a2bcf"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 101}}}]}, {"ruleId": "MINED055", "level": "none", "message": {"text": "[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci."}, "properties": {"repobilityId": 96883, "scanner": "repobility-threat-engine", "fingerprint": "7563252a93af8938a16aee9e24eec0502530f57a19359d44c11e70f2d3d8704c", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "npm-install-no-lockfile", "owasp": "A06:2021", "cwe_ids": ["CWE-1357"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348030+00:00", "triaged_in_corpus": 12, "observations_count": 317602, "ai_coder_pattern_id": 42}, "scanner": "repobility-threat-engine", "correlation_key": "fp|7563252a93af8938a16aee9e24eec0502530f57a19359d44c11e70f2d3d8704c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "examples/data_ops/1131_optuna_choices.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "properties": {"repobilityId": 96877, "scanner": "repobility-threat-engine", "fingerprint": "091a09b8c764f855918622fcf41c76ebcaf1ff1f761099248b190e861f32eaba", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 10 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|091a09b8c764f855918622fcf41c76ebcaf1ff1f761099248b190e861f32eaba", "aggregated_count": 10}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 96876, "scanner": "repobility-threat-engine", "fingerprint": "a8695d7f9d8c41e21b11475ee7a367a38022a8a73c50b918c6ca99e05478ff13", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a8695d7f9d8c41e21b11475ee7a367a38022a8a73c50b918c6ca99e05478ff13"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_clean_categories.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 96875, "scanner": "repobility-threat-engine", "fingerprint": "aa6671b93463dddfe17a13c8fc4a9abdab9e31c391d2081bcdafeb13b8a36072", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|aa6671b93463dddfe17a13c8fc4a9abdab9e31c391d2081bcdafeb13b8a36072"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 96874, "scanner": "repobility-threat-engine", "fingerprint": "4410b68d720a03a682e79ebb0cdb6d7c0f476d36f98f625a9998352ac9d12169", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4410b68d720a03a682e79ebb0cdb6d7c0f476d36f98f625a9998352ac9d12169"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/sphinxext/autoshortsummary.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 8 more): Same pattern found in 8 additional files. Review if needed."}, "properties": {"repobilityId": 96873, "scanner": "repobility-threat-engine", "fingerprint": "d77c5009f48b7037f4b39dca2da19e88620f9ee944ab4de5a78fef76b97d4995", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 8 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "extract_code", "breakdown": {"if": 3, "for": 1, "continue": 1, "nested_bonus": 4}, "aggregated": true, "complexity": 9, "correlation_key": "fp|d77c5009f48b7037f4b39dca2da19e88620f9ee944ab4de5a78fef76b97d4995", "aggregated_count": 8}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 96869, "scanner": "repobility-threat-engine", "fingerprint": "697db3024eccb52d85d5b9e99a15dd58ef29d82700eda8a3c596ce6f89b5af4b", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|697db3024eccb52d85d5b9e99a15dd58ef29d82700eda8a3c596ce6f89b5af4b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/sphinxext/github_link.py"}, "region": {"startLine": 31}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 96868, "scanner": "repobility-threat-engine", "fingerprint": "bb13ecabff9b9e22d623021b1261d371c48de52c2676d182f6a712c4f7005449", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|bb13ecabff9b9e22d623021b1261d371c48de52c2676d182f6a712c4f7005449"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/demo_periodic_features.py"}, "region": {"startLine": 14}}}]}, {"ruleId": "GHSA-3xgq-45jj-v275", "level": "error", "message": {"text": "cross-spawn: GHSA-3xgq-45jj-v275"}, "properties": {"repobilityId": 96889, "scanner": "osv-scanner", "fingerprint": "20a40d5971e85ecdd8564d7e25c755155cee05b02d8a8aa67508e0b0001946dc", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-21538"], "package": "cross-spawn", "rule_id": "GHSA-3xgq-45jj-v275", "scanner": "osv-scanner", "correlation_key": "vuln|cross-spawn|CVE-2024-21538|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_reporting/js_tests/package-lock.json"}, "region": {"startLine": 1}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 96887, "scanner": "repobility-threat-engine", "fingerprint": "2d0d36315fa744ae2100e80c0efe6a4d7f1b95c05fffee7a519e378ecdc5adb7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "used.update(new_names)", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|2d0d36315fa744ae2100e80c0efe6a4d7f1b95c05fffee7a519e378ecdc5adb7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_join_utils.py"}, "region": {"startLine": 191}}}]}, {"ruleId": "SEC128", "level": "error", "message": {"text": "[SEC128] Async function without await \u2014 fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work completes \u2014 DB writes lost, emails not sent, race conditions. This is one of the top-3 errors AI coders make: they understand async-shape but drop the await keyword when chaining multiple ops. Surfaces as flaky tests or silently dropped data in production."