https://github.com/HKUDS/RAG-Anything.git ·
lang: python ·
LOC: ·
source: user_submitted
| Rule | Severity | Count |
|---|---|---|
MINED111 Bare except continues silently |
medium | 25 |
MINED108 self.attribute used but never assigned in __init__ |
high | 25 |
MINED106 Phantom test coverage (assertion-free test) |
high | 25 |
MINED109 Mutable default argument |
medium | 11 |
MINED115 GitHub Action pinned to mutable ref (not 40-char SHA) |
high | 10 |
MINED124 requirements.txt entry has no version pin |
medium | 4 |
COMP001 [COMP001] High cognitive complexity: Function `load_yfinanc… |
low | 4 |
SEC020 Secret Printed to Logs |
high | 4 |
MINED131 pre-commit hook pinned to branch/tag instead of SHA |
high | 3 |
MINED050 Stub Only Function |
info | 2 |
MINED107
Missing Python import (NameError at runtime)
CWE-1075
raganything/enhanced_markdown.py:299
· conf 1.00
[MINED107] Missing import: `html` used but not imported: The file uses `html.something(...)` but never imports `html`. This raises NameError at runtime the first time the line executes.MINED107
Missing Python import (NameError at runtime)
CWE-1075
raganything/parser.py:838
· conf 1.00
[MINED107] Missing import: `queue` used but not imported: The file uses `queue.something(...)` but never imports `queue`. This raises NameError at runtime the first time the line executes.MINED001
Bare Except Pass
CWE-755
examples/lmstudio_integration_example.py:131
· conf 1.00
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.MINED001
Bare Except Pass
CWE-755
raganything/__init__.py:41
· conf 1.00
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/image_format_test.py:55
· conf 1.00
[MINED106] Phantom test coverage: test_image_format_parsing: Test function `test_image_format_parsing` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Add…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/lmstudio_integration_example.py:102
· conf 1.00
[MINED106] Phantom test coverage: test_connection: Test function `test_connection` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage with…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/lmstudio_integration_example.py:134
· conf 1.00
[MINED106] Phantom test coverage: test_chat_completion: Test function `test_chat_completion` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line cov…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/minimax_integration_example.py:150
· conf 1.00
[MINED106] Phantom test coverage: test_connection: Test function `test_connection` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage with…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/minimax_integration_example.py:195
· conf 1.00
[MINED106] Phantom test coverage: test_chat_completion: Test function `test_chat_completion` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line cov…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/office_document_test.py:49
· conf 1.00
[MINED106] Phantom test coverage: test_office_document_parsing: Test function `test_office_document_parsing` runs code but contains no assert / expect / should call — it passes regardless of behaviou…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/ollama_integration_example.py:108
· conf 1.00
[MINED106] Phantom test coverage: test_connection: Test function `test_connection` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage with…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/ollama_integration_example.py:137
· conf 1.00
[MINED106] Phantom test coverage: test_embedding: Test function `test_embedding` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage withou…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/ollama_integration_example.py:159
· conf 1.00
[MINED106] Phantom test coverage: test_chat: Test function `test_chat` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage without verifyin…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/text_format_test.py:38
· conf 1.00
[MINED106] Phantom test coverage: test_text_format_parsing: Test function `test_text_format_parsing` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds …MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/vllm_integration_example.py:124
· conf 1.00
[MINED106] Phantom test coverage: test_connection: Test function `test_connection` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage with…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/vllm_integration_example.py:157
· conf 1.00
[MINED106] Phantom test coverage: test_chat_completion: Test function `test_chat_completion` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line cov…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_chinese_cid_font.py:18
· conf 1.00
[MINED106] Phantom test coverage: test_stsong_light_is_valid_cid_font: Test function `test_stsong_light_is_valid_cid_font` runs code but contains no assert / expect / should call — it passes regardle…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_chinese_cid_font.py:27
· conf 1.00
[MINED106] Phantom test coverage: test_invalid_cid_font_names_raise: Test function `test_invalid_cid_font_names_raise` runs code but contains no assert / expect / should call — it passes regardless o…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_chinese_cid_font.py:36
· conf 1.00
[MINED106] Phantom test coverage: test_all_valid_cid_cjk_font_names: Test function `test_all_valid_cid_cjk_font_names` runs code but contains no assert / expect / should call — it passes regardless o…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_close_event_loop.py:90
· conf 1.00
[MINED106] Phantom test coverage: test_finalize_raises: Test function `test_finalize_raises` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line cov…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_core_modules.py:106
· conf 1.00
