From ca8e75f41940ce5e7029b19424a1baa9631c4fcc Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:13:44 +0000 Subject: [PATCH 01/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 11 findings Commit: 39d257d9588ebddf4f0d3750753192f442b9fd68 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-011343.json | 98 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-011343.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-011343.json b/shared-context/findings/hyperpolymath-hypatia/20260526-011343.json new file mode 100644 index 00000000..5bb0b81f --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-011343.json @@ -0,0 +1,98 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/dependabot-automerge.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 1 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/shell_download_then_run.sh", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "91 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "39d257d9588ebddf4f0d3750753192f442b9fd68", + "submitted_at": "2026-05-26T01:13:44Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 88462bda..4f7838f8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-004001.json \ No newline at end of file +20260526-011343.json \ No newline at end of file From 5ffec624dc112fe07f2de1676b502d28df6c7512 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:15:00 +0000 Subject: [PATCH 02/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 23e5f2cee887291d9101f62d9fd36ed6a37a13bb Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-011459.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-011459.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-011459.json b/shared-context/findings/hyperpolymath-hypatia/20260526-011459.json new file mode 100644 index 00000000..d660d27e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-011459.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "23e5f2cee887291d9101f62d9fd36ed6a37a13bb", + "submitted_at": "2026-05-26T01:15:00Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 4f7838f8..2f4b79c5 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-011343.json \ No newline at end of file +20260526-011459.json \ No newline at end of file From 5c4f4d45be37222a3c9db302a69a8d97e1423993 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:15:30 +0000 Subject: [PATCH 03/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 6 findings Commit: 051d6856cbc990d926cd6cfe18154be8c256667b Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-011528.json | 58 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 59 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-011528.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-011528.json b/shared-context/findings/hyperpolymath-hypatia/20260526-011528.json new file mode 100644 index 00000000..2053be85 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-011528.json @@ -0,0 +1,58 @@ +{ + "findings": [ + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "051d6856cbc990d926cd6cfe18154be8c256667b", + "submitted_at": "2026-05-26T01:15:29Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2f4b79c5..fef954cf 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-011459.json \ No newline at end of file +20260526-011528.json \ No newline at end of file From 89afc0016df668585621af3b44139dc449472189 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:22:31 +0000 Subject: [PATCH 04/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 76bab30467223e0cbecbb2392ae52156d727fe41 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-012230.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-012230.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-012230.json b/shared-context/findings/hyperpolymath-hypatia/20260526-012230.json new file mode 100644 index 00000000..c9cd4ceb --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-012230.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "76bab30467223e0cbecbb2392ae52156d727fe41", + "submitted_at": "2026-05-26T01:22:31Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index fef954cf..864febe1 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-011528.json \ No newline at end of file +20260526-012230.json \ No newline at end of file From 9ff9db3b821a568a45780981680e7602c10d4d03 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:26:50 +0000 Subject: [PATCH 05/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: bdf113e8cd65748c6e0c6313c8eae37230fa7129 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-012647.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-012647.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-012647.json b/shared-context/findings/hyperpolymath-hypatia/20260526-012647.json new file mode 100644 index 00000000..2845af75 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-012647.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "bdf113e8cd65748c6e0c6313c8eae37230fa7129", + "submitted_at": "2026-05-26T01:26:50Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 864febe1..60a942b1 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-012230.json \ No newline at end of file +20260526-012647.json \ No newline at end of file From 4f1478931bdbd719b3a3eed6cda27882e629bb71 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:27:49 +0000 Subject: [PATCH 06/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: fe4e8b0e43e5bff71ca4a632841e6c83724ef29a Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-012747.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-012747.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-012747.json b/shared-context/findings/hyperpolymath-hypatia/20260526-012747.json new file mode 100644 index 00000000..a591c8ad --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-012747.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "fe4e8b0e43e5bff71ca4a632841e6c83724ef29a", + "submitted_at": "2026-05-26T01:27:49Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 60a942b1..46018979 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-012647.json \ No newline at end of file +20260526-012747.json \ No newline at end of file From edad443da45243e83b4690f7c6c6db2a45a11dad Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:30:25 +0000 Subject: [PATCH 07/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 455ccbdd943803795f9f153c1f6c9b9cd61a47e6 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-013024.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-013024.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-013024.json b/shared-context/findings/hyperpolymath-hypatia/20260526-013024.json new file mode 100644 index 00000000..0295645c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-013024.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "455ccbdd943803795f9f153c1f6c9b9cd61a47e6", + "submitted_at": "2026-05-26T01:30:25Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 46018979..30245e98 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-012747.json \ No newline at end of file +20260526-013024.json \ No newline at end of file From 1f31d68902d25704bc560e98d5e5db0967931cc2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:32:06 +0000 Subject: [PATCH 08/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 99d61a725d7cc62a73618409e03a13ede8aa6611 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-013205.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-013205.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-013205.json b/shared-context/findings/hyperpolymath-hypatia/20260526-013205.json new file mode 100644 index 00000000..045393dd --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-013205.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "99d61a725d7cc62a73618409e03a13ede8aa6611", + "submitted_at": "2026-05-26T01:32:06Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 30245e98..2092ed38 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-013024.json \ No newline at end of file +20260526-013205.json \ No newline at end of file From a86d44281fb0bd19362582f18566cfbf51481ae2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:33:57 +0000 Subject: [PATCH 09/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: ab9aa0cd9971855941630f6a90ba0ae56e26ac0c Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-013355.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-013355.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-013355.json b/shared-context/findings/hyperpolymath-hypatia/20260526-013355.json new file mode 100644 index 00000000..dcc9fd18 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-013355.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ab9aa0cd9971855941630f6a90ba0ae56e26ac0c", + "submitted_at": "2026-05-26T01:33:57Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2092ed38..0b1e901f 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-013205.json \ No newline at end of file +20260526-013355.json \ No newline at end of file From 46146fe2f30bf52ee253cdfb822a576434787c74 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:34:10 +0000 Subject: [PATCH 10/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 0ee43301c851e5445a6d5b3101bbfcf8e9cb2c1e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-013409.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-013409.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-013409.json b/shared-context/findings/hyperpolymath-hypatia/20260526-013409.json new file mode 100644 index 00000000..d4a27152 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-013409.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "92 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0ee43301c851e5445a6d5b3101bbfcf8e9cb2c1e", + "submitted_at": "2026-05-26T01:34:10Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 0b1e901f..49a06ce6 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-013355.json \ No newline at end of file +20260526-013409.json \ No newline at end of file From 9fac5e4f7215424b276d7d2231040a0b35f8ece9 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:37:48 +0000 Subject: [PATCH 11/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: fce2b68d199fae907ffa5d36cb8a47e8a1fc42d7 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-013747.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-013747.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-013747.json b/shared-context/findings/hyperpolymath-hypatia/20260526-013747.json new file mode 100644 index 00000000..31a54f78 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-013747.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "92 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "fce2b68d199fae907ffa5d36cb8a47e8a1fc42d7", + "submitted_at": "2026-05-26T01:37:48Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 49a06ce6..eca93564 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-013409.json \ No newline at end of file +20260526-013747.json \ No newline at end of file From a1cba363841e3ab87b7199f63bcf795e055f34d4 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:40:12 +0000 Subject: [PATCH 12/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 79239e338ea663cc76d3df516d4d5ed9f2590cba Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014010.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014010.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014010.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014010.json new file mode 100644 index 00000000..2ff16e35 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014010.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "88 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "79239e338ea663cc76d3df516d4d5ed9f2590cba", + "submitted_at": "2026-05-26T01:40:11Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index eca93564..57c2b531 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-013747.json \ No newline at end of file +20260526-014010.json \ No newline at end of file From b5e7d18efea5857b1c2e4711de2cce813473a2fa Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:40:35 +0000 Subject: [PATCH 13/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: c853d155da23e32c7480d613591bb86fb5af0cae Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014033.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014033.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014033.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014033.json new file mode 100644 index 00000000..0b4d8ac0 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014033.