}, "properties": {"repobilityId": 96886, "scanner": "repobility-threat-engine", "fingerprint": "61205b6d072ff77979f64ef32126f5b50ffe7067bf7d4c38c648f9885b894365", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "types_to_register.update(module_info.types[type_name])", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC128", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|61205b6d072ff77979f64ef32126f5b50ffe7067bf7d4c38c648f9885b894365"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_dispatch.py"}, "region": {"startLine": 238}}}]}, {"ruleId": "MINED012", "level": "error", "message": {"text": "[MINED012] Curl Pipe Bash: curl ... | sh / bash \u2014 runs unverified network code."}, "properties": {"repobilityId": 96867, "scanner": "repobility-threat-engine", "fingerprint": "a6fd02a15573aaa7fee34a2b141b4fc6f4fdfccdd506eff0f97249e0ad1e1ddb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "curl-pipe-bash", "owasp": "A08:2021", "cwe_ids": ["CWE-494"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347926+00:00", "triaged_in_corpus": 15, "observations_count": 135001, "ai_coder_pattern_id": 25}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a6fd02a15573aaa7fee34a2b141b4fc6f4fdfccdd506eff0f97249e0ad1e1ddb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "build_tools/circle/build_doc.sh"}, "region": {"startLine": 101}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`"}, "properties": {"repobilityId": 96864, "scanner": "repobility-supply-chain", "fingerprint": "9715ceb8da8f5a531b1e44e3a7102481c04a2262211366d5d3404789245c8316", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9715ceb8da8f5a531b1e44e3a7102481c04a2262211366d5d3404789245c8316"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/check_stub_files_diff.yaml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96863, "scanner": "repobility-supply-chain", "fingerprint": "cd70865a1c6552fc6ecf9bc8394abf14ddbb260c2919b69ba66a8ad5bd240aa0", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cd70865a1c6552fc6ecf9bc8394abf14ddbb260c2919b69ba66a8ad5bd240aa0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/check_stub_files_diff.yaml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `peter-evans/create-pull-request` pinned to mutable ref `@v8`"}, "properties": {"repobilityId": 96862, "scanner": "repobility-supply-chain", "fingerprint": "d231891bd78fa1bd5e225736077b4317c3abd5a346fba65cec9008babd248ec5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d231891bd78fa1bd5e225736077b4317c3abd5a346fba65cec9008babd248ec5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/update_pixi_lock_files.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`"}, "properties": {"repobilityId": 96861, "scanner": "repobility-supply-chain", "fingerprint": "801be74d17fae6f1d61f060b1f2492a144ed1eb9edad4a64076dd5eb491ebf96", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|801be74d17fae6f1d61f060b1f2492a144ed1eb9edad4a64076dd5eb491ebf96"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/update_pixi_lock_files.yml"}, "region": {"startLine": 25}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96860, "scanner": "repobility-supply-chain", "fingerprint": "5fb5fe2da381d42ac1a5ad81b7ae67e02fcb69657b7163fb64edc577760fa144", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|5fb5fe2da381d42ac1a5ad81b7ae67e02fcb69657b7163fb64edc577760fa144"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/update_pixi_lock_files.yml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`"}, "properties": {"repobilityId": 96859, "scanner": "repobility-supply-chain", "fingerprint": "04e0aeebaf48099f88405917b5b0df362133e440d1bd1716d650f49b282dd30b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|04e0aeebaf48099f88405917b5b0df362133e440d1bd1716d650f49b282dd30b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/run-code-format-checks.yaml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96858, "scanner": "repobility-supply-chain", "fingerprint": "8ba8204ad586b4f9a7f793dd66afd09368bf9a179da6aac0b6ea96334b9064f2", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8ba8204ad586b4f9a7f793dd66afd09368bf9a179da6aac0b6ea96334b9064f2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/run-code-format-checks.yaml"}, "region": {"startLine": 17}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `larsoner/circleci-artifacts-redirector-action` pinned to mutable ref `@master`"}, "properties": {"repobilityId": 96857, "scanner": "repobility-supply-chain", "fingerprint": "b0e4a09d959ec64e7b9c447ad86b6e600a9bb22e9038d18201d4a1dd3a5b6db1", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b0e4a09d959ec64e7b9c447ad86b6e600a9bb22e9038d18201d4a1dd3a5b6db1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/main.yml"}, "region": {"startLine": 18}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `cypress-io/github-action` pinned to mutable ref `@v7`"}, "properties": {"repobilityId": 96856, "scanner": "repobility-supply-chain", "fingerprint": "221c6cdefaf295b2aeaa459a3534909c2df5ca266b39eb4cd9f99885b6aa9f6c", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|221c6cdefaf295b2aeaa459a3534909c2df5ca266b39eb4cd9f99885b6aa9f6c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-javascript.yml"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`"}, "properties": {"repobilityId": 96855, "scanner": "repobility-supply-chain", "fingerprint": "63fe50f1e6667638441b4663c89db6f33997bd0f9f6a2f8c53e731726812f04d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|63fe50f1e6667638441b4663c89db6f33997bd0f9f6a2f8c53e731726812f04d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-javascript.yml"}, "region": {"startLine": 