[MINED106] Phantom test coverage: test_deprecated_mineru_parse_method: Test function `test_deprecated_mineru_parse_method` runs code but contains no assert / expect / should call — it passes regardle…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_core_modules.py:368
· conf 1.00
[MINED106] Phantom test coverage: test_invalid_parser_type: Test function `test_invalid_parser_type` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds …MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/testpaddleocr_parser.py:18
· conf 1.00
[MINED106] Phantom test coverage: test_get_parser_rejects_unknown_parser: Test function `test_get_parser_rejects_unknown_parser` runs code but contains no assert / expect / should call — it passes re…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/testpaddleocr_parser.py:59
· conf 1.00
[MINED106] Phantom test coverage: test_parse_pdf_raises_import_error_when_pdf_renderer_missing: Test function `test_parse_pdf_raises_import_error_when_pdf_renderer_missing` runs code but contains no …MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/testparser_kwargs.py:84
· conf 1.00
[MINED106] Phantom test coverage: test_docling_env_accepted_but_ignored: Test function `test_docling_env_accepted_but_ignored` runs code but contains no assert / expect / should call — it passes rega…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/testparser_kwargs.py:113
· conf 1.00
[MINED106] Phantom test coverage: test_docling_unknown_kwargs: Test function `test_docling_unknown_kwargs` runs code but contains no assert / expect / should call — it passes regardless of behaviour.…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/testparser_kwargs.py:129
· conf 1.00
[MINED106] Phantom test coverage: test_invalid_env_type: Test function `test_invalid_env_type` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line c…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/testparser_kwargs.py:144
· conf 1.00
[MINED106] Phantom test coverage: test_invalid_env_contents: Test function `test_invalid_env_contents` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Add…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_prompt_language.py:41
· conf 1.00
[MINED106] Phantom test coverage: test_unknown_language_raises: Test function `test_unknown_language_raises` runs code but contains no assert / expect / should call — it passes regardless of behaviou…MINED108
self.attribute used but never assigned in __init__
CWE-476
examples/lmstudio_integration_example.py:183
· conf 1.00
[MINED108] `self.embedding_func_factory` used but never assigned in __init__: Method `initialize_rag` of class `LMStudioRAGIntegration` reads `self.embedding_func_factory`, but no assignment to it ex…MINED108
self.attribute used but never assigned in __init__
CWE-476
examples/minimax_integration_example.py:223
· conf 1.00
[MINED108] `self._make_embedding_func` used but never assigned in __init__: Method `initialize_rag` of class `MiniMaxRAGIntegration` reads `self._make_embedding_func`, but no assignment to it exists …MINED108
self.attribute used but never assigned in __init__
CWE-476
examples/ollama_integration_example.py:184
· conf 1.00
[MINED108] `self._make_embedding_func` used but never assigned in __init__: Method `initialize_rag` of class `OllamaRAGIntegration` reads `self._make_embedding_func`, but no assignment to it exists i…MINED108
self.attribute used but never assigned in __init__
CWE-476
examples/vllm_integration_example.py:204
· conf 1.00
[MINED108] `self.embedding_func_factory` used but never assigned in __init__: Method `initialize_rag` of class `VLLMRAGIntegration` reads `self.embedding_func_factory`, but no assignment to it exists…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:44
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `setup_logging` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no class-level …MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:210
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `fix_json_format` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no class-leve…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:281
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `create_fallback_evaluation` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:301
· conf 1.00
[MINED108] `self.get_accuracy_evaluation_prompt` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.get_accuracy_evaluation_prompt`, but no…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:309
· conf 1.00
[MINED108] `self.get_comprehensive_evaluation_prompt` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.get_comprehensive_evaluation_promp…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:317
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:318
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:338
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:361
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:365
· conf 1.00
[MINED108] `self.fix_json_format` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.fix_json_format`, but no assignment to it exists in __…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:370
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:373
· conf 1.00
[MINED108] `self.create_fallback_evaluation` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.create_fallback_evaluation`, but no assignm…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:384
· conf 1.00
[MINED108] `self.fix_json_format` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.fix_json_format`, but no assignment to it exists in __…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:389
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:392
· conf 1.00
[MINED108] `self.create_fallback_evaluation` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.create_fallback_evaluation`, but no assignm…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:417
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:425
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:445