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "88 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c853d155da23e32c7480d613591bb86fb5af0cae", + "submitted_at": "2026-05-26T01:40:34Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 57c2b531..226608a7 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014010.json \ No newline at end of file +20260526-014033.json \ No newline at end of file From d888bdfd1cefd35be6f17a34978d11e42c66e602 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:42:13 +0000 Subject: [PATCH 14/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 0339f278a2c0830c7da44d0a3943de824f4e32e3 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014211.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014211.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014211.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014211.json new file mode 100644 index 00000000..97787c3e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014211.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "88 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0339f278a2c0830c7da44d0a3943de824f4e32e3", + "submitted_at": "2026-05-26T01:42:13Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 226608a7..107d59fe 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014033.json \ No newline at end of file +20260526-014211.json \ No newline at end of file From 30f0dfd13c41cfaeb0f9fc3d05c3721097cd2470 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:43:29 +0000 Subject: [PATCH 15/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: a8e66c21ab6c1d04d28d47f5e5ce4fcb9086d36d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014327.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014327.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014327.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014327.json new file mode 100644 index 00000000..24458c99 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014327.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "88 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a8e66c21ab6c1d04d28d47f5e5ce4fcb9086d36d", + "submitted_at": "2026-05-26T01:43:29Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 107d59fe..c4f61031 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014211.json \ No newline at end of file +20260526-014327.json \ No newline at end of file From 7b6fa8c77754f5f0585aa73b09339a2acc936ea8 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:45:56 +0000 Subject: [PATCH 16/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 93e38932c919a521c71bcf98690a60f409040570 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014554.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014554.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014554.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014554.json new file mode 100644 index 00000000..d1e08c6a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014554.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "88 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "93e38932c919a521c71bcf98690a60f409040570", + "submitted_at": "2026-05-26T01:45:56Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index c4f61031..bd7b48c1 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014327.json \ No newline at end of file +20260526-014554.json \ No newline at end of file From 5caef2020cd996649a675f12b11994bce3955776 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:46:07 +0000 Subject: [PATCH 17/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 8c45c8b8e514daf0d16a4c142fe9800b35014825 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014605.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014605.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014605.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014605.json new file mode 100644 index 00000000..7f3da9ff --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014605.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "88 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8c45c8b8e514daf0d16a4c142fe9800b35014825", + "submitted_at": "2026-05-26T01:46:07Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index bd7b48c1..78e7c31a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014554.json \ No newline at end of file +20260526-014605.json \ No newline at end of file From 25ef66019496a2f63362e2580e0b780bd2065e1b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:46:32 +0000 Subject: [PATCH 18/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: abf9613b6fd26e667b0ddf73cc799d5ee1427c0b Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014631.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014631.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014631.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014631.json new file mode 100644 index 00000000..1d184e96 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014631.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "81 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "abf9613b6fd26e667b0ddf73cc799d5ee1427c0b", + "submitted_at": "2026-05-26T01:46:32Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 78e7c31a..3f047092 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014605.json \ No newline at end of file +20260526-014631.json \ No newline at end of file From 007ec621b90d998833c6d7730ee9451ef2bcd14e Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:49:10 +0000 Subject: [PATCH 19/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: f4f6400a437b44956bac42d202ac73e72249201b Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014908.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014908.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014908.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014908.json new file mode 100644 index 00000000..9b158cc1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014908.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "81 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "f4f6400a437b44956bac42d202ac73e72249201b", + "submitted_at": "2026-05-26T01:49:09Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 3f047092..174fda8c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014631.json \ No newline at end of file +20260526-014908.json \ No newline at end of file From 7e0c3598cefab16ae31dc9ec6371ef9d26be8a7b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:49:45 +0000 Subject: [PATCH 20/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: bb70aeedca5d48b360875a78e4c3bae7407fd76e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-014943.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-014943.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-014943.json b/shared-context/findings/hyperpolymath-hypatia/20260526-014943.json new file mode 100644 index 00000000..8b30c388 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-014943.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "81 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "bb70aeedca5d48b360875a78e4c3bae7407fd76e", + "submitted_at": "2026-05-26T01:49:45Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 174fda8c..70c6627b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014908.json \ No newline at end of file +20260526-014943.json \ No newline at end of file From 3e0e7035cfd35340930bb2bcedb574afd277ab7f Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:52:37 +0000 Subject: [PATCH 21/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: 88427567746d9d0dfed37be54b6929d048998c98 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-015236.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-015236.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-015236.json b/shared-context/findings/hyperpolymath-hypatia/20260526-015236.json new file mode 100644 index 00000000..26c7257a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-015236.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "91 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "88427567746d9d0dfed37be54b6929d048998c98", + "submitted_at": "2026-05-26T01:52:37Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 70c6627b..543fcd55 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-014943.json \ No newline at end of file +20260526-015236.json \ No newline at end of file From de8064bcba30d2a18f7d38d8bf1b1202e0be28a4 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:54:41 +0000 Subject: [PATCH 22/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 7 findings Commit: ead582621c312037ad4ca8d07963ed5291cae3ac Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-015439.json | 66 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-015439.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-015439.json b/shared-context/findings/hyperpolymath-hypatia/20260526-015439.json new file mode 100644 index 00000000..e60c46f2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-015439.json @@ -0,0 +1,66 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "91 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ead582621c312037ad4ca8d07963ed5291cae3ac", + "submitted_at": "2026-05-26T01:54:41Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 543fcd55..145cdb65 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-015236.json \ No newline at end of file +20260526-015439.json \ No newline at end of file From c7fa3630099dfcbecb2137fd9c507df0e4d4b130 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:56:02 +0000 Subject: [PATCH 23/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 4 findings Commit: 3f21c67e5ec4bcb327ba3295224c23b544c3e13d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-015601.json | 42 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-015601.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-015601.json b/shared-context/findings/hyperpolymath-hypatia/20260526-015601.json new file mode 100644 index 00000000..53f2ee3c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-015601.json @@ -0,0 +1,42 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3f21c67e5ec4bcb327ba3295224c23b544c3e13d", + "submitted_at": "2026-05-26T01:56:02Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 145cdb65..a26408ef 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-015439.json \ No newline at end of file +20260526-015601.json \ No newline at end of file From 3fedd0821669ee18f3f977d2d82f5402b4eacf06 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 01:57:47 +0000 Subject: [PATCH 24/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 4 findings Commit: ab77541b3b600023e7b3307b1b45827ee1ded2b8 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-015746.json | 42 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-015746.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-015746.json b/shared-context/findings/hyperpolymath-hypatia/20260526-015746.json new file mode 100644 index 00000000..6778a885 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-015746.json @@ -0,0 +1,42 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ab77541b3b600023e7b3307b1b45827ee1ded2b8", + "submitted_at": "2026-05-26T01:57:47Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index a26408ef..8d37efab 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-015601.json \ No newline at end of file +20260526-015746.json \ No newline at end of file From b9144f81006d364d7222c461750b0b52de7cd6d3 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 02:02:32 +0000 Subject: [PATCH 25/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 4 findings Commit: 4d7a49e23d8d7fe996c77e442904357c14f913ef Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-020230.json | 42 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-020230.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-020230.json b/shared-context/findings/hyperpolymath-hypatia/20260526-020230.json new file mode 100644 index 00000000..0520f5a0 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-020230.json @@ -0,0 +1,42 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "Code scanning (Hypatia): hypatia/code_scanning_alerts/CSA001 -- Hypatia code_scanning_alerts: CSA001 -- 0 day(s) old", + "type": "CSA001", + "file": "test/soundness/fixtures/code_safety/getexn_on_external.res", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "4d7a49e23d8d7fe996c77e442904357c14f913ef", + "submitted_at": "2026-05-26T02:02:32Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 8d37efab..2ca9013b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-015746.json \ No newline at end of file +20260526-020230.json \ No newline at end of file From 1b16d59b630089b54cd4bc4986850ca1e25f9167 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 07:02:38 +0000 Subject: [PATCH 26/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 2 findings Commit: 75c3019e6c18ae23da6f983b8ca23cacd2eaf4e3 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-070237.