16}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96854, "scanner": "repobility-supply-chain", "fingerprint": "4c71c17d2ab240d7814d000515989562faf3dd94c23613bfc59f0ac0342c7a36", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|4c71c17d2ab240d7814d000515989562faf3dd94c23613bfc59f0ac0342c7a36"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test-javascript.yml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96853, "scanner": "repobility-supply-chain", "fingerprint": "92358a59da551b0437d7e6f52036ff7cc6b75f75be205a9e64527b30d253db02", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|92358a59da551b0437d7e6f52036ff7cc6b75f75be205a9e64527b30d253db02"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/changelog.yml"}, "region": {"startLine": 21}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/first-interaction` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 96852, "scanner": "repobility-supply-chain", "fingerprint": "9e831b0e7ccdd237e650606d30d870275d8b397d5c20ab8fef2c86c847c280f5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9e831b0e7ccdd237e650606d30d870275d8b397d5c20ab8fef2c86c847c280f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/welcome_action.yaml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`"}, "properties": {"repobilityId": 96850, "scanner": "repobility-supply-chain", "fingerprint": "d72f0617c347e10a568671fcd0a795554ac253c52bde8e02bf4c04497946f80b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d72f0617c347e10a568671fcd0a795554ac253c52bde8e02bf4c04497946f80b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/testing.yml"}, "region": {"startLine": 64}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96849, "scanner": "repobility-supply-chain", "fingerprint": "b48c105f488c87cc6d95caabebad8816d65e8f04d6558f6c83afdd557eeb8cac", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|b48c105f488c87cc6d95caabebad8816d65e8f04d6558f6c83afdd557eeb8cac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/testing.yml"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96848, "scanner": "repobility-supply-chain", "fingerprint": "9a7202645140e13827d6cbf0c45653710e93aa45ebd35679596b70a11b83ea49", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9a7202645140e13827d6cbf0c45653710e93aa45ebd35679596b70a11b83ea49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/testing.yml"}, "region": {"startLine": 50}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `codecov/codecov-action` pinned to mutable ref `@v6.0.1`"}, "properties": {"repobilityId": 96847, "scanner": "repobility-supply-chain", "fingerprint": "bf8a0610e0ea0796641642859765221db639103a428f9dad583b9ac703c07186", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bf8a0610e0ea0796641642859765221db639103a428f9dad583b9ac703c07186"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/testing.yml"}, "region": {"startLine": 40}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `prefix-dev/setup-pixi` pinned to mutable ref `@v0.9.6`"}, "properties": {"repobilityId": 96846, "scanner": "repobility-supply-chain", "fingerprint": "d9b0c4847d01b865fa9a7acc7f0e68f24b9b8578da48ae6389023e3893af0000", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d9b0c4847d01b865fa9a7acc7f0e68f24b9b8578da48ae6389023e3893af0000"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/testing.yml"}, "region": {"startLine": 28}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v6`"}, "properties": {"repobilityId": 96845, "scanner": "repobility-supply-chain", "fingerprint": "c018adb8fc6fad53c281492bf364a0471e4d791beacf87ff3fc9d16c3a73103e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c018adb8fc6fad53c281492bf364a0471e4d791beacf87ff3fc9d16c3a73103e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/testing.yml"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/astral-sh/ruff-pre-commit` pinned to mutable rev `v0.14.4`"}, "properties": {"repobilityId": 96837, "scanner": "repobility-supply-chain", "fingerprint": "816acbb5fecca7d5533654a191934e9ebdd4ea0aa43292818307ed4c1269adc3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|816acbb5fecca7d5533654a191934e9ebdd4ea0aa43292818307ed4c1269adc3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 15}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/pygrep-hooks` pinned to mutable rev `v1.10.0`"}, "properties": {"repobilityId": 96836, "scanner": "repobility-supply-chain", "fingerprint": "dae794c3e5e5b6e473c7c96caed38ffeb6b37c971f26fc31e9502521d2274baa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|dae794c3e5e5b6e473c7c96caed38ffeb6b37c971f26fc31e9502521d2274baa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v6.0.0`"}, "properties": {"repobilityId": 96835, "scanner": "repobility-supply-chain", "fingerprint": "7d6eb8afb666cf3c56fa0abc46036bcc52e657a57a1a639516377b0302928728", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7d6eb8afb666cf3c56fa0abc46036bcc52e657a57a1a639516377b0302928728"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 2}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_wrong_cols_input_type"}, "properties": {"repobilityId": 96825, "scanner": "repobility-ast-engine", "fingerprint": "ea126a0dcca8fb0ecc05be22dfd7f6eae77afcd2883f83a26366286294db7123", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ea126a0dcca8fb0ecc05be22dfd7f6eae77afcd2883f83a26366286294db7123"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 382}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_wrong_keys_length"}, "properties": {"repobilityId": 96824, "scanner": "repobility-ast-engine", "fingerprint": "50ec4391b19423ee247002bafdfe72b062a5643923f5b9697055f7627b23741a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|50ec4391b19423ee247002bafdfe72b062a5643923f5b9697055f7627b23741a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 