diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-192610.json b/shared-context/findings/hyperpolymath-hypatia/20260525-192610.json new file mode 100644 index 00000000..1d2cf307 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-192610.json @@ -0,0 +1,394 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "cli/src/commands/batch.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "cli/src/commands/batch.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/release.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): PinnedDependenciesID -- Pinned-Dependencies -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA003 -- Hypatia code_scanning_alerts: CSA003 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "89 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9793bf7b59deadb15d942ca83856cab746bbe387", + "submitted_at": "2026-05-25T19:26:12Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-193347.json b/shared-context/findings/hyperpolymath-hypatia/20260525-193347.json new file mode 100644 index 00000000..0874ca51 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-193347.json @@ -0,0 +1,370 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/release.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): PinnedDependenciesID -- Pinned-Dependencies -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA003 -- Hypatia code_scanning_alerts: CSA003 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "89 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "b1e59f33bb808a44a2f6ead5145a1249f72b0eab", + "submitted_at": "2026-05-25T19:33:48Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-193502.json b/shared-context/findings/hyperpolymath-hypatia/20260525-193502.json new file mode 100644 index 00000000..5f2ce5e2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-193502.json @@ -0,0 +1,370 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/release.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): PinnedDependenciesID -- Pinned-Dependencies -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA003 -- Hypatia code_scanning_alerts: CSA003 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "89 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "6d1b292b8fb9ebee51d30f2b1fef2715c14a676c", + "submitted_at": "2026-05-25T19:35:04Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-194230.json b/shared-context/findings/hyperpolymath-hypatia/20260525-194230.json new file mode 100644 index 00000000..5e8bcb47 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-194230.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/release.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): PinnedDependenciesID -- Pinned-Dependencies -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA003 -- Hypatia code_scanning_alerts: CSA003 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "89 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3fae842432113c9ffeaf8dade406600435ea0e7b", + "submitted_at": "2026-05-25T19:42:32Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-221319.json b/shared-context/findings/hyperpolymath-hypatia/20260525-221319.json new file mode 100644 index 00000000..58c26ff4 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-221319.json @@ -0,0 +1,266 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "95 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "1089e94004032458a059565c7849cc17a7623238", + "submitted_at": "2026-05-25T22:13:21Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-222332.json b/shared-context/findings/hyperpolymath-hypatia/20260525-222332.json new file mode 100644 index 00000000..588909da --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-222332.json @@ -0,0 +1,266 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "95 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "59bc787788eca6752c14263e01d16f69d5c538fd", + "submitted_at": "2026-05-25T22:23:33Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-222734.json b/shared-context/findings/hyperpolymath-hypatia/20260525-222734.json new file mode 100644 index 00000000..3805a608 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-222734.json @@ -0,0 +1,266 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "95 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "fab88e3c5359d77b1fac978301f349386b161821", + "submitted_at": "2026-05-25T22:27:35Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260525-225138.json b/shared-context/findings/hyperpolymath-hypatia/20260525-225138.json new file mode 100644 index 00000000..2679f3cf --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260525-225138.json @@ -0,0 +1,266 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "95 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "44fddb9a14b7cea4a5e917a2c829b9327253e512", + "submitted_at": "2026-05-25T22:51:39Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-002301.json b/shared-context/findings/hyperpolymath-hypatia/20260526-002301.json new file mode 100644 index 00000000..fd488ba2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-002301.json @@ -0,0 +1,266 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "95 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "f471eebe44813c0abf80cab84f9168f46a7e6872", + "submitted_at": "2026-05-26T00:23:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-002815.json b/shared-context/findings/hyperpolymath-hypatia/20260526-002815.json new file mode 100644 index 00000000..ddfca603 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-002815.json @@ -0,0 +1,266 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "95 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "66fbf9325d3a7b687e7fd54192537031a6295a4f", + "submitted_at": "2026-05-26T00:28:16Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-003556.json b/shared-context/findings/hyperpolymath-hypatia/20260526-003556.json new file mode 100644 index 00000000..6a5bce05 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-003556.json @@ -0,0 +1,266 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "95 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a5e3f445958aa67e735690af821a20a26145dcab", + "submitted_at": "2026-05-26T00:35:58Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-003940.json b/shared-context/findings/hyperpolymath-hypatia/20260526-003940.json new file mode 100644 index 00000000..f365a8be --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-003940.json @@ -0,0 +1,98 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "91 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "353f0282fd8870a42de796ed19246d93ff7db68e", + "submitted_at": "2026-05-26T00:39:42Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-003952.json b/shared-context/findings/hyperpolymath-hypatia/20260526-003952.json new file mode 100644 index 00000000..3aad97ab --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-003952.json @@ -0,0 +1,98 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "91 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3253f9b5b27d50852c283011dda1d83d353bb585", + "submitted_at": "2026-05-26T00:39:55Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-004001.json b/shared-context/findings/hyperpolymath-hypatia/20260526-004001.json new file mode 100644 index 00000000..e21a658a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-004001.json @@ -0,0 +1,98 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "91 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "54d604ef83d531b2f5f8aafa6b4473eb721c84b0", + "submitted_at": "2026-05-26T00:40:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 54f03b28..88462bda 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260525-142940.json \ No newline at end of file +20260526-004001.json \ No newline at end of file