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-070237.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-070237.json b/shared-context/findings/hyperpolymath-hypatia/20260526-070237.json new file mode 100644 index 00000000..068b0713 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-070237.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "94 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "75c3019e6c18ae23da6f983b8ca23cacd2eaf4e3", + "submitted_at": "2026-05-26T07:02:38Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2ca9013b..07594b2c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-020230.json \ No newline at end of file +20260526-070237.json \ No newline at end of file From 5d11d06eefc252a2f3ef16547a3829d27c29bb8c Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 07:52:37 +0000 Subject: [PATCH 27/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 2 findings Commit: f1352811351b807807c817bf5d39fe6deeceeadc Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-075234.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-075234.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-075234.json b/shared-context/findings/hyperpolymath-hypatia/20260526-075234.json new file mode 100644 index 00000000..48550cec --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-075234.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "90 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "f1352811351b807807c817bf5d39fe6deeceeadc", + "submitted_at": "2026-05-26T07:52:37Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 07594b2c..f907a9ab 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-070237.json \ No newline at end of file +20260526-075234.json \ No newline at end of file From 9cd6d06cd6899744f86e2f0f0b110e6af436d791 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 08:06:24 +0000 Subject: [PATCH 28/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 1 findings Commit: 35f9f3c11a89bb77cc9a1dcc86279523575e2c33 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../hyperpolymath-hypatia/20260526-080622.json | 18 ++++++++++++++++++ .../findings/hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-080622.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-080622.json b/shared-context/findings/hyperpolymath-hypatia/20260526-080622.json new file mode 100644 index 00000000..86fc2efe --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-080622.json @@ -0,0 +1,18 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "35f9f3c11a89bb77cc9a1dcc86279523575e2c33", + "submitted_at": "2026-05-26T08:06:24Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index f907a9ab..324bbcc8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-075234.json \ No newline at end of file +20260526-080622.json \ No newline at end of file From f6d586ec3cdb435186284374c3ad9395311d07b2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 08:19:31 +0000 Subject: [PATCH 29/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 1 findings Commit: 4dbdeae0060a579c24a7b6589a10359c5a8dbe04 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../hyperpolymath-hypatia/20260526-081928.json | 18 ++++++++++++++++++ .../findings/hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-081928.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-081928.json b/shared-context/findings/hyperpolymath-hypatia/20260526-081928.json new file mode 100644 index 00000000..eb58e5ba --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-081928.json @@ -0,0 +1,18 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "4dbdeae0060a579c24a7b6589a10359c5a8dbe04", + "submitted_at": "2026-05-26T08:19:31Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 324bbcc8..8b16e6b8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-080622.json \ No newline at end of file +20260526-081928.json \ No newline at end of file From 456418e6fcf0a8eb07008fc1dfc938cfd4ddfb35 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 08:22:40 +0000 Subject: [PATCH 30/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 1 findings Commit: 7d69b8ac144362a75c523d0b7e7d58d0eefe0c92 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../hyperpolymath-hypatia/20260526-082239.json | 18 ++++++++++++++++++ .../findings/hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-082239.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-082239.json b/shared-context/findings/hyperpolymath-hypatia/20260526-082239.json new file mode 100644 index 00000000..c2ca1f93 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-082239.json @@ -0,0 +1,18 @@ +{ + "findings": [ + { + "reason": "Repository has 1 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "7d69b8ac144362a75c523d0b7e7d58d0eefe0c92", + "submitted_at": "2026-05-26T08:22:40Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 8b16e6b8..5416cf74 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-081928.json \ No newline at end of file +20260526-082239.json \ No newline at end of file From 4c4698a46079ca54e99087786c960a2af086523b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 09:15:33 +0000 Subject: [PATCH 31/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 1 findings Commit: 9f4cc6ab45e728e9acf6a431004db7c08c3cff7e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../hyperpolymath-hypatia/20260526-091531.json | 18 ++++++++++++++++++ .../findings/hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-091531.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-091531.json b/shared-context/findings/hyperpolymath-hypatia/20260526-091531.json new file mode 100644 index 00000000..ba2cb1ac --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-091531.json @@ -0,0 +1,18 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9f4cc6ab45e728e9acf6a431004db7c08c3cff7e", + "submitted_at": "2026-05-26T09:15:33Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 5416cf74..03107e8c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-082239.json \ No newline at end of file +20260526-091531.json \ No newline at end of file From 7999efac604947ddc6746d1c45153269328cb9db Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 09:21:29 +0000 Subject: [PATCH 32/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 1 findings Commit: 87da627ddc06326fe5e0a2209cc672c80b117a59 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../hyperpolymath-hypatia/20260526-092128.json | 18 ++++++++++++++++++ .../findings/hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-092128.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-092128.json b/shared-context/findings/hyperpolymath-hypatia/20260526-092128.json new file mode 100644 index 00000000..9b315ec7 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-092128.json @@ -0,0 +1,18 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "87da627ddc06326fe5e0a2209cc672c80b117a59", + "submitted_at": "2026-05-26T09:21:29Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 03107e8c..1a3e90c6 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-091531.json \ No newline at end of file +20260526-092128.json \ No newline at end of file From 6855e9c332f07c0e927ea9556206887cb6a53921 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 09:23:38 +0000 Subject: [PATCH 33/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 1 findings Commit: d89034e2ed86f88871bf117e9bdebf3ca56e8aa2 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../hyperpolymath-hypatia/20260526-092336.json | 18 ++++++++++++++++++ .../findings/hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-092336.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-092336.json b/shared-context/findings/hyperpolymath-hypatia/20260526-092336.json new file mode 100644 index 00000000..018f65f4 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-092336.json @@ -0,0 +1,18 @@ +{ + "findings": [ + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d89034e2ed86f88871bf117e9bdebf3ca56e8aa2", + "submitted_at": "2026-05-26T09:23:38Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 1a3e90c6..1658c5d4 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-092128.json \ No newline at end of file +20260526-092336.json \ No newline at end of file From 633294cdcc09594a3b2be217aa8be804a8433f76 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 09:47:55 +0000 Subject: [PATCH 34/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 1 findings Commit: 4cfa11a4e2954a6a557021759457eacf2e5253b0 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../hyperpolymath-hypatia/20260526-094753.json | 18 ++++++++++++++++++ .../findings/hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-094753.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-094753.json b/shared-context/findings/hyperpolymath-hypatia/20260526-094753.json new file mode 100644 index 00000000..0ac8601a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-094753.json @@ -0,0 +1,18 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "4cfa11a4e2954a6a557021759457eacf2e5253b0", + "submitted_at": "2026-05-26T09:47:55Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 1658c5d4..6e0093e7 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-092336.json \ No newline at end of file +20260526-094753.json \ No newline at end of file From 10f900bd4c11c2babd029d4faec26a40fac07595 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 15:39:35 +0000 Subject: [PATCH 35/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 2 findings Commit: b375105ccfeb1b42b7b5b7f7fc7750249b562fa4 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-153933.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-153933.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-153933.json b/shared-context/findings/hyperpolymath-hypatia/20260526-153933.json new file mode 100644 index 00000000..0ebf0c1a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-153933.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "b375105ccfeb1b42b7b5b7f7fc7750249b562fa4", + "submitted_at": "2026-05-26T15:39:34Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6e0093e7..f9e91e72 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-094753.json \ No newline at end of file +20260526-153933.json \ No newline at end of file From 3e6d226cfef19ea0427bc26ac7a0188327b54cc9 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 18:20:55 +0000 Subject: [PATCH 36/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 2 findings Commit: 7dd5ac1f0e429db9a758fe1e27f476db8835648a Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-182053.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-182053.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-182053.json b/shared-context/findings/hyperpolymath-hypatia/20260526-182053.json new file mode 100644 index 00000000..d98dc8c1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-182053.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 10 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "7dd5ac1f0e429db9a758fe1e27f476db8835648a", + "submitted_at": "2026-05-26T18:20:55Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index f9e91e72..44122238 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-153933.json \ No newline at end of file +20260526-182053.json \ No newline at end of file From 63a1c927373a20ecf34585b34ab5dad308f4344b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 20:48:07 +0000 Subject: [PATCH 37/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 2 findings Commit: 165a64cb72161a25c85b553398ccdc171f4a1a18 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-204805.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-204805.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-204805.json b/shared-context/findings/hyperpolymath-hypatia/20260526-204805.json new file mode 100644 index 00000000..212463eb --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-204805.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 11 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "165a64cb72161a25c85b553398ccdc171f4a1a18", + "submitted_at": "2026-05-26T20:48:07Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 44122238..531141a4 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-182053.json \ No newline at end of file +20260526-204805.json \ No newline at end of file From acb0b776f69bed762590f3b02e82809a95e45b45 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 26 May 2026 23:37:07 +0000 Subject: [PATCH 38/97] findings: hyperpolymath/hypatia @ 2026-05-26 Submitted: 2 findings Commit: 7b52083246750ac0e3213365fce936af0d424229 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260526-233705.