309}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_unknown_keys"}, "properties": {"repobilityId": 96823, "scanner": "repobility-ast-engine", "fingerprint": "35723600d1fd1068741cb40db54b2b5add20f03c7c37c0c94ff176bcb96d1838", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|35723600d1fd1068741cb40db54b2b5add20f03c7c37c0c94ff176bcb96d1838"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 282}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_too_many_keys"}, "properties": {"repobilityId": 96822, "scanner": "repobility-ast-engine", "fingerprint": "d3c2754be4db26151a80832fe87e29b3043c99c4f2a1ed1125d982777759c3c1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d3c2754be4db26151a80832fe87e29b3043c99c4f2a1ed1125d982777759c3c1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 229}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_no_keys"}, "properties": {"repobilityId": 96821, "scanner": "repobility-ast-engine", "fingerprint": "71b2c3ab6fa4e5c0e32eda3d3d20107de8dbfb1b315a5f663277af8fd1a9fe29", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|71b2c3ab6fa4e5c0e32eda3d3d20107de8dbfb1b315a5f663277af8fd1a9fe29"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 215}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_check_wrong_aux_table_type"}, "properties": {"repobilityId": 96820, "scanner": "repobility-ast-engine", "fingerprint": "ae847f5c39d570b283045791dd7f2355edd40ae2a4a5830624f8b384573da4d2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ae847f5c39d570b283045791dd7f2355edd40ae2a4a5830624f8b384573da4d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 147}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_wrong_main_table"}, "properties": {"repobilityId": 96819, "scanner": "repobility-ast-engine", "fingerprint": "ec98ef61a39bebe406b6ea539c8d9127ab4449817dae05ae804faab376e99cb9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ec98ef61a39bebe406b6ea539c8d9127ab4449817dae05ae804faab376e99cb9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_wrong_aux_tables"}, "properties": {"repobilityId": 96818, "scanner": "repobility-ast-engine", "fingerprint": "98cbfcbcc68c0a658d2cf29916cca3e70f89b526bdb6ddde2fec986ea647e212", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|98cbfcbcc68c0a658d2cf29916cca3e70f89b526bdb6ddde2fec986ea647e212"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_simple_fit_transform"}, "properties": {"repobilityId": 96817, "scanner": "repobility-ast-engine", "fingerprint": "2a047d21c0c3ecb18b12897203768c87a02413dda65c5164b7f0102bb7c5eccc", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2a047d21c0c3ecb18b12897203768c87a02413dda65c5164b7f0102bb7c5eccc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_multi_agg_joiner.py"}, "region": {"startLine": 27}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_error_dispatch"}, "properties": {"repobilityId": 96815, "scanner": "repobility-ast-engine", "fingerprint": "d2a7352cf02cef149cee05e2fd1d8bf44a201b844dc6ce50417647729b03afb5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d2a7352cf02cef149cee05e2fd1d8bf44a201b844dc6ce50417647729b03afb5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_to_datetime.py"}, "region": {"startLine": 235}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_polars_date_columns"}, "properties": {"repobilityId": 96814, "scanner": "repobility-ast-engine", "fingerprint": "de14fce33c0b00cbd5dc029e07096b08b9e205f7ea1dad22177de4b5231d4825", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|de14fce33c0b00cbd5dc029e07096b08b9e205f7ea1dad22177de4b5231d4825"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_to_datetime.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_fit_object_column"}, "properties": {"repobilityId": 96813, "scanner": "repobility-ast-engine", "fingerprint": "b4dc4c28c37fafafb344a325fa4f39d7fd1867dfdf0cfaab2cb22ab0fbb85692", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|b4dc4c28c37fafafb344a325fa4f39d7fd1867dfdf0cfaab2cb22ab0fbb85692"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_to_datetime.py"}, "region": {"startLine": 181}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_rejected_columns"}, "properties": {"repobilityId": 96812, "scanner": "repobility-ast-engine", "fingerprint": "e832629a316e775d5cfe1c9f4dcb72119394fbddfd25e5d7debe5769e08b6ec5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e832629a316e775d5cfe1c9f4dcb72119394fbddfd25e5d7debe5769e08b6ec5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_to_datetime.py"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_function_docstrings"}, "properties": {"repobilityId": 96811, "scanner": "repobility-ast-engine", "fingerprint": "9e5d9a62daa3e148dc87b277bdad1bd407046b7192a49821eeec7bd80ea47c28", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9e5d9a62daa3e148dc87b277bdad1bd407046b7192a49821eeec7bd80ea47c28"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_docstrings.py"}, "region": {"startLine": 221}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_estimator_docstrings"}, "properties": {"repobilityId": 96810, "scanner": "repobility-ast-engine", "fingerprint": "d83260a0872597dbd97e1c80245f93b03a7a637c5c971b60edcceb3afdf95644", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d83260a0872597dbd97e1c80245f93b03a7a637c5c971b60edcceb3afdf95644"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_docstrings.