https://github.com/HunxByts/GhostTrack.git ·
lang: python ·
LOC: ·
source: user_submitted
| Rule | Severity | Count |
|---|---|---|
MINED124 requirements.txt entry has no version pin |
medium | 2 |
MINED064 Python Input Call |
info | 1 |
CORE_NO_LICENSE No LICENSE file |
low | 1 |
MINED006 Overcatch Baseexception |
high | 1 |
MINED111 Bare except continues silently |
medium | 1 |
MINED036 Python Os System Call |
high | 1 |
CFG006 [CFG006] Missing .gitignore: No .gitignore file. Risk of co… |
medium | 1 |
CORE_NO_CI No CI/CD configuration found |
medium | 1 |
COMP001 [COMP001] High cognitive complexity: Function `load_yfinanc… |
low | 1 |
SEC078 Python: requests without timeout |
high | 1 |
MINED006
Overcatch Baseexception
CWE-705
GhostTR.py:239
· conf 1.00
[MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and SystemExit from working.MINED036
Python Os System Call
CWE-78
GhostTR.py:213
· conf 1.00
[MINED036] Python Os System Call: os.system() invokes shell with no escaping.SEC078
Python: requests without timeout
GhostTR.py:45
· conf 1.00
[SEC078] Python: requests without timeout: requests.get/post without a timeout will hang indefinitely on a non-responsive server, causing thread exhaustion and ReDoS. Ported from bandit B113 (Apache-…CFG006
[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.
[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.MINED111
Bare except continues silently
GhostTR.py:159
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED124
requirements.txt entry has no version pin
CWE-1357
requirements.txt:1
· conf 0.90
[MINED124] requirements.txt: `requests` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats…MINED124
requirements.txt entry has no version pin
CWE-1357
requirements.txt:2
· conf 0.90
[MINED124] requirements.txt: `phonenumbers` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosq…COMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
GhostTR.py:219
· conf 0.95
[COMP001] High cognitive complexity: Function `call_option` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested b…CORE_NO_LICENSE
No LICENSE file
No LICENSE fileCORE_NO_CI
No CI/CD configuration found
No CI/CD configuration foundCORE_NO_TESTS
No test files found
No test files found in a documentation, catalog, or template-heavy repositoryMINED043
Http Not Https
CWE-319
GhostTR.py:45
· conf 1.00
[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.MINED064
Python Input Call
GhostTR.py:42
· conf 1.00
[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.MINED067
Python Requests No Timeout
CWE-400
GhostTR.py:45
· conf 1.00
[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/27e5b881-b7f1-42d2-9f3e-16acbe153f37/.