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260526-233705.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260526-233705.json b/shared-context/findings/hyperpolymath-hypatia/20260526-233705.json new file mode 100644 index 00000000..b9ab2f37 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260526-233705.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 13 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "7b52083246750ac0e3213365fce936af0d424229", + "submitted_at": "2026-05-26T23:37:06Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 531141a4..d278d618 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-204805.json \ No newline at end of file +20260526-233705.json \ No newline at end of file From 5bf0ff5375400e4ab02672a96d006e6beae3cb92 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 01:14:35 +0000 Subject: [PATCH 39/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 2 findings Commit: a2f3963f7d09979eca82856dcd821c15ff83601b Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-011433.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-011433.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-011433.json b/shared-context/findings/hyperpolymath-hypatia/20260527-011433.json new file mode 100644 index 00000000..7302b822 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-011433.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 13 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a2f3963f7d09979eca82856dcd821c15ff83601b", + "submitted_at": "2026-05-27T01:14:35Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index d278d618..4e2f4ef7 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260526-233705.json \ No newline at end of file +20260527-011433.json \ No newline at end of file From 8e4e0aee1e5b5d483bda5c3db4e7d7659fd80ee4 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 01:46:56 +0000 Subject: [PATCH 40/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 2 findings Commit: bf54e411b831f24dd5800ec6408af7515ac715f8 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-014655.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-014655.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-014655.json b/shared-context/findings/hyperpolymath-hypatia/20260527-014655.json new file mode 100644 index 00000000..4f33effa --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-014655.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 13 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "bf54e411b831f24dd5800ec6408af7515ac715f8", + "submitted_at": "2026-05-27T01:46:56Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 4e2f4ef7..efa3fff1 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-011433.json \ No newline at end of file +20260527-014655.json \ No newline at end of file From e9be98a9afaa89e12305e7b0467929ac758cebfd Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 03:24:39 +0000 Subject: [PATCH 41/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 2 findings Commit: 3f3d395c4d0eb5fee6ccdeea1d95b9bdd56dd1de Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-032438.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-032438.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-032438.json b/shared-context/findings/hyperpolymath-hypatia/20260527-032438.json new file mode 100644 index 00000000..9d35b179 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-032438.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 13 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3f3d395c4d0eb5fee6ccdeea1d95b9bdd56dd1de", + "submitted_at": "2026-05-27T03:24:39Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index efa3fff1..25a2a9b6 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-014655.json \ No newline at end of file +20260527-032438.json \ No newline at end of file From 81244c06ca1334cb1a00ddbd260ba1fe11674097 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 03:58:43 +0000 Subject: [PATCH 42/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 2 findings Commit: b23d8440f9096ddc46698dad94ccfbef645754f2 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-035841.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-035841.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-035841.json b/shared-context/findings/hyperpolymath-hypatia/20260527-035841.json new file mode 100644 index 00000000..bdbabd31 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-035841.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 13 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "b23d8440f9096ddc46698dad94ccfbef645754f2", + "submitted_at": "2026-05-27T03:58:43Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 25a2a9b6..18c1cf68 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-032438.json \ No newline at end of file +20260527-035841.json \ No newline at end of file From 8913f83d340dbcb8caf34450ae47ae7b11c37b89 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 05:34:03 +0000 Subject: [PATCH 43/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 2 findings Commit: 3bb08c19c6405428be6ee224a1453ca9ec73bca4 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-053401.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-053401.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-053401.json b/shared-context/findings/hyperpolymath-hypatia/20260527-053401.json new file mode 100644 index 00000000..eba60c61 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-053401.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 13 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3bb08c19c6405428be6ee224a1453ca9ec73bca4", + "submitted_at": "2026-05-27T05:34:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 18c1cf68..dd10faa5 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-035841.json \ No newline at end of file +20260527-053401.json \ No newline at end of file From 4115fc20dac7e464fa2a5da18fa03f36a110102b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 08:34:02 +0000 Subject: [PATCH 44/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 2 findings Commit: c8d8c3c1e6387747b21b5be73f0f14f7f8236283 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-083400.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-083400.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-083400.json b/shared-context/findings/hyperpolymath-hypatia/20260527-083400.json new file mode 100644 index 00000000..94e506f5 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-083400.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 16 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c8d8c3c1e6387747b21b5be73f0f14f7f8236283", + "submitted_at": "2026-05-27T08:34:01Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index dd10faa5..89f82f93 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-053401.json \ No newline at end of file +20260527-083400.json \ No newline at end of file From e5ff8cb79951a8c791442e00dcbd3d4d69cf2eb2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 11:24:49 +0000 Subject: [PATCH 45/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 2 findings Commit: df0a03774727e0b2a3d54a88c0dc8d24e71e315f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-112447.json | 26 +++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-112447.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-112447.json b/shared-context/findings/hyperpolymath-hypatia/20260527-112447.json new file mode 100644 index 00000000..2beeb167 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-112447.json @@ -0,0 +1,26 @@ +{ + "findings": [ + { + "reason": "Repository has 11 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 0 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "df0a03774727e0b2a3d54a88c0dc8d24e71e315f", + "submitted_at": "2026-05-27T11:24:49Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 89f82f93..487952d0 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-083400.json \ No newline at end of file +20260527-112447.json \ No newline at end of file From 7e0eda1d65a6b05ab6efe2b2e4044f98c0d0d474 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 21:29:24 +0000 Subject: [PATCH 46/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 72 findings Commit: 99783cbf508e28c8e183781deccdeaecd6aeafef Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-212922.json | 586 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 587 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-212922.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-212922.json b/shared-context/findings/hyperpolymath-hypatia/20260527-212922.json new file mode 100644 index 00000000..ef3a12ce --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-212922.json @@ -0,0 +1,586 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "99783cbf508e28c8e183781deccdeaecd6aeafef", + "submitted_at": "2026-05-27T21:29:23Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 487952d0..c8242b85 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-112447.json \ No newline at end of file +20260527-212922.json \ No newline at end of file From d6a95509dc2e6c09bc70b79780725b8d8063de7c Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 27 May 2026 21:46:25 +0000 Subject: [PATCH 47/97] findings: hyperpolymath/hypatia @ 2026-05-27 Submitted: 72 findings Commit: be4576e47b901e4462720542bca8f49528ea9223 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260527-214623.json | 586 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 587 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260527-214623.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260527-214623.json b/shared-context/findings/hyperpolymath-hypatia/20260527-214623.json new file mode 100644 index 00000000..9aaf7d64 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260527-214623.json @@ -0,0 +1,586 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "be4576e47b901e4462720542bca8f49528ea9223", + "submitted_at": "2026-05-27T21:46:25Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index c8242b85..41fad0d0 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-212922.json \ No newline at end of file +20260527-214623.json \ No newline at end of file From 3cf2eae9957ace37576bb6ad358410fbcd08b959 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 00:15:53 +0000 Subject: [PATCH 48/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 72 findings Commit: 9ff95b49c1fcfe284bb4c5a866be5e4e502c81fe Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-001550.json | 586 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 587 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-001550.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-001550.json b/shared-context/findings/hyperpolymath-hypatia/20260528-001550.json new file mode 100644 index 00000000..094090b8 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-001550.json @@ -0,0 +1,586 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9ff95b49c1fcfe284bb4c5a866be5e4e502c81fe", + "submitted_at": "2026-05-28T00:15:53Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 41fad0d0..1f3cbd09 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260527-214623.json \ No newline at end of file +20260528-001550.json \ No newline at end of file From 1680453166698f6c555342b50a8ebdb509919b22 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 00:54:35 +0000 Subject: [PATCH 49/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 72 findings Commit: 22ef9f3d86ac9ea81c6a6dc23e87aaeb6e541515 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-005433.json | 586 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 587 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-005433.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-005433.json b/shared-context/findings/hyperpolymath-hypatia/20260528-005433.json new file mode 100644 index 00000000..1571ab2f --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-005433.json @@ -0,0 +1,586 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Scorecard): TokenPermissionsID -- Token-Permissions -- 1 day(s) old", + "type": "CSA001", + "file": ".github/workflows/hypatia-scan.yml", + "action": "update", + "rule_module": "code_scanning_alerts", + "severity": "high" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "22ef9f3d86ac9ea81c6a6dc23e87aaeb6e541515", + "submitted_at": "2026-05-28T00:54:35Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 1f3cbd09..81830ad9 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-001550.json \ No newline at end of file +20260528-005433.json \ No newline at end of file From 1acf8529c3b2ee7e5a1e719807b8342341c8a569 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 07:37:43 +0000 Subject: [PATCH 50/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: ed84f6a389493a45c38653db96babfa931adc322 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-073741.