diff --git a/.hypatia-ignore b/.hypatia-ignore new file mode 100644 index 00000000..806efc8c --- /dev/null +++ b/.hypatia-ignore @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: PMPL-1.0-or-later +# .hypatia-ignore - Exemptions for banned language files (ReScript) +# These ReScript files in bots/sustainabot are legacy and approved for use +# in the sustainabot integration. See robot-repo-automaton for the migration path. + +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Analysis.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Config.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/GitHubAPI.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/GitHubApp.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Main.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Oikos.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Report.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Router.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/ServerTea.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Types.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/src/Webhook.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/bindings/Deno.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/bindings/Fetch.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Analysis.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Config.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/GitHubAPI.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/GitHubApp.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Main.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Oikos.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Report.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Router.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/ServerTea.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Types.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/lib/ocaml/Webhook.res +cicd_rules/banned_language_file:bots/sustainabot/bot-integration/rescript-runtime/package.json diff --git a/shared-context/dispatch/events.jsonl b/shared-context/dispatch/events.jsonl index a06d129b..8dcb6f40 100644 --- a/shared-context/dispatch/events.jsonl +++ b/shared-context/dispatch/events.jsonl @@ -390,3 +390,43 @@ "findings_count": "17", "event_file": "shared-context/dispatch/events/20260524-043101-26351917025-hypatia-security-alert.json" } +{ + "received_at": "2026-05-24T06:48:00Z", + "event_type": "hypatia-security-alert", + "source_repo": "hyperpolymath/rrecord-verity", + "source_sha": "unknown", + "findings_count": "2", + "event_file": "shared-context/dispatch/events/20260524-064800-26354377579-hypatia-security-alert.json" +} +{ + "received_at": "2026-05-24T06:48:04Z", + "event_type": "hypatia-security-alert", + "source_repo": "hyperpolymath/git-reticulator", + "source_sha": "unknown", + "findings_count": "16", + "event_file": "shared-context/dispatch/events/20260524-064804-26354378924-hypatia-security-alert.json" +} +{ + "received_at": "2026-05-24T06:48:08Z", + "event_type": "hypatia-security-alert", + "source_repo": "hyperpolymath/social-media-polygraph", + "source_sha": "unknown", + "findings_count": "4", + "event_file": "shared-context/dispatch/events/20260524-064808-26354379123-hypatia-security-alert.json" +} +{ + "received_at": "2026-05-24T20:04:14Z", + "event_type": "hypatia-security-alert", + "source_repo": "hyperpolymath/hypatia", + "source_sha": "4258322a55338e8423a7454b648db4d2fe8c58ec", + "findings_count": "44", + "event_file": "shared-context/dispatch/events/20260524-200414-26371413359-hypatia-security-alert.json" +} +{ + "received_at": "2026-05-24T20:07:20Z", + "event_type": "hypatia-security-alert", + "source_repo": "hyperpolymath/hypatia", + "source_sha": "128e0fa59714487ffc8348e9fdfe1ce2c8066880", + "findings_count": "43", + "event_file": "shared-context/dispatch/events/20260524-200720-26371481384-hypatia-security-alert.json" +} diff --git a/shared-context/dispatch/events/20260524-064800-26354377579-hypatia-security-alert.json b/shared-context/dispatch/events/20260524-064800-26354377579-hypatia-security-alert.json new file mode 100644 index 00000000..a4abbeb0 --- /dev/null +++ b/shared-context/dispatch/events/20260524-064800-26354377579-hypatia-security-alert.json @@ -0,0 +1,173 @@ +{ + "action": "hypatia-security-alert", + "branch": "main", + "client_payload": { + "findings": [ + { + "ecosystem": "NPM", + "ghsa": "GHSA-5c6j-r48x-rmvq", + "package": "serialize-javascript", + "patched": "7.0.3", + "range": "<= 7.0.2", + "severity": "HIGH" + }, + { + "ecosystem": "NPM", + "ghsa": "GHSA-qj8w-gfj5-8c6v", + "package": "serialize-javascript", + "patched": "7.0.5", + "range": ">= 5.0.0, < 7.0.5", + "severity": "MODERATE" + } + ], + "findings_count": 2, + "run_url": "https://github.com/hyperpolymath/hypatia/actions/runs/26354368583", + "scan_kind": "fleet_dependabot_sweep", + "source": "hypatia-remediation-sweep", + "source_repo": "hyperpolymath/rrecord-verity", + "top_severity": "HIGH" + }, + "repository": { + "allow_forking": true, + "archive_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/{archive_format}{/ref}", + "archived": false, + "assignees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/assignees{/user}", + "blobs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/branches{/branch}", + "clone_url": "https://github.com/hyperpolymath/gitbot-fleet.git", + "collaborators_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/comments{/number}", + "commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/commits{/sha}", + "compare_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contents/{+path}", + "contributors_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contributors", + "created_at": "2026-01-04T14:56:49Z", + "default_branch": "main", + "deployments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/deployments", + "description": "Bot