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_single_answer` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no cla…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:470
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_rag_results` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no class…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:478
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_rag_results` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no class…MINED108
self.attribute used but never assigned in __init__
CWE-476
reproduce/llm_answer_evaluator.py:481
· conf 1.00
[MINED108] `self.logger` used but never assigned in __init__: Method `evaluate_rag_results` of class `LLMAnswerEvaluator` reads `self.logger`, but no assignment to it exists in __init__ (and no class…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/linting.yaml:17
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v2`: `uses: actions/checkout@v2` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/linting.yaml:20
· conf 0.90
[MINED115] Action `actions/setup-python` pinned to mutable ref `@v2`: `uses: actions/setup-python@v2` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/linting.yaml:33
· conf 0.90
[MINED115] Action `stefanzweifel/git-auto-commit-action` pinned to mutable ref `@v5`: `uses: stefanzweifel/git-auto-commit-action@v5` resolves at workflow-run time. Tags and branches can be re-pushed…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/pypi-publish.yml:15
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/pypi-publish.yml:16
· conf 0.90
[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/pypi-publish.yml:27
· conf 0.90
[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/pypi-publish.yml:44
· conf 0.90
[MINED115] Action `actions/download-artifact` pinned to mutable ref `@v4`: `uses: actions/download-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/pypi-publish.yml:50
· conf 0.90
[MINED115] Action `pypa/gh-action-pypi-publish` pinned to mutable ref `@release/v1`: `uses: pypa/gh-action-pypi-publish@release/v1` resolves at workflow-run time. Tags and branches can be re-pushed b…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/test.yaml:20
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/test.yaml:23
· conf 0.90
[MINED115] Action `actions/setup-python` pinned to mutable ref `@v5`: `uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made …MINED131
pre-commit hook pinned to branch/tag instead of SHA
CWE-829
.pre-commit-config.yaml:2
· conf 0.90
[MINED131] pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v5.0.0`: `.pre-commit-config.yaml` references `https://github.com/pre-commit/pre-commit-hooks` at `r…MINED131
pre-commit hook pinned to branch/tag instead of SHA
CWE-829
.pre-commit-config.yaml:8
· conf 0.90
[MINED131] pre-commit hook `https://github.com/astral-sh/ruff-pre-commit` pinned to mutable rev `v0.6.4`: `.pre-commit-config.yaml` references `https://github.com/astral-sh/ruff-pre-commit` at `rev: …MINED131
pre-commit hook pinned to branch/tag instead of SHA
CWE-829
.pre-commit-config.yaml:15
· conf 0.90
[MINED131] pre-commit hook `https://github.com/mgedmin/check-manifest` pinned to mutable rev `0.49`: `.pre-commit-config.yaml` references `https://github.com/mgedmin/check-manifest` at `rev: 0.49`. I…COMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
raganything/asset_urls.py:65
· conf 0.95
[COMP001] High cognitive complexity: Function `attach_public_media_urls` has cognitive complexity 20 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to underst…ERR001
[ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
examples/lmstudio_integration_example.py:131
· conf 0.45
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.MINED109
Mutable default argument
CWE-1023
examples/insert_content_list_example.py:202
· conf 1.00
[MINED109] Mutable default argument in `llm_model_func` (list): `def llm_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all …MINED109
Mutable default argument
CWE-1023
examples/insert_content_list_example.py:214
· conf 1.00
[MINED109] Mutable default argument in `vision_model_func` (list): `def vision_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared acros…MINED109
Mutable default argument
CWE-1023
examples/modalprocessors_example.py:25
· conf 1.00
[MINED109] Mutable default argument in `<lambda>` (list): `def <lambda>(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all calls. Mutat…MINED109
Mutable default argument
CWE-1023
examples/modalprocessors_example.py:42
· conf 1.00
[MINED109] Mutable default argument in `<lambda>` (list): `def <lambda>(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all calls. Mutat…MINED109
Mutable default argument
CWE-1023
examples/modalprocessors_example.py:186
· conf 1.00
[MINED109] Mutable default argument in `<lambda>` (list): `def <lambda>(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all calls. Mutat…MINED109
Mutable default argument
CWE-1023
examples/raganything_example.py:123
· conf 1.00
[MINED109] Mutable default argument in `llm_model_func` (list): `def llm_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all …MINED109
Mutable default argument
CWE-1023
examples/raganything_example.py:135
· conf 1.00
[MINED109] Mutable default argument in `vision_model_func` (list): `def vision_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared acros…MINED109
Mutable default argument
CWE-1023
reproduce/index.py:119
· conf 1.00
[MINED109] Mutable default argument in `llm_model_func` (list): `def llm_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all …MINED109
Mutable default argument
CWE-1023
reproduce/index.py:131
· conf 1.00
[MINED109] Mutable default argument in `vision_model_func` (list): `def vision_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared acros…MINED109
Mutable default argument
CWE-1023
reproduce/query.py:120
· conf 1.00