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-073741.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-073741.json b/shared-context/findings/hyperpolymath-hypatia/20260528-073741.json new file mode 100644 index 00000000..f98b41d3 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-073741.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ed84f6a389493a45c38653db96babfa931adc322", + "submitted_at": "2026-05-28T07:37:43Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 81830ad9..80f5685d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-005433.json \ No newline at end of file +20260528-073741.json \ No newline at end of file From 150faef6bccecaa5e8b6b598a236eae525cf9cf4 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 07:38:33 +0000 Subject: [PATCH 51/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: e240a9fb7b0779c3d49de7807a1d021c06dc121a Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-073830.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-073830.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-073830.json b/shared-context/findings/hyperpolymath-hypatia/20260528-073830.json new file mode 100644 index 00000000..dbb77a83 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-073830.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e240a9fb7b0779c3d49de7807a1d021c06dc121a", + "submitted_at": "2026-05-28T07:38:33Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 80f5685d..75d21e16 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-073741.json \ No newline at end of file +20260528-073830.json \ No newline at end of file From 0cbb575b19ca8b2b2d90ce5ce4237e7215325ac1 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 09:06:43 +0000 Subject: [PATCH 52/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 436934e00cd6ed749bbf41a000ecc7b03b3c4423 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-090641.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-090641.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-090641.json b/shared-context/findings/hyperpolymath-hypatia/20260528-090641.json new file mode 100644 index 00000000..61732d2b --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-090641.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "436934e00cd6ed749bbf41a000ecc7b03b3c4423", + "submitted_at": "2026-05-28T09:06:42Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 75d21e16..2a925d87 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-073830.json \ No newline at end of file +20260528-090641.json \ No newline at end of file From 69c0e87fe6fa041d2f9e228f115ee0ba7c0663b0 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 09:07:05 +0000 Subject: [PATCH 53/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 3fab64a068f0ee0b33b972949c325dcf885b6a68 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-090703.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-090703.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-090703.json b/shared-context/findings/hyperpolymath-hypatia/20260528-090703.json new file mode 100644 index 00000000..c678cd5b --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-090703.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3fab64a068f0ee0b33b972949c325dcf885b6a68", + "submitted_at": "2026-05-28T09:07:04Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2a925d87..3b808f3c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-090641.json \ No newline at end of file +20260528-090703.json \ No newline at end of file From 2a7ed02f51795193a354c3c60ec7301444993b22 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 10:28:36 +0000 Subject: [PATCH 54/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: e00725e8caff606395926bd9c92f8a097304ddd7 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-102834.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-102834.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-102834.json b/shared-context/findings/hyperpolymath-hypatia/20260528-102834.json new file mode 100644 index 00000000..f57bb7a6 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-102834.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e00725e8caff606395926bd9c92f8a097304ddd7", + "submitted_at": "2026-05-28T10:28:36Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 3b808f3c..965cdfdb 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-090703.json \ No newline at end of file +20260528-102834.json \ No newline at end of file From 0a1a9eb574628f505c75fe24599548449bbbb4ed Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 10:28:42 +0000 Subject: [PATCH 55/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: a0f75e4ac512be5534a00255a90ab8c1d5646084 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-102840.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-102840.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-102840.json b/shared-context/findings/hyperpolymath-hypatia/20260528-102840.json new file mode 100644 index 00000000..2e9a13e5 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-102840.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a0f75e4ac512be5534a00255a90ab8c1d5646084", + "submitted_at": "2026-05-28T10:28:41Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 965cdfdb..f486a34c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-102834.json \ No newline at end of file +20260528-102840.json \ No newline at end of file From 6edb12739c69ce8a095f7385ee81b57d86aa7cc1 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 11:02:28 +0000 Subject: [PATCH 56/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 6690f03e1e16c4dd14c7c037ad2a580f3dea8611 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-110227.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-110227.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-110227.json b/shared-context/findings/hyperpolymath-hypatia/20260528-110227.json new file mode 100644 index 00000000..2a217b8b --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-110227.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "6690f03e1e16c4dd14c7c037ad2a580f3dea8611", + "submitted_at": "2026-05-28T11:02:28Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index f486a34c..2b7dd450 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-102840.json \ No newline at end of file +20260528-110227.json \ No newline at end of file From 9626006d9cde42f1b112a08155791d35e8678685 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:16:22 +0000 Subject: [PATCH 57/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 8e0030726e09e202a2818906ac9f731ea1d9b994 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-131620.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-131620.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-131620.json b/shared-context/findings/hyperpolymath-hypatia/20260528-131620.json new file mode 100644 index 00000000..2ce02987 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-131620.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8e0030726e09e202a2818906ac9f731ea1d9b994", + "submitted_at": "2026-05-28T13:16:22Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2b7dd450..cd8cd31d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-110227.json \ No newline at end of file +20260528-131620.json \ No newline at end of file From ddac41979b689a34a4268eee780ef5613d26827a Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:25:14 +0000 Subject: [PATCH 58/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 47694f7ecacff6d03c973405a07839e139b72de4 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-132512.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-132512.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-132512.json b/shared-context/findings/hyperpolymath-hypatia/20260528-132512.json new file mode 100644 index 00000000..187a92c9 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-132512.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "47694f7ecacff6d03c973405a07839e139b72de4", + "submitted_at": "2026-05-28T13:25:14Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index cd8cd31d..464ae106 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-131620.json \ No newline at end of file +20260528-132512.json \ No newline at end of file From 44f8e2774608f93ef3447ae5de6ece639be3bb24 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:25:27 +0000 Subject: [PATCH 59/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 964112572a2842a44e3176393d20141a888b42ca Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-132526.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-132526.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-132526.json b/shared-context/findings/hyperpolymath-hypatia/20260528-132526.json new file mode 100644 index 00000000..738ba4cb --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-132526.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "964112572a2842a44e3176393d20141a888b42ca", + "submitted_at": "2026-05-28T13:25:27Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 464ae106..54811b7d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-132512.json \ No newline at end of file +20260528-132526.json \ No newline at end of file From b2d64b92b5910c815ed5ebfdf9fd0c7cfdf59896 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:32:16 +0000 Subject: [PATCH 60/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: e704c44b2e0aa37ae11a6c00224b79cab47e7151 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-133213.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-133213.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-133213.json b/shared-context/findings/hyperpolymath-hypatia/20260528-133213.json new file mode 100644 index 00000000..73b970fc --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-133213.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e704c44b2e0aa37ae11a6c00224b79cab47e7151", + "submitted_at": "2026-05-28T13:32:16Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 54811b7d..5aeb5979 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-132526.json \ No newline at end of file +20260528-133213.json \ No newline at end of file From febb0d4cee41be556d17132899ac193e25d873ac Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:33:03 +0000 Subject: [PATCH 61/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: abab26bd97f2979d46015a56eed3b06599caa37f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-133301.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-133301.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-133301.json b/shared-context/findings/hyperpolymath-hypatia/20260528-133301.json new file mode 100644 index 00000000..5139c378 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-133301.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "abab26bd97f2979d46015a56eed3b06599caa37f", + "submitted_at": "2026-05-28T13:33:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 5aeb5979..01acf227 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-133213.json \ No newline at end of file +20260528-133301.json \ No newline at end of file From f7e35a3ca330cd07d7f0da0c206fe47351a312b7 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:34:02 +0000 Subject: [PATCH 62/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: c9fd28fe450135ee95b4d57da19955b21dc66077 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-133400.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-133400.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-133400.json b/shared-context/findings/hyperpolymath-hypatia/20260528-133400.json new file mode 100644 index 00000000..48736cb7 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-133400.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c9fd28fe450135ee95b4d57da19955b21dc66077", + "submitted_at": "2026-05-28T13:34:02Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 01acf227..7a332def 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-133301.json \ No newline at end of file +20260528-133400.json \ No newline at end of file From bfd549c09b8ea7d5665e5dc443ab8593411f010d Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:39:33 +0000 Subject: [PATCH 63/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 29002339a2b31eddad9628098eafbc67e08f1ed2 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-133932.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-133932.