fleet for repository quality enforcement", + "disabled": false, + "downloads_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/downloads", + "events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/events", + "fork": false, + "forks": 0, + "forks_count": 0, + "forks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/forks", + "full_name": "hyperpolymath/gitbot-fleet", + "git_commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/tags{/sha}", + "git_url": "git://github.com/hyperpolymath/gitbot-fleet.git", + "has_discussions": true, + "has_downloads": true, + "has_issues": true, + "has_pages": false, + "has_projects": true, + "has_pull_requests": true, + "has_wiki": true, + "homepage": null, + "hooks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/hooks", + "html_url": "https://github.com/hyperpolymath/gitbot-fleet", + "id": 1127765949, + "is_template": false, + "issue_comment_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/events{/number}", + "issues_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues{/number}", + "keys_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/keys{/key_id}", + "labels_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/labels{/name}", + "language": "Rust", + "languages_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/languages", + "license": { + "key": "other", + "name": "Other", + "node_id": "MDc6TGljZW5zZTA=", + "spdx_id": "NOASSERTION", + "url": null + }, + "merges_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/merges", + "milestones_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/milestones{/number}", + "mirror_url": null, + "name": "gitbot-fleet", + "node_id": "R_kgDOQzhXvQ", + "notifications_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/notifications{?since,all,participating}", + "open_issues": 1, + "open_issues_count": 1, + "owner": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + }, + "private": false, + "pull_request_creation_policy": "all", + "pulls_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/pulls{/number}", + "pushed_at": "2026-05-24T05:18:22Z", + "releases_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/releases{/id}", + "size": 3861, + "ssh_url": "git@github.com:hyperpolymath/gitbot-fleet.git", + "stargazers_count": 2, + "stargazers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/stargazers", + "statuses_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscribers", + "subscription_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscription", + "svn_url": "https://github.com/hyperpolymath/gitbot-fleet", + "tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/tags", + "teams_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/teams", + "topics": [ + "automation", + "bots", + "ci-cd", + "collaboration", + "devops", + "git", + "git-and-workflow", + "hyperpolymath", + "palimpsest", + "quality-enforcement", + "starred", + "workflow" + ], + "trees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/trees{/sha}", + "updated_at": "2026-05-24T05:18:25Z", + "url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet", + "visibility": "public", + "watchers": 2, + "watchers_count": 2, + "web_commit_signoff_required": true + }, + "sender": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + } +} diff --git a/shared-context/dispatch/events/20260524-064804-26354378924-hypatia-security-alert.json b/shared-context/dispatch/events/20260524-064804-26354378924-hypatia-security-alert.json new file mode 100644 index 00000000..33a25086 --- /dev/null +++ b/shared-context/dispatch/events/20260524-064804-26354378924-hypatia-security-alert.json @@ -0,0 +1,285 @@ +{ + "action": "hypatia-security-alert", + "branch": "main", + "client_payload": { + "findings": [ + { + "ecosystem": "RUST", + "ghsa": "GHSA-g98v-hv3f-hcfr", + "package": "atty", + "patched": null, + "range": "<= 0.2.14", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-cq8v-f236-94qc", + "package": "rand", + "patched": "0.10.1", + "range": "= 0.10.0", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-xgp8-3hg3-c2mh", + "package": "rustls-webpki", + "patched": "0.103.12", + "range": ">= 0.101.0, < 0.103.12", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-965h-392x-2mh5", + "package": "rustls-webpki", + "patched": "0.103.12", + "range": ">= 0.101.0, < 0.103.12", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-xhj4-vrgc-hr34", + "package": "actix-http", + "patched": "3.12.1", + "range": "< 3.12.1", + "severity": "MODERATE" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-cq8v-f236-94qc", + "package": "rand", + "patched": "0.9.3", + "range": ">= 0.9.0, < 0.9.3", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-ghm9-cr32-g9qj", + "package": "openssl", + "patched": "0.10.78", + "range": ">= 0.10.39, < 0.10.78", + "severity": "HIGH" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-hppc-g8h3-xhp3", + "package": "openssl", + "patched": "0.10.78", + "range": ">= 0.9.24, < 