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_transform_error_on_float_data"}, "properties": {"repobilityId": 96809, "scanner": "repobility-ast-engine", "fingerprint": "c42f4ae428471d366e4e8436e8c57f366be91d2add1128cd17a10d00d0848197", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c42f4ae428471d366e4e8436e8c57f366be91d2add1128cd17a10d00d0848197"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_text_encoder.py"}, "region": {"startLine": 154}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_transform_equal_fit_transform"}, "properties": {"repobilityId": 96808, "scanner": "repobility-ast-engine", "fingerprint": "dae8c41d8b065b0d831b7709b16be7a55722d1ef75b805fd4b43c8272e5a974b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dae8c41d8b065b0d831b7709b16be7a55722d1ef75b805fd4b43c8272e5a974b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_text_encoder.py"}, "region": {"startLine": 146}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_wrong_model_name"}, "properties": {"repobilityId": 96807, "scanner": "repobility-ast-engine", "fingerprint": "85542b4136c9f7c0a6bd634f55b1ae0609a1132fd46e05783eabfbeb4b2ec96f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|85542b4136c9f7c0a6bd634f55b1ae0609a1132fd46e05783eabfbeb4b2ec96f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_text_encoder.py"}, "region": {"startLine": 140}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_wrong_parameters"}, "properties": {"repobilityId": 96806, "scanner": "repobility-ast-engine", "fingerprint": "0b2f8accb50f02c5b2869817f79b08918d4405a20f8652556ea1b57389dca267", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0b2f8accb50f02c5b2869817f79b08918d4405a20f8652556ea1b57389dca267"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_text_encoder.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_not_a_series_with_string"}, "properties": {"repobilityId": 96805, "scanner": "repobility-ast-engine", "fingerprint": "49cdad84600a1bd27cbd88563fa935ad74d4ded2b8f6947eef4970cf9cf3ff99", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|49cdad84600a1bd27cbd88563fa935ad74d4ded2b8f6947eef4970cf9cf3ff99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_text_encoder.py"}, "region": {"startLine": 84}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_not_a_series"}, "properties": {"repobilityId": 96804, "scanner": "repobility-ast-engine", "fingerprint": "10fa0592873c12ceebc221ff73d7c1b07714af2a4db5265ec5a27ee47dbe7313", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|10fa0592873c12ceebc221ff73d7c1b07714af2a4db5265ec5a27ee47dbe7313"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_text_encoder.py"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_missing_import_error"}, "properties": {"repobilityId": 96803, "scanner": "repobility-ast-engine", "fingerprint": "4e2d282d72c1a1725c3d2b0d4577f5f927ac5364c9d186fd70888aa8e6a9976c", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4e2d282d72c1a1725c3d2b0d4577f5f927ac5364c9d186fd70888aa8e6a9976c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_text_encoder.py"}, "region": {"startLine": 48}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_check_fitted_super_vectorizer"}, "properties": {"repobilityId": 96802, "scanner": "repobility-ast-engine", "fingerprint": "7f8d317c99b841110930901c7f4018c476b9ed089f7b342a58bb140ff39a5879", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7f8d317c99b841110930901c7f4018c476b9ed089f7b342a58bb140ff39a5879"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_similarity_encoder.py"}, "region": {"startLine": 330}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_similarity_encoder"}, "properties": {"repobilityId": 96801, "scanner": "repobility-ast-engine", "fingerprint": "635750331ebe222ec87a3ef38c7591f84324f5fde2be33942498864b471acdc4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|635750331ebe222ec87a3ef38c7591f84324f5fde2be33942498864b471acdc4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_similarity_encoder.py"}, "region": {"startLine": 172}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_parameters"}, "properties": {"repobilityId": 96800, "scanner": "repobility-ast-engine", "fingerprint": "e57f52dfdf7acf62d61bb96a34f2c6166e3e43bf5379d61d01661f8bdae810a9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e57f52dfdf7acf62d61bb96a34f2c6166e3e43bf5379d61d01661f8bdae810a9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_similarity_encoder.py"}, "region": {"startLine": 58}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.all_outputs_` used but never assigned in __init__"}, "properties": {"repobilityId": 96782, "scanner": "repobility-ast-engine", "fingerprint": "399d65067cbdc0a4653765700095a4f76ba6d3bb235e6385828d2f76027d4c00", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|399d65067cbdc0a4653765700095a4f76ba6d3bb235e6385828d2f76027d4c00"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 220}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._transformed_output_names` used but never assigned in __init__"}, "properties": {"repobilityId": 96781, "scanner": "repobility-ast-engine", "fingerprint": "352189fb9527119dd35fb2cfe88e76a017bd27772adfb53a1278d698e1dfaa1f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|352189fb9527119dd35fb2cfe88e76a017bd27772adfb53a1278d698e1dfaa1f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 219}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.created_outputs_` used but never assigned in __init__"}, "properties": {"repobilityId": 96780, "scanner": "repobility-ast-engine", "fingerprint": "197c50e3c9ce48eb00e8c502622b8227a3a4a8f0ef65887dc4cda0d84d7e1e4e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|197c50e3c9ce48eb00e8c502622b8227a3a4a8f0ef65887dc4cda0d84d7e1e4e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 