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-133932.json b/shared-context/findings/hyperpolymath-hypatia/20260528-133932.json new file mode 100644 index 00000000..def48619 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-133932.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "29002339a2b31eddad9628098eafbc67e08f1ed2", + "submitted_at": "2026-05-28T13:39:33Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 7a332def..84cd7b32 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-133400.json \ No newline at end of file +20260528-133932.json \ No newline at end of file From 6ca79cbf9cbc5468f03f45df4d8a5c9ce247ef2b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:40:44 +0000 Subject: [PATCH 64/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 13abd560eeb056af5713f0a9e264d00eb7f1cc33 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-134041.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-134041.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-134041.json b/shared-context/findings/hyperpolymath-hypatia/20260528-134041.json new file mode 100644 index 00000000..ce8cf9d6 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-134041.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "13abd560eeb056af5713f0a9e264d00eb7f1cc33", + "submitted_at": "2026-05-28T13:40:43Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 84cd7b32..28d97151 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-133932.json \ No newline at end of file +20260528-134041.json \ No newline at end of file From 105f507a98f20a31aac9db3e76842ca7f3f7c4d6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:47:40 +0000 Subject: [PATCH 65/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 524f754100b42d2a2b5890706b8510b5d66a715d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-134738.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-134738.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-134738.json b/shared-context/findings/hyperpolymath-hypatia/20260528-134738.json new file mode 100644 index 00000000..df6419df --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-134738.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "524f754100b42d2a2b5890706b8510b5d66a715d", + "submitted_at": "2026-05-28T13:47:40Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 28d97151..a174646d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-134041.json \ No newline at end of file +20260528-134738.json \ No newline at end of file From 52c6471ad057b1d580c2f4494cbc4402b04c478d Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 13:49:46 +0000 Subject: [PATCH 66/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 78a9991f378c9854b7283ca46d469eb7913e1787 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-134944.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-134944.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-134944.json b/shared-context/findings/hyperpolymath-hypatia/20260528-134944.json new file mode 100644 index 00000000..8292a2e8 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-134944.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "78a9991f378c9854b7283ca46d469eb7913e1787", + "submitted_at": "2026-05-28T13:49:46Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index a174646d..6bcb1041 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-134738.json \ No newline at end of file +20260528-134944.json \ No newline at end of file From ad27ed1e6843091c74ddfd206744f5e15248fb74 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 14:37:21 +0000 Subject: [PATCH 67/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 6fbfececabb178b0bd42d0b28c4f0934047675ce Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-143718.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-143718.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-143718.json b/shared-context/findings/hyperpolymath-hypatia/20260528-143718.json new file mode 100644 index 00000000..a8a92e87 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-143718.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "6fbfececabb178b0bd42d0b28c4f0934047675ce", + "submitted_at": "2026-05-28T14:37:21Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6bcb1041..783901af 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-134944.json \ No newline at end of file +20260528-143718.json \ No newline at end of file From 583269c3ce033de78080e854b9fcb55166ea3af5 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 14:42:34 +0000 Subject: [PATCH 68/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 4d44a1d8c7eac28e419142cd374cdeb281b333b9 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-144232.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-144232.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-144232.json b/shared-context/findings/hyperpolymath-hypatia/20260528-144232.json new file mode 100644 index 00000000..75d80f90 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-144232.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 7 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "4d44a1d8c7eac28e419142cd374cdeb281b333b9", + "submitted_at": "2026-05-28T14:42:33Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 783901af..901f2261 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-143718.json \ No newline at end of file +20260528-144232.json \ No newline at end of file From 3a1525194c94cf30951c84906ef3392b210f96ae Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 14:50:40 +0000 Subject: [PATCH 69/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 5fae4da9feef43007b8786b1b6501dc164b0ef36 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-145038.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-145038.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-145038.json b/shared-context/findings/hyperpolymath-hypatia/20260528-145038.json new file mode 100644 index 00000000..c1870f17 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-145038.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 8 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "5fae4da9feef43007b8786b1b6501dc164b0ef36", + "submitted_at": "2026-05-28T14:50:40Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 901f2261..c15cf4b8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-144232.json \ No newline at end of file +20260528-145038.json \ No newline at end of file From 68a9910dc4e30826f580f21df218f80a98e6184e Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 14:58:14 +0000 Subject: [PATCH 70/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 0b5f912dc9557f6cffb8004cfe4bb3c1772d3729 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-145813.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-145813.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-145813.json b/shared-context/findings/hyperpolymath-hypatia/20260528-145813.json new file mode 100644 index 00000000..e118fa08 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-145813.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 9 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0b5f912dc9557f6cffb8004cfe4bb3c1772d3729", + "submitted_at": "2026-05-28T14:58:14Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index c15cf4b8..fe7ae08d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-145038.json \ No newline at end of file +20260528-145813.json \ No newline at end of file From c1c2ff028d8768dee0fe38d3214b5da3e9437093 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:05:20 +0000 Subject: [PATCH 71/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 9007d8bbe07bb22fc230b058f4701f35b34e51a3 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-150519.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-150519.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-150519.json b/shared-context/findings/hyperpolymath-hypatia/20260528-150519.json new file mode 100644 index 00000000..a805e165 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-150519.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 10 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9007d8bbe07bb22fc230b058f4701f35b34e51a3", + "submitted_at": "2026-05-28T15:05:20Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index fe7ae08d..176a339d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-145813.json \ No newline at end of file +20260528-150519.json \ No newline at end of file From 45b3486c73b31e0ab6eff1edb62502517f8e3961 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:16:04 +0000 Subject: [PATCH 72/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 95e3c28937b43e7ce1147ebf1905ba106bd1c132 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-151602.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-151602.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-151602.json b/shared-context/findings/hyperpolymath-hypatia/20260528-151602.json new file mode 100644 index 00000000..4b5083eb --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-151602.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 11 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "95e3c28937b43e7ce1147ebf1905ba106bd1c132", + "submitted_at": "2026-05-28T15:16:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 176a339d..53f73b12 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-150519.json \ No newline at end of file +20260528-151602.json \ No newline at end of file From f2c929ac5bd5830d84197986aecd3e1e16d740a9 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:43:05 +0000 Subject: [PATCH 73/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: e246bec89d8e898475b16c9e3e4060d11ce2d141 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-154303.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-154303.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-154303.json b/shared-context/findings/hyperpolymath-hypatia/20260528-154303.json new file mode 100644 index 00000000..973cb4b1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-154303.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 10 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e246bec89d8e898475b16c9e3e4060d11ce2d141", + "submitted_at": "2026-05-28T15:43:05Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 53f73b12..d736af7e 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-151602.json \ No newline at end of file +20260528-154303.json \ No newline at end of file From 6b4d8c623f630644d9804f9fc7b1f41e52bbdcfc Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:43:11 +0000 Subject: [PATCH 74/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 9ed7a7ed3955bb2ff543ed873c5660f2613cf166 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-154309.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-154309.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-154309.json b/shared-context/findings/hyperpolymath-hypatia/20260528-154309.json new file mode 100644 index 00000000..eca9f1f4 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-154309.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 9 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9ed7a7ed3955bb2ff543ed873c5660f2613cf166", + "submitted_at": "2026-05-28T15:43:11Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index d736af7e..8262c6c3 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-154303.json \ No newline at end of file +20260528-154309.json \ No newline at end of file From d9a5293d47db54d591f26e0fe8778191eff94ce2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:43:35 +0000 Subject: [PATCH 75/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 09a907407c57d2101e08f44a61d296de0d673677 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-154333.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-154333.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-154333.json b/shared-context/findings/hyperpolymath-hypatia/20260528-154333.json new file mode 100644 index 00000000..7698aa89 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-154333.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 10 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "09a907407c57d2101e08f44a61d296de0d673677", + "submitted_at": "2026-05-28T15:43:35Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 8262c6c3..159580ca 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-154309.json \ No newline at end of file +20260528-154333.json \ No newline at end of file From 234d8e5396e3ad9c9dcb722b3b562021e74371c4 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:43:41 +0000 Subject: [PATCH 76/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 462e5d6064f4b7e105e2943984c1e01a771a1470 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-154338.