0.10.78", + "severity": "HIGH" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-8c75-8mhr-p7r9", + "package": "openssl", + "patched": "0.10.78", + "range": ">= 0.10.24, < 0.10.78", + "severity": "HIGH" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-xmgf-hq76-4vx2", + "package": "openssl", + "patched": "0.10.78", + "range": ">= 0.9.0, < 0.10.78", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-pqf5-4pqq-29f5", + "package": "openssl", + "patched": "0.10.78", + "range": ">= 0.9.27, < 0.10.78", + "severity": "HIGH" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-cq8v-f236-94qc", + "package": "rand", + "patched": "0.8.6", + "range": ">= 0.7.0, < 0.8.6", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-82j2-j2ch-gfr8", + "package": "rustls-webpki", + "patched": "0.103.13", + "range": "< 0.103.13", + "severity": "HIGH" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-xp3w-r5p5-63rr", + "package": "openssl", + "patched": "0.10.79", + "range": ">= 0.9.7, < 0.10.79", + "severity": "HIGH" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-xv59-967r-8726", + "package": "openssl", + "patched": "0.10.79", + "range": ">= 0.10.0, < 0.10.79", + "severity": "MODERATE" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-phqj-4mhp-q6mq", + "package": "openssl", + "patched": "0.10.80", + "range": ">= 0.10.50, < 0.10.80", + "severity": "MODERATE" + } + ], + "findings_count": 16, + "run_url": "https://github.com/hyperpolymath/hypatia/actions/runs/26354368583", + "scan_kind": "fleet_dependabot_sweep", + "source": "hypatia-remediation-sweep", + "source_repo": "hyperpolymath/git-reticulator", + "top_severity": "HIGH" + }, + "repository": { + "allow_forking": true, + "archive_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/{archive_format}{/ref}", + "archived": false, + "assignees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/assignees{/user}", + "blobs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/branches{/branch}", + "clone_url": "https://github.com/hyperpolymath/gitbot-fleet.git", + "collaborators_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/comments{/number}", + "commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/commits{/sha}", + "compare_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contents/{+path}", + "contributors_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contributors", + "created_at": "2026-01-04T14:56:49Z", + "default_branch": "main", + "deployments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/deployments", + "description": "Bot fleet for repository quality enforcement", + "disabled": false, + "downloads_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/downloads", + "events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/events", + "fork": false, + "forks": 0, + "forks_count": 0, + "forks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/forks", + "full_name": "hyperpolymath/gitbot-fleet", + "git_commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/tags{/sha}", + "git_url": "git://github.com/hyperpolymath/gitbot-fleet.git", + "has_discussions": true, + "has_downloads": true, + "has_issues": true, + "has_pages": false, + "has_projects": true, + "has_pull_requests": true, + "has_wiki": true, + "homepage": null, + "hooks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/hooks", + "html_url": "https://github.com/hyperpolymath/gitbot-fleet", + "id": 1127765949, + "is_template": false, + "issue_comment_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/events{/number}", + "issues_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues{/number}", + "keys_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/keys{/key_id}", + "labels_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/labels{/name}", + "language": "Rust", + "languages_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/languages", + "license": { + "key": "other", + "name": "Other", + "node_id": "MDc6TGljZW5zZTA=", + "spdx_id": "NOASSERTION", + "url": null + }, + "merges_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/merges", + "milestones_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/milestones{/number}", + "mirror_url": null, + "name": "gitbot-fleet", + "node_id": "R_kgDOQzhXvQ", + "notifications_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/notifications{?since,all,participating}", + "open_issues": 1, + "open_issues_count": 1, + "owner": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + }, + "private": false, + "pull_request_creation_policy": "all", + "pulls_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/pulls{/number}", + "pushed_at": "2026-05-24T05:18:22Z", + "releases_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/releases{/id}", + "size": 3861, + "ssh_url": "git@github.com:hyperpolymath/gitbot-fleet.git", + "stargazers_count": 2, + "stargazers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/stargazers", + "statuses_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscribers", + "subscription_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscription", + "svn_url": "https://github.com/hyperpolymath/gitbot-fleet", + "tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/tags", + "teams_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/teams", + "topics": [ + "automation", + "bots", + "ci-cd", + "collaboration", + "devops", + "git", + "git-and-workflow", + "hyperpolymath", + "palimpsest", + "quality-enforcement", + "starred", + "workflow" + ], + "trees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/trees{/sha}", + "updated_at": "2026-05-24T05:18:25Z", + "url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet", + "visibility": "public", + "watchers": 2, + "watchers_count": 2, + "web_commit_signoff_required": true + }, + "sender": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + } +} diff --git a/shared-context/dispatch/events/20260524-064808-26354379123-hypatia-security-alert.json b/shared-context/dispatch/events/20260524-064808-26354379123-hypatia-security-alert.json new file mode 100644 index 00000000..e37a1163 --- /dev/null +++ b/shared-context/dispatch/events/20260524-064808-26354379123-hypatia-security-alert.json @@ -0,0 +1,189 @@ +{ + "action": "hypatia-security-alert", + "branch": "main", + "client_payload": { + "findings": [ + { + "ecosystem": "RUST", + "ghsa": "GHSA-2gh3-rmm4-6rq5", + "package": "protobuf", + "patched": "3.7.2", + "range": "< 3.7.2", + "severity": "MODERATE" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-965h-392x-2mh5", + "package": "rustls-webpki", + "patched": "0.103.12", + "range": ">= 0.101.0, < 0.103.12", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-xgp8-3hg3-c2mh", + "package": "rustls-webpki", + "patched": "0.103.12", + "range": ">= 0.101.0, < 0.103.12", + "severity": "LOW" + }, + { + "ecosystem": "RUST", + "ghsa": "GHSA-82j2-j2ch-gfr8", + "package": "rustls-webpki", + "patched": "0.103.13", + "range": "< 0.103.13", + "severity": "HIGH" + } + ], + "findings_count": 4, + "run_url": "https://github.com/hyperpolymath/hypatia/actions/runs/26354368583", + "scan_kind": "fleet_dependabot_sweep", + "source": "hypatia-remediation-sweep", + "source_repo": "hyperpolymath/social-media-polygraph", + "top_severity": "HIGH" + }, + "repository": { + "allow_forking": true, + "archive_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/{archive_format}{/ref}", + "archived": false, + "assignees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/assignees{/user}", + "blobs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/branches{/branch}", + "clone_url": "https://github.com/hyperpolymath/gitbot-fleet.git", + "collaborators_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/comments{/number}", + "commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/commits{/sha}", + "compare_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contents/{+path}", + "contributors_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contributors", + "created_at": "2026-01-04T14:56:49Z", + "default_branch": "main", + "deployments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/deployments", + "description": "Bot fleet for repository quality enforcement", + "disabled": false, + "downloads_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/downloads", + "events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/events", + "fork": false, + "forks": 0, + "forks_count": 0, + "forks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/forks", + "full_name": "hyperpolymath/gitbot-fleet", + "git_commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/tags{/sha}", + "git_url": "git://github.com/hyperpolymath/gitbot-fleet.git", + "has_discussions": true, + "has_downloads": true, + "has_issues": true, + "has_pages": false, + "has_projects": true, + "has_pull_requests": true, + "has_wiki": true, + "homepage": null, + "hooks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/hooks", + "html_url": "https://github.com/hyperpolymath/gitbot-fleet", + "id": 1127765949, + "is_template": false, + "issue_comment_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/events{/number}", + "issues_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues{/number}", + "keys_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/keys{/key_id}", + "labels_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/labels{/name}", + "language": "Rust", + "languages_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/languages", + "license": { + "key": "other", + "name": "Other", + "node_id": "MDc6TGljZW5zZTA=", + "spdx_id": "NOASSERTION", + "url": null + }, + "merges_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/merges", + "milestones_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/milestones{/number}", + "mirror_url": null, + "name": "gitbot-fleet", + "node_id": "R_kgDOQzhXvQ", + "notifications_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/notifications{?since,all,participating}", + "open_issues": 1, + "open_issues_count": 1, + "owner": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + }, + "private": false, + "pull_request_creation_policy": "all", + "pulls_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/pulls{/number}", + "pushed_at": "2026-05-24T05:18:22Z", + "releases_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/releases{/id}", + "size": 3861, + "ssh_url": "git@github.com:hyperpolymath/gitbot-fleet.git", + "stargazers_count": 2, + "stargazers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/stargazers", + "statuses_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscribers", + "subscription_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscription", + "svn_url": "https://github.com/hyperpolymath/gitbot-fleet", + "tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/tags", + "teams_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/teams", + "topics": [ + "automation", + "bots", + "ci-cd", + "collaboration", + "devops", + "git", + "git-and-workflow", + "hyperpolymath", + "palimpsest", + "quality-enforcement", + "starred", + "workflow" + ], + "trees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/trees{/sha}", + "updated_at": "2026-05-24T05:18:25Z", + "url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet", + "visibility": "public", + "watchers": 2, + "watchers_count": 2, + "web_commit_signoff_required": true + }, + "sender": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + } +} diff --git a/shared-context/dispatch/events/20260524-200414-26371413359-hypatia-security-alert.json b/shared-context/dispatch/events/20260524-200414-26371413359-hypatia-security-alert.json new file mode 100644 index 00000000..607de212 --- /dev/null +++ b/shared-context/dispatch/events/20260524-200414-26371413359-hypatia-security-alert.json @@ -0,0 +1,158 @@ +{ + "action": "hypatia-security-alert", + "branch": "main", + "client_payload": { + "critical": 0, + "findings_branch": "findings-submissions", + "findings_count": 44, + "findings_path": "shared-context/findings/hyperpolymath-hypatia/20260524-200356.json", + "high": 20, + "secret_like": 0, + "sha": "4258322a55338e8423a7454b648db4d2fe8c58ec", + "source_repo": "hyperpolymath/hypatia", + "submitted_at": "2026-05-24T20:04:00Z" + }, + "repository": { + "allow_forking": true, + "archive_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/{archive_format}{/ref}", + "archived": false, + "assignees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/assignees{/user}", + "blobs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/branches{/branch}", + "clone_url": "https://github.com/hyperpolymath/gitbot-fleet.git", + "collaborators_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/comments{/number}", + "commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/commits{/sha}", + "compare_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contents/{+path}", + "contributors_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contributors", + "created_at": "2026-01-04T14:56:49Z", + "default_branch": "main", + "deployments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/deployments", + "description": "Bot fleet for repository quality enforcement", + "disabled": false, + "downloads_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/downloads", + "events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/events", + "fork": false, + "forks": 0, + "forks_count": 0, + "forks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/forks", + "full_name": "hyperpolymath/gitbot-fleet", + "git_commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/tags{/sha}", + "git_url": "git://github.com/hyperpolymath/gitbot-fleet.git", + "has_discussions": true, + "has_downloads": true, + "has_issues": true, + "has_pages": false, + "has_projects": true, + "has_pull_requests": true, + "has_wiki": true, + "homepage": null, + "hooks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/hooks", + "html_url": "https://github.com/hyperpolymath/gitbot-fleet", + "id": 1127765949, + "is_template": false, + "issue_comment_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/events{/number}", + "issues_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues{/number}", + "keys_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/keys{/key_id}", + "labels_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/labels{/name}", + "language": "Rust", + "languages_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/languages", + "license": { + "key": "other", + "name": "Other", + "node_id": "MDc6TGljZW5zZTA=", + "spdx_id": "NOASSERTION", + "url": null + }, + "merges_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/merges", + "milestones_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/milestones{/number}", + "mirror_url": null, + "name": "gitbot-fleet", + "node_id": "R_kgDOQzhXvQ", + "notifications_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/notifications{?since,all,participating}", + "open_issues": 2, + "open_issues_count": 2, + "owner": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + }, + "private": false, + "pull_request_creation_policy": "all", + "pulls_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/pulls{/number}", + "pushed_at": "2026-05-24T20:04:00Z", + "releases_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/releases{/id}", + "size": 3986, + "ssh_url": "git@github.com:hyperpolymath/gitbot-fleet.git", + "stargazers_count": 2, + "stargazers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/stargazers", + "statuses_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscribers", + "subscription_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscription", + "svn_url": "https://github.com/hyperpolymath/gitbot-fleet", + "tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/tags", + "teams_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/teams", + "topics": [ + "automation", + "bots", + "ci-cd", + "collaboration", + "devops", + "git", + "git-and-workflow", + "hyperpolymath", + "palimpsest", + "quality-enforcement", + "starred", + "workflow" + ], + "trees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/trees{/sha}", + "updated_at": "2026-05-24T19:46:24Z", + "url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet", + "visibility": "public", + "watchers": 2, + "watchers_count": 2, + "web_commit_signoff_required": true + }, + "sender": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + } +} diff --git a/shared-context/dispatch/events/20260524-200720-26371481384-hypatia-security-alert.json b/shared-context/dispatch/events/20260524-200720-26371481384-hypatia-security-alert.json new file mode 100644 index 00000000..20ddeeb5 --- /dev/null +++ b/shared-context/dispatch/events/20260524-200720-26371481384-hypatia-security-alert.json @@ -0,0 +1,158 @@ +{ + "action": "hypatia-security-alert", + "branch": "main", + "client_payload": { + "critical": 0, + "findings_branch": "findings-submissions", + "findings_count": 43, + "findings_path": "shared-context/findings/hyperpolymath-hypatia/20260524-200707.json", + "high": 20, + "secret_like": 0, + "sha": "128e0fa59714487ffc8348e9fdfe1ce2c8066880", + "source_repo": "hyperpolymath/hypatia", + "submitted_at": "2026-05-24T20:07:10Z" + }, + "repository": { + "allow_forking": true, + "archive_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/{archive_format}{/ref}", + "archived": false, + "assignees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/assignees{/user}", + "blobs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/blobs{/sha}", + "branches_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/branches{/branch}", + "clone_url": "https://github.com/hyperpolymath/gitbot-fleet.git", + "collaborators_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/collaborators{/collaborator}", + "comments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/comments{/number}", + "commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/commits{/sha}", + "compare_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/compare/{base}...{head}", + "contents_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contents/{+path}", + "contributors_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/contributors", + "created_at": "2026-01-04T14:56:49Z", + "default_branch": "main", + "deployments_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/deployments", + "description": "Bot fleet for repository quality enforcement", + "disabled": false, + "downloads_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/downloads", + "events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/events", + "fork": false, + "forks": 0, + "forks_count": 0, + "forks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/forks", + "full_name": "hyperpolymath/gitbot-fleet", + "git_commits_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/commits{/sha}", + "git_refs_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/refs{/sha}", + "git_tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/tags{/sha}", + "git_url": "git://github.com/hyperpolymath/gitbot-fleet.git", + "has_discussions": true, + "has_downloads": true, + "has_issues": true, + "has_pages": false, + "has_projects": true, + "has_pull_requests": true, + "has_wiki": true, + "homepage": null, + "hooks_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/hooks", + "html_url": "https://github.com/hyperpolymath/gitbot-fleet", + "id": 1127765949, + "is_template": false, + "issue_comment_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/comments{/number}", + "issue_events_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues/events{/number}", + "issues_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/issues{/number}", + "keys_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/keys{/key_id}", + "labels_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/labels{/name}", + "language": "Rust", + "languages_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/languages", + "license": { + "key": "other", + "name": "Other", + "node_id": "MDc6TGljZW5zZTA=", + "spdx_id": "NOASSERTION", + "url": null + }, + "merges_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/merges", + "milestones_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/milestones{/number}", + "mirror_url": null, + "name": "gitbot-fleet", + "node_id": "R_kgDOQzhXvQ", + "notifications_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/notifications{?since,all,participating}", + "open_issues": 2, + "open_issues_count": 2, + "owner": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + }, + "private": false, + "pull_request_creation_policy": "all", + "pulls_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/pulls{/number}", + "pushed_at": "2026-05-24T20:07:10Z", + "releases_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/releases{/id}", + "size": 3986, + "ssh_url": "git@github.com:hyperpolymath/gitbot-fleet.git", + "stargazers_count": 2, + "stargazers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/stargazers", + "statuses_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/statuses/{sha}", + "subscribers_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscribers", + "subscription_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/subscription", + "svn_url": "https://github.com/hyperpolymath/gitbot-fleet", + "tags_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/tags", + "teams_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/teams", + "topics": [ + "automation", + "bots", + "ci-cd", + "collaboration", + "devops", + "git", + "git-and-workflow", + "hyperpolymath", + "palimpsest", + "quality-enforcement", + "starred", + "workflow" + ], + "trees_url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet/git/trees{/sha}", + "updated_at": "2026-05-24T19:46:24Z", + "url": "https://api.github.com/repos/hyperpolymath/gitbot-fleet", + "visibility": "public", + "watchers": 