219}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._columns` used but never assigned in __init__"}, "properties": {"repobilityId": 96779, "scanner": "repobility-ast-engine", "fingerprint": "98d9cc091c94b6e15b1b21c083c40c959b18e2ab52ad550a114dbad4d3484e8a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|98d9cc091c94b6e15b1b21c083c40c959b18e2ab52ad550a114dbad4d3484e8a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 218}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.used_inputs_` used but never assigned in __init__"}, "properties": {"repobilityId": 96778, "scanner": "repobility-ast-engine", "fingerprint": "5f056decdfb33614026311c0e521ccf96ba357b5a4ab893fc8bf39125ed8b991", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f056decdfb33614026311c0e521ccf96ba357b5a4ab893fc8bf39125ed8b991"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 218}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._columns` used but never assigned in __init__"}, "properties": {"repobilityId": 96777, "scanner": "repobility-ast-engine", "fingerprint": "f067555ce69a703aeec430bb0a4113b71c978ae9fb024511599fdb4f84af45a2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f067555ce69a703aeec430bb0a4113b71c978ae9fb024511599fdb4f84af45a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 196}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._columns` used but never assigned in __init__"}, "properties": {"repobilityId": 96776, "scanner": "repobility-ast-engine", "fingerprint": "610fe86aebdd39675db927cab0e72022fa2fdb3e588ad49ca7ee8d0b3a66c1eb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|610fe86aebdd39675db927cab0e72022fa2fdb3e588ad49ca7ee8d0b3a66c1eb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 189}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.all_inputs_` used but never assigned in __init__"}, "properties": {"repobilityId": 96775, "scanner": "repobility-ast-engine", "fingerprint": "c3bfad85187f61665bc54d6879369d7768190f9eb1625928584a76f32f0afd38", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c3bfad85187f61665bc54d6879369d7768190f9eb1625928584a76f32f0afd38"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 188}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.fit_transform` used but never assigned in __init__"}, "properties": {"repobilityId": 96774, "scanner": "repobility-ast-engine", "fingerprint": "edf2f998c251fe9c7dd493dcc59a0a9e1bdc90df962895b6e98c18034d1528e2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|edf2f998c251fe9c7dd493dcc59a0a9e1bdc90df962895b6e98c18034d1528e2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_apply_to_sub_frame.py"}, "region": {"startLine": 165}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_out_` used but never assigned in __init__"}, "properties": {"repobilityId": 96773, "scanner": "repobility-ast-engine", "fingerprint": "5893233f10b78680c970dafb1e26c98c89152a3081c367718437672e75d1df68", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5893233f10b78680c970dafb1e26c98c89152a3081c367718437672e75d1df68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 172}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.module_name_` used but never assigned in __init__"}, "properties": {"repobilityId": 96772, "scanner": "repobility-ast-engine", "fingerprint": "6373e2f705566725666b2312b79a64dceff7fb023b94f97fb5088e90c4d72819", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6373e2f705566725666b2312b79a64dceff7fb023b94f97fb5088e90c4d72819"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 135}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_in_` used but never assigned in __init__"}, "properties": {"repobilityId": 96771, "scanner": "repobility-ast-engine", "fingerprint": "bd64810e17ccbdf63f6538a15b3efb8368c72a9bee1748eebc70751c8fbd8b9d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bd64810e17ccbdf63f6538a15b3efb8368c72a9bee1748eebc70751c8fbd8b9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_out_` used but never assigned in __init__"}, "properties": {"repobilityId": 96770, "scanner": "repobility-ast-engine", "fingerprint": "fd7ad9f4747bfc77b04ba54b84a5855298f6c3f953c86b2e91197db68fbc0ffb", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|fd7ad9f4747bfc77b04ba54b84a5855298f6c3f953c86b2e91197db68fbc0ffb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 151}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_out_` used but never assigned in __init__"}, "properties": {"repobilityId": 96769, "scanner": "repobility-ast-engine", "fingerprint": "69484be7eb03415f260ec1d74a2aa6e131faee9699e8a769f041168d2433475f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|69484be7eb03415f260ec1d74a2aa6e131faee9699e8a769f041168d2433475f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 150}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_in_` used but never assigned in __init__"}, "properties": {"repobilityId": 96768, "scanner": "repobility-ast-engine", "fingerprint": "376b77dc78e8f86545baad440b8481266e46c7c1174dc44a7656c9137a4e541f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|376b77dc78e8f86545baad440b8481266e46c7c1174dc44a7656c9137a4e541f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 140}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.module_name_` used but never assigned in __init__"}, "properties": {"repobilityId": 