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-154338.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-154338.json b/shared-context/findings/hyperpolymath-hypatia/20260528-154338.json new file mode 100644 index 00000000..bce20c14 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-154338.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 10 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "462e5d6064f4b7e105e2943984c1e01a771a1470", + "submitted_at": "2026-05-28T15:43:41Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 159580ca..902c1aa4 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-154333.json \ No newline at end of file +20260528-154338.json \ No newline at end of file From 072c13fcea876de54f6ab1db43ea6dc8dd0304a4 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:43:59 +0000 Subject: [PATCH 77/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 0eadab5d1028be829b333c3e7284bb95fd2efdcc Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-154358.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-154358.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-154358.json b/shared-context/findings/hyperpolymath-hypatia/20260528-154358.json new file mode 100644 index 00000000..8bd892c3 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-154358.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 10 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0eadab5d1028be829b333c3e7284bb95fd2efdcc", + "submitted_at": "2026-05-28T15:43:59Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 902c1aa4..c9716574 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-154338.json \ No newline at end of file +20260528-154358.json \ No newline at end of file From 0e5931ac4683b63c52958fc5023578f4f4ec31ef Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 15:44:55 +0000 Subject: [PATCH 78/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 5386aa8abe5df1e9a10fb8b96aa89f7a56a9818f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-154452.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-154452.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-154452.json b/shared-context/findings/hyperpolymath-hypatia/20260528-154452.json new file mode 100644 index 00000000..239d267f --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-154452.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 10 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "5386aa8abe5df1e9a10fb8b96aa89f7a56a9818f", + "submitted_at": "2026-05-28T15:44:54Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index c9716574..9ac82ee9 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-154358.json \ No newline at end of file +20260528-154452.json \ No newline at end of file From d911b0367606ce6591466518ef31868eb74b30f5 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 16:45:51 +0000 Subject: [PATCH 79/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: ec44d75123beca4951050523cd92144f9cf0c85e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-164549.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-164549.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-164549.json b/shared-context/findings/hyperpolymath-hypatia/20260528-164549.json new file mode 100644 index 00000000..7a4686f5 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-164549.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 8 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ec44d75123beca4951050523cd92144f9cf0c85e", + "submitted_at": "2026-05-28T16:45:51Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 9ac82ee9..66a76f26 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-154452.json \ No newline at end of file +20260528-164549.json \ No newline at end of file From df597a5bfa04d31a6f8133f3dd62b149a7b0758c Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 16:45:57 +0000 Subject: [PATCH 80/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 3dfe38de25e9034bb85e4ba16c0092be2db156b0 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-164555.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-164555.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-164555.json b/shared-context/findings/hyperpolymath-hypatia/20260528-164555.json new file mode 100644 index 00000000..edd5c988 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-164555.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 9 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3dfe38de25e9034bb85e4ba16c0092be2db156b0", + "submitted_at": "2026-05-28T16:45:56Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 66a76f26..6828fc94 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-164549.json \ No newline at end of file +20260528-164555.json \ No newline at end of file From f409a6511b72c6f8c0a15f79aee3989fbf96a9f7 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 16:50:03 +0000 Subject: [PATCH 81/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: c0d01a52b20dd563c536e60cd35e66846f340b07 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-165001.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-165001.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-165001.json b/shared-context/findings/hyperpolymath-hypatia/20260528-165001.json new file mode 100644 index 00000000..704f9733 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-165001.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 7 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c0d01a52b20dd563c536e60cd35e66846f340b07", + "submitted_at": "2026-05-28T16:50:02Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6828fc94..0a191d83 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-164555.json \ No newline at end of file +20260528-165001.json \ No newline at end of file From 89b65be8553590551e59de5190887b6f3b5cb7c9 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 16:50:32 +0000 Subject: [PATCH 82/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: e39662321bb3e23f488ec7ae36cf0d2809ca3c48 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-165030.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-165030.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-165030.json b/shared-context/findings/hyperpolymath-hypatia/20260528-165030.json new file mode 100644 index 00000000..ae2a3c3a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-165030.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 8 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e39662321bb3e23f488ec7ae36cf0d2809ca3c48", + "submitted_at": "2026-05-28T16:50:31Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 0a191d83..3b8187c8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-165001.json \ No newline at end of file +20260528-165030.json \ No newline at end of file From 90038e652e0fd1c8223199ee2b449cef63c3a415 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 18:33:37 +0000 Subject: [PATCH 83/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 2a2198d626a0013eb65319a5099bbf62604b94db Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-183335.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-183335.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-183335.json b/shared-context/findings/hyperpolymath-hypatia/20260528-183335.json new file mode 100644 index 00000000..58ce0435 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-183335.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "2a2198d626a0013eb65319a5099bbf62604b94db", + "submitted_at": "2026-05-28T18:33:37Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 3b8187c8..6d35b2ce 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-165030.json \ No newline at end of file +20260528-183335.json \ No newline at end of file From 4720be88d0c5d9c4d06686ab31581391c27ed14e Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 18:33:49 +0000 Subject: [PATCH 84/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: ef243fead2ae84fbd7addbbbe773c8e39fe77c0e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-183346.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-183346.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-183346.json b/shared-context/findings/hyperpolymath-hypatia/20260528-183346.json new file mode 100644 index 00000000..ae05ee20 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-183346.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 7 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ef243fead2ae84fbd7addbbbe773c8e39fe77c0e", + "submitted_at": "2026-05-28T18:33:49Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6d35b2ce..f2c74362 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-183335.json \ No newline at end of file +20260528-183346.json \ No newline at end of file From 96215d6ab7bdc2255d2bde97e08d27a72cdbc642 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 18:33:53 +0000 Subject: [PATCH 85/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 6bf6cf7bf1bb244127f4047a97a1c83e94ff05f3 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-183351.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-183351.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-183351.json b/shared-context/findings/hyperpolymath-hypatia/20260528-183351.json new file mode 100644 index 00000000..f894f411 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-183351.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 7 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "6bf6cf7bf1bb244127f4047a97a1c83e94ff05f3", + "submitted_at": "2026-05-28T18:33:52Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index f2c74362..d6561e86 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-183346.json \ No newline at end of file +20260528-183351.json \ No newline at end of file From 5340f796a5acd8755fda4434504a3566875b4c47 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 18:34:06 +0000 Subject: [PATCH 86/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 5a0f7fb35f126656c1f69fc87d08ecf811797b44 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-183403.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-183403.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-183403.json b/shared-context/findings/hyperpolymath-hypatia/20260528-183403.json new file mode 100644 index 00000000..4818978a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-183403.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 7 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "5a0f7fb35f126656c1f69fc87d08ecf811797b44", + "submitted_at": "2026-05-28T18:34:06Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index d6561e86..bfeee11d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-183351.json \ No newline at end of file +20260528-183403.json \ No newline at end of file From e7d299d41c43536f75b60c26f861d23901050ce2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 19:10:33 +0000 Subject: [PATCH 87/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 9b0875f2532eadb9e4f07219d8f8f175e4572c8a Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-191031.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-191031.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-191031.json b/shared-context/findings/hyperpolymath-hypatia/20260528-191031.json new file mode 100644 index 00000000..a709fe3d --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-191031.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9b0875f2532eadb9e4f07219d8f8f175e4572c8a", + "submitted_at": "2026-05-28T19:10:33Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index bfeee11d..afaa4449 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-183403.json \ No newline at end of file +20260528-191031.json \ No newline at end of file From 525650933f0632b133a84c2973552c04285cdabe Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 19:10:56 +0000 Subject: [PATCH 88/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: cb77b4ca70171b4292a05b9e1a78469f05cdb30a Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-191053.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-191053.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-191053.json b/shared-context/findings/hyperpolymath-hypatia/20260528-191053.json new file mode 100644 index 00000000..b910df3a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-191053.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "cb77b4ca70171b4292a05b9e1a78469f05cdb30a", + "submitted_at": "2026-05-28T19:10:56Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index afaa4449..cb9bbd4e 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-191031.json \ No newline at end of file +20260528-191053.json \ No newline at end of file From 66eb94456d287af7e0be1f888ffa60f6dcd0a9af Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:12:22 +0000 Subject: [PATCH 89/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 8e042e66fd59ad033b19d83727079228b78f910e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-201219.