2, + "watchers_count": 2, + "web_commit_signoff_required": true + }, + "sender": { + "avatar_url": "https://avatars.githubusercontent.com/u/6759885?v=4", + "events_url": "https://api.github.com/users/hyperpolymath/events{/privacy}", + "followers_url": "https://api.github.com/users/hyperpolymath/followers", + "following_url": "https://api.github.com/users/hyperpolymath/following{/other_user}", + "gists_url": "https://api.github.com/users/hyperpolymath/gists{/gist_id}", + "gravatar_id": "", + "html_url": "https://github.com/hyperpolymath", + "id": 6759885, + "login": "hyperpolymath", + "node_id": "MDQ6VXNlcjY3NTk4ODU=", + "organizations_url": "https://api.github.com/users/hyperpolymath/orgs", + "received_events_url": "https://api.github.com/users/hyperpolymath/received_events", + "repos_url": "https://api.github.com/users/hyperpolymath/repos", + "site_admin": false, + "starred_url": "https://api.github.com/users/hyperpolymath/starred{/owner}{/repo}", + "subscriptions_url": "https://api.github.com/users/hyperpolymath/subscriptions", + "type": "User", + "url": "https://api.github.com/users/hyperpolymath", + "user_view_type": "public" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260524-200356.json b/shared-context/findings/hyperpolymath-hypatia/20260524-200356.json new file mode 100644 index 00000000..c1408054 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260524-200356.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Js.Dict deprecated -- use Dict (2 occurrences)", + "type": "deprecated_api", + "file": "/home/runner/work/hypatia/hypatia/test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "module_replace", + "rule_module": "migration_rules", + "severity": "high" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "cli/src/commands/batch.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "cli/src/commands/batch.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/release.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): PinnedDependenciesID -- Pinned-Dependencies -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA003 -- Hypatia code_scanning_alerts: CSA003 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA002 -- Hypatia code_scanning_alerts: CSA002 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/migration_rules/deprecated_api -- Hypatia migration_rules: deprecated_api -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 6 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 32 day(s) old [STALE]", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "escalate", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "62 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code-scanning alert TokenPermissionsID (high) at .github/workflows/dependabot-automerge.yml is 32 days old (threshold: 7 days) -- overdue for remediation", + "type": "CSA003", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "escalate", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "4258322a55338e8423a7454b648db4d2fe8c58ec", + "submitted_at": "2026-05-24T20:03:58Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/20260524-200707.json b/shared-context/findings/hyperpolymath-hypatia/20260524-200707.json new file mode 100644 index 00000000..8d59c0c5 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260524-200707.json @@ -0,0 +1,354 @@ +{ + "findings": [ + { + "reason": "Js.Dict deprecated -- use Dict (2 occurrences)", + "type": "deprecated_api", + "file": "/home/runner/work/hypatia/hypatia/test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "module_replace", + "rule_module": "migration_rules", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "cli/src/commands/batch.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "adapters/src/main.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/docs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-auto-merge.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "cli/src/commands/batch.rs", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/release.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "no file associated with this alert", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): PinnedDependenciesID -- Pinned-Dependencies -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA003 -- Hypatia code_scanning_alerts: CSA003 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA002 -- Hypatia code_scanning_alerts: CSA002 -- 0 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/migration_rules/deprecated_api -- Hypatia migration_rules: deprecated_api -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 6 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 32 day(s) old [STALE]", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "escalate", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "62 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code-scanning alert TokenPermissionsID (high) at .github/workflows/dependabot-automerge.yml is 32 days old (threshold: 7 days) -- overdue for remediation", + "type": "CSA003", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "escalate", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "128e0fa59714487ffc8348e9fdfe1ce2c8066880", + "submitted_at": "2026-05-24T20:07:09Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json new file mode 120000 index 00000000..9f8cfce7 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -0,0 +1 @@ +20260524-200707.json \ No newline at end of file