96767, "scanner": "repobility-ast-engine", "fingerprint": "8995ea42167e2e86617e8969aa71567b1da0b591bd210c10521b97673b0aba49", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8995ea42167e2e86617e8969aa71567b1da0b591bd210c10521b97673b0aba49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._handle_array` used but never assigned in __init__"}, "properties": {"repobilityId": 96766, "scanner": "repobility-ast-engine", "fingerprint": "0f3a7c73826514af19b4b0336d49729a2cd513306548fbd24d483da2d6e03998", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0f3a7c73826514af19b4b0336d49729a2cd513306548fbd24d483da2d6e03998"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 130}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_out_` used but never assigned in __init__"}, "properties": {"repobilityId": 96765, "scanner": "repobility-ast-engine", "fingerprint": "11b36142855a0318b02c4c2b2fd70135c471b83110823d3d09f6e45d14140f4e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|11b36142855a0318b02c4c2b2fd70135c471b83110823d3d09f6e45d14140f4e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_out_` used but never assigned in __init__"}, "properties": {"repobilityId": 96764, "scanner": "repobility-ast-engine", "fingerprint": "5f18479138b991d0030f6a767ad5a5b2cadc44e0ff7f1c442ab7d0d69b40fc0d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5f18479138b991d0030f6a767ad5a5b2cadc44e0ff7f1c442ab7d0d69b40fc0d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 123}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._handle_array` used but never assigned in __init__"}, "properties": {"repobilityId": 96763, "scanner": "repobility-ast-engine", "fingerprint": "3e0bf4a1418b240f1252da06ac063d3eb7a470425b140abd90bdf30952ebecce", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3e0bf4a1418b240f1252da06ac063d3eb7a470425b140abd90bdf30952ebecce"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 114}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_out_` used but never assigned in __init__"}, "properties": {"repobilityId": 96762, "scanner": "repobility-ast-engine", "fingerprint": "bc4daed828af952ee39a9f2b4328aaaf464a0258e45f88f1fc792f95b4aeb44a", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bc4daed828af952ee39a9f2b4328aaaf464a0258e45f88f1fc792f95b4aeb44a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 122}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.n_features_in_` used but never assigned in __init__"}, "properties": {"repobilityId": 96761, "scanner": "repobility-ast-engine", "fingerprint": "3e835773e73c9cb7df491f2230d288c2d5d303fa8b090c4768defe91709127a2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|3e835773e73c9cb7df491f2230d288c2d5d303fa8b090c4768defe91709127a2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 121}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.feature_names_in_` used but never assigned in __init__"}, "properties": {"repobilityId": 96760, "scanner": "repobility-ast-engine", "fingerprint": "855eecb25bbc27f544610b05cee2a8da57705e7d17606c6241a5ccd365d8ac17", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|855eecb25bbc27f544610b05cee2a8da57705e7d17606c6241a5ccd365d8ac17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 120}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.module_name_` used but never assigned in __init__"}, "properties": {"repobilityId": 96759, "scanner": "repobility-ast-engine", "fingerprint": "0e25b4cefc9641f7e052d28c4f67241f6ff3f79e93a7758da7d2667ed0a61fa1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0e25b4cefc9641f7e052d28c4f67241f6ff3f79e93a7758da7d2667ed0a61fa1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 116}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.fit_transform` used but never assigned in __init__"}, "properties": {"repobilityId": 96758, "scanner": "repobility-ast-engine", "fingerprint": "50caef95086254e99bfd55693cdd58da4680d771e3dd57c3f885ac0076c3c0e3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|50caef95086254e99bfd55693cdd58da4680d771e3dd57c3f885ac0076c3c0e3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_check_input.py"}, "region": {"startLine": 109}}}]}, {"ruleId": "MINED030", "level": "error", "message": {"text": "[MINED030] Python Pickle Loads: pickle.loads() can execute arbitrary code via __reduce__."}, "properties": {"repobilityId": 96882, "scanner": "repobility-threat-engine", "fingerprint": "11e158236c69453c4459dd482a4422a2562c7a72e1f7ecfa398d1faf5496bcf8", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "python-pickle-loads", "owasp": null, "cwe_ids": ["CWE-502"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347968+00:00", "triaged_in_corpus": 20, "observations_count": 6314, "ai_coder_pattern_id": 119}, "scanner": "repobility-threat-engine", "correlation_key": "fp|11e158236c69453c4459dd482a4422a2562c7a72e1f7ecfa398d1faf5496bcf8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tutorials/1110_data_ops_intro.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "MINED018", "level": "error", "message": {"text": "[MINED018] Unsafe Deserialization Pickle: pickle.loads / yaml.load (without Loader=SafeLoader) / unmarshal of network/file data \u2014 RCE."}, "properties": {"repobilityId": 96881, "scanner": "repobility-threat-engine", "fingerprint": "2c5ecfce75abbfe409543c4da31620ee06c43ea6a4e028307a14687a68954805", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "unsafe-deserialization-pickle", "owasp": "A08:2021", "cwe_ids": ["CWE-502"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347940+00:00", "triaged_in_corpus": 20, "observations_count": 58759, "ai_coder_pattern_id": 32}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2c5ecfce75abbfe409543c4da31620ee06c43ea6a4e028307a14687a68954805"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tutorials/1110_data_ops_intro.