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-201219.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-201219.json b/shared-context/findings/hyperpolymath-hypatia/20260528-201219.json new file mode 100644 index 00000000..673bfa99 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-201219.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8e042e66fd59ad033b19d83727079228b78f910e", + "submitted_at": "2026-05-28T20:12:22Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index cb9bbd4e..a0585282 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-191053.json \ No newline at end of file +20260528-201219.json \ No newline at end of file From b96743400ea01ecabb103d06e116bbd0cdad8386 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:16:23 +0000 Subject: [PATCH 90/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 53c04850ecde52d20b68e171774e05249a181cfe Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-201621.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-201621.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-201621.json b/shared-context/findings/hyperpolymath-hypatia/20260528-201621.json new file mode 100644 index 00000000..86712573 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-201621.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "53c04850ecde52d20b68e171774e05249a181cfe", + "submitted_at": "2026-05-28T20:16:23Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index a0585282..14269d4c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-201219.json \ No newline at end of file +20260528-201621.json \ No newline at end of file From 3d433998b345002558702895f03f4e8f3c9ebd22 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:19:07 +0000 Subject: [PATCH 91/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: a2b1446291cf1ed5abd668d62c356cf267d628bf Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-201906.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-201906.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-201906.json b/shared-context/findings/hyperpolymath-hypatia/20260528-201906.json new file mode 100644 index 00000000..556ebbb2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-201906.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a2b1446291cf1ed5abd668d62c356cf267d628bf", + "submitted_at": "2026-05-28T20:19:07Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 14269d4c..92465345 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-201621.json \ No newline at end of file +20260528-201906.json \ No newline at end of file From a49ce6fa7c3f83d3ee38764d54c22e92f2f51f57 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:20:44 +0000 Subject: [PATCH 92/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 103 findings Commit: 8494494610ca71c8ae508fd879eda43a32053c2e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-202042.json | 834 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 835 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-202042.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-202042.json b/shared-context/findings/hyperpolymath-hypatia/20260528-202042.json new file mode 100644 index 00000000..b98c5c01 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-202042.json @@ -0,0 +1,834 @@ +{ + "findings": [ + { + "reason": "Action urin 21 JRE\n uses: actions/setup-java@be666c2fcd27 needs attention", + "type": "unpinned_action", + "file": "verify-proofs.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8494494610ca71c8ae508fd879eda43a32053c2e", + "submitted_at": "2026-05-28T20:20:43Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 92465345..5c2031ab 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-201906.json \ No newline at end of file +20260528-202042.json \ No newline at end of file From b239586270464ed15aa5c24e9161da907e6482c9 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:20:48 +0000 Subject: [PATCH 93/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 103 findings Commit: a5c471b031292b7d055eb05db21be24fc1b2471d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-202046.json | 834 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 835 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-202046.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-202046.json b/shared-context/findings/hyperpolymath-hypatia/20260528-202046.json new file mode 100644 index 00000000..f68e0c21 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-202046.json @@ -0,0 +1,834 @@ +{ + "findings": [ + { + "reason": "Action urin 21 JRE\n uses: actions/setup-java@be666c2fcd27 needs attention", + "type": "unpinned_action", + "file": "verify-proofs.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "rust.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a5c471b031292b7d055eb05db21be24fc1b2471d", + "submitted_at": "2026-05-28T20:20:48Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 5c2031ab..b341d70a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-202042.json \ No newline at end of file +20260528-202046.json \ No newline at end of file From bdbe2fb243d18fcb44fa6137fd4789fc7bb51d3c Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:24:32 +0000 Subject: [PATCH 94/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 103 findings Commit: 6b0a8589fd9a1f5cadfb5730b13fb7d39bca31d5 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-202430.json | 834 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 835 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-202430.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-202430.json b/shared-context/findings/hyperpolymath-hypatia/20260528-202430.json new file mode 100644 index 00000000..415aed08 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-202430.json @@ -0,0 +1,834 @@ +{ + "findings": [ + { + "reason": "Action urin 21 JRE\n uses: actions/setup-java@be666c2fcd27 needs attention", + "type": "unpinned_action", + "file": "verify-proofs.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "verify-proofs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "30 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "6b0a8589fd9a1f5cadfb5730b13fb7d39bca31d5", + "submitted_at": "2026-05-28T20:24:31Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index b341d70a..3226454d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-202046.json \ No newline at end of file +20260528-202430.json \ No newline at end of file From 5a8dd8266f3b2a16fc6e5fbc29c20d906017bbe1 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:28:22 +0000 Subject: [PATCH 95/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 102 findings Commit: 8e55097a89ffc00022b603f0df8187c2967bb835 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-202820.json | 826 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 827 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-202820.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-202820.json b/shared-context/findings/hyperpolymath-hypatia/20260528-202820.json new file mode 100644 index 00000000..5f6a5b78 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-202820.json @@ -0,0 +1,826 @@ +{ + "findings": [ + { + "reason": "Action urin 21 JRE\n uses: actions/setup-java@be666c2fcd27 needs attention", + "type": "unpinned_action", + "file": "verify-proofs.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 2 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "verify-proofs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "29 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8e55097a89ffc00022b603f0df8187c2967bb835", + "submitted_at": "2026-05-28T20:28:22Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 3226454d..0a50f013 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-202430.json \ No newline at end of file +20260528-202820.json \ No newline at end of file From 3e05f3acc864df3905251e91d799e1e956077820 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 20:33:57 +0000 Subject: [PATCH 96/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 101 findings Commit: 12fc455d38dfde040417d23bed569b9ad58bb1c9 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-203355.json | 818 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 819 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-203355.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-203355.json b/shared-context/findings/hyperpolymath-hypatia/20260528-203355.json new file mode 100644 index 00000000..daa4d33a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-203355.json @@ -0,0 +1,818 @@ +{ + "findings": [ + { + "reason": "Action urin 21 JRE\n uses: actions/setup-java@be666c2fcd27 needs attention", + "type": "unpinned_action", + "file": "verify-proofs.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "verify-proofs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 0 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "29 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "12fc455d38dfde040417d23bed569b9ad58bb1c9", + "submitted_at": "2026-05-28T20:33:57Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 0a50f013..add0ccef 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-202820.json \ No newline at end of file +20260528-203355.json \ No newline at end of file From d554939c41074aa20797e97aba9a9943a5b4dd97 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 28 May 2026 23:49:40 +0000 Subject: [PATCH 97/97] findings: hyperpolymath/hypatia @ 2026-05-28 Submitted: 101 findings Commit: 55e87455fe7bcb1bb1734266d673698418769749 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260528-234939.json | 818 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 819 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260528-234939.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260528-234939.json b/shared-context/findings/hyperpolymath-hypatia/20260528-234939.json new file mode 100644 index 00000000..fedbd14f --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260528-234939.json @@ -0,0 +1,818 @@ +{ + "findings": [ + { + "reason": "Action urin 21 JRE\n uses: actions/setup-java@be666c2fcd27 needs attention", + "type": "unpinned_action", + "file": "verify-proofs.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in ci.yml", + "type": "unknown", + "file": "ci.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in clusterfuzzlite.yml", + "type": "unknown", + "file": "clusterfuzzlite.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "unknown", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dependabot-automerge.yml", + "type": "unknown", + "file": "dependabot-automerge.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in dogfood-gate.yml", + "type": "unknown", + "file": "dogfood-gate.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in governance.yml", + "type": "unknown", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "unknown", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in language-blockers.yml", + "type": "unknown", + "file": "language-blockers.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "unknown", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in quality.yml", + "type": "unknown", + "file": "quality.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in release.yml", + "type": "unknown", + "file": "release.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in rust.yml", + "type": "unknown", + "file": "rust.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "unknown", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "unknown", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in security-policy.yml", + "type": "unknown", + "file": "security-policy.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in tests.yml", + "type": "unknown", + "file": "tests.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "verify-proofs.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "tests.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "security-policy.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unknown -- Hypatia workflow_audit: unknown -- 1 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "29 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "55e87455fe7bcb1bb1734266d673698418769749", + "submitted_at": "2026-05-28T23:49:40Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index add0ccef..2f95f451 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260528-203355.json \ No newline at end of file +20260528-234939.json \ No newline at end of file