[MINED109] Mutable default argument in `llm_model_func` (list): `def llm_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all …MINED109
Mutable default argument
CWE-1023
reproduce/query.py:132
· conf 1.00
[MINED109] Mutable default argument in `vision_model_func` (list): `def vision_model_func(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared acros…MINED111
Bare except continues silently
examples/batch_processing_example.py:183
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/batch_processing_example.py:230
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/batch_processing_example.py:305
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/batch_processing_example.py:312
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/batch_processing_example.py:395
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/batch_processing_example.py:482
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/image_format_test.py:51
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/image_format_test.py:186
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/image_format_test.py:228
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/lmstudio_integration_example.py:120
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/lmstudio_integration_example.py:156
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/lmstudio_integration_example.py:195
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/lmstudio_integration_example.py:214
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/lmstudio_integration_example.py:236
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/lmstudio_integration_example.py:288
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/minimax_integration_example.py:164
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/minimax_integration_example.py:190
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/minimax_integration_example.py:205
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/minimax_integration_example.py:227
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/office_document_test.py:148
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/office_document_test.py:194
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/ollama_integration_example.py:132
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/ollama_integration_example.py:155
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/text_format_test.py:150
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/text_format_test.py:192
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED124
requirements.txt entry has no version pin
CWE-1357
requirements.txt:1
· conf 0.90
[MINED124] requirements.txt: `huggingface_hub` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typ…MINED124
requirements.txt entry has no version pin
CWE-1357
requirements.txt:3
· conf 0.90
[MINED124] requirements.txt: `lightrag-hku` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosq…MINED124
requirements.txt entry has no version pin
CWE-1357
requirements.txt:5
· conf 0.90
[MINED124] requirements.txt: `mineru[core]` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosq…MINED124
requirements.txt entry has no version pin
CWE-1357
requirements.txt:7
· conf 0.90
[MINED124] requirements.txt: `tqdm` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, ac…SEC034
Log Injection / Log Forging — unsanitized user input in log
examples/raganything_example.py:227
· conf 1.00
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…SEC034
Log Injection / Log Forging — unsanitized user input in log
reproduce/query.py:261
· conf 1.00
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…WEB003
Public web service has no security.txt
.well-known/security.txt
· conf 0.78
Public web service has no security.txtCOMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
examples/minimax_integration_example.py:150
· conf 0.95
[COMP001] High cognitive complexity: Function `test_connection` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nes…COMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
raganything/prompt_manager.py:84
· conf 0.95
[COMP001] High cognitive complexity: Function `set_prompt_language` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — …COMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
[COMP001] High cognitive complexity (and 2 more): Same pattern found in 2 additional files. Review if needed.MINED043
Http Not Https
CWE-319
raganything/asset_urls.py:113
· conf 1.00
[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.MINED049
Print Pii
CWE-532
examples/minimax_integration_example.py:153
· conf 1.00
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.MINED049
Print Pii
CWE-532
scripts/create_tiktoken_cache.py:13
· conf 1.00
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.MINED050
Stub Only Function
CWE-1188
examples/lmstudio_integration_example.py:132
· conf 1.00
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.MINED050
Stub Only Function
CWE-1188
raganything/__init__.py:17
· conf 1.00
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.MINED062
Python Dataclass No Fields
raganything/config.py:12
· conf 1.00
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.MINED063
Toctou Os Path Exists
CWE-367
reproduce/query.py:231
· conf 1.00
[MINED063] Toctou Os Path Exists: if os.path.exists(p): open(p) — file can be replaced/deleted between check and use.SEC020
Secret Printed to Logs
[SEC020] Secret Printed to Logs (and 4 more): Same pattern found in 4 additional files. Review if needed.SEC020
Secret Printed to Logs
examples/lmstudio_integration_example.py:98
· conf 0.10
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
examples/minimax_integration_example.py:146
· conf 0.10
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
scripts/create_tiktoken_cache.py:13
· conf 0.15
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/507e544d-338a-43d7-8a53-56003e3386c2/.