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "SEC081", "level": "error", "message": {"text": "[SEC081] Python: pickle.loads / marshal.loads on untrusted data: pickle.load(s) and marshal.load(s) execute arbitrary code on untrusted input. Ported from dlint DUO103 / DUO120 (BSD-3)."}, "properties": {"repobilityId": 96880, "scanner": "repobility-threat-engine", "fingerprint": "9342c899e75e9b03fa54cca8811acd5c008d214c319909d3bf14e9bfe350ce59", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "pickle.loads(", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC081", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|9342c899e75e9b03fa54cca8811acd5c008d214c319909d3bf14e9bfe350ce59"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "doc/tutorials/1110_data_ops_intro.py"}, "region": {"startLine": 173}}}]}, {"ruleId": "MINED116", "level": "error", "message": {"text": "Workflow uses `secrets.CODECOV_TOKEN` on a `pull_request` trigger"}, "properties": {"repobilityId": 96851, "scanner": "repobility-supply-chain", "fingerprint": "58c515b2838210c1630b9929c2efcdae722c667ba6a678b9ae5c1d23fa03a48e", "category": "dependency", "severity": "critical", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-pull-request-secrets", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|58c515b2838210c1630b9929c2efcdae722c667ba6a678b9ae5c1d23fa03a48e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/testing.yml"}, "region": {"startLine": 42}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `array` used but not imported"}, "properties": {"repobilityId": 96831, "scanner": "repobility-ast-engine", "fingerprint": "a3e221968393f6d4062a33f58e9bd9736c53ab48c6addf0ecfa8d0e90d52df41", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|a3e221968393f6d4062a33f58e9bd9736c53ab48c6addf0ecfa8d0e90d52df41"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_dataframe/tests/test_common.py"}, "region": {"startLine": 111}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `random` used but not imported"}, "properties": {"repobilityId": 96830, "scanner": "repobility-ast-engine", "fingerprint": "bf8bc429fbf13c8eca291bb62b49a7ef98f8be119c611db147869fd3c35d64f9", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bf8bc429fbf13c8eca291bb62b49a7ef98f8be119c611db147869fd3c35d64f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_data_ops/tests/test_data_ops.py"}, "region": {"startLine": 387}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `html` used but not imported"}, "properties": {"repobilityId": 96828, "scanner": "repobility-ast-engine", "fingerprint": "cb2fe41d5027dbe4ea8c529861e8ecf7e0ee3c5d7a3759a330dd40cfefdaeba3", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cb2fe41d5027dbe4ea8c529861e8ecf7e0ee3c5d7a3759a330dd40cfefdaeba3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_reporting/_table_report.py"}, "region": {"startLine": 444}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `queue` used but not imported"}, "properties": {"repobilityId": 96827, "scanner": "repobility-ast-engine", "fingerprint": "0022c80efa8198fa63c701cf030bd97470ad6f03bc4a261e165ea1a379a53700", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0022c80efa8198fa63c701cf030bd97470ad6f03bc4a261e165ea1a379a53700"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_reporting/_serve.py"}, "region": {"startLine": 66}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `select` used but not imported"}, "properties": {"repobilityId": 96826, "scanner": "repobility-ast-engine", "fingerprint": "7eafaa899069ff52eb3b0a584735e74c30a8f9ee2216d5159a51b0f06aa1a341", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|7eafaa899069ff52eb3b0a584735e74c30a8f9ee2216d5159a51b0f06aa1a341"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_select_cols.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `datetime` used but not imported"}, "properties": {"repobilityId": 96816, "scanner": "repobility-ast-engine", "fingerprint": "6fd2a995bd7a47b4005d41f9107eb0a6b4526321f1c5cc7bb271b4d6507e5a76", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|6fd2a995bd7a47b4005d41f9107eb0a6b4526321f1c5cc7bb271b4d6507e5a76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/tests/test_to_datetime.py"}, "region": {"startLine": 195}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `string` used but not imported"}, "properties": {"repobilityId": 96786, "scanner": "repobility-ast-engine", "fingerprint": "1133b85a187776f84d1ae218557e44afc4f5d9c6e8926e5bd9f450f486e3a0d9", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1133b85a187776f84d1ae218557e44afc4f5d9c6e8926e5bd9f450f486e3a0d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_string_distances.py"}, "region": {"startLine": 78}}}]}, {"ruleId": "MINED107", "level": "error", "message": {"text": "Missing import: `string` used but not imported"}, "properties": {"repobilityId": 96785, "scanner": "repobility-ast-engine", "fingerprint": "ee101d46dca21b6b4c3d37b7899e0e068fbd83a0fea2e9d9e1c554915e0b5c86", "category": "quality", "severity": "critical", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "missing-import-python", "owasp": "A06:2021", "cwe_ids": ["CWE-1075"], "languages": ["python"], "observations_count": 2192}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ee101d46dca21b6b4c3d37b7899e0e068fbd83a0fea2e9d9e1c554915e0b5c86"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "skrub/_fast_hash.py"}, "region": {"startLine": 81}}}]}]}]}