From 4b4e6a072fc941a33a00c05f0512ad6bf37d3980 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 13:11:46 +0000 Subject: [PATCH 01/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 54 findings Commit: 682c70090fefaed9cc79b5504257abe996b10b8d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-131145.json | 442 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 443 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-131145.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-131145.json b/shared-context/findings/hyperpolymath-hypatia/20260613-131145.json new file mode 100644 index 00000000..56f87d2c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-131145.json @@ -0,0 +1,442 @@ +{ + "findings": [ + { + "reason": "Issue in governance.yml", + "type": "missing_timeout_minutes", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "missing_timeout_minutes", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "missing_timeout_minutes", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "missing_timeout_minutes", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "missing_timeout_minutes", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "mirror.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "hypatia-scan.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "governance.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "26 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "682c70090fefaed9cc79b5504257abe996b10b8d", + "submitted_at": "2026-06-13T13:11:46Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 36e21b36..462886ef 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260612-225823.json \ No newline at end of file +20260613-131145.json \ No newline at end of file From 8d42814117e16dbbfd308ed450bf4813847ec65b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 13:13:50 +0000 Subject: [PATCH 02/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 54 findings Commit: 72946dc3d8259257874973f2714ce4e2057f273c Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-131348.json | 442 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 443 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-131348.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-131348.json b/shared-context/findings/hyperpolymath-hypatia/20260613-131348.json new file mode 100644 index 00000000..a1b9642e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-131348.json @@ -0,0 +1,442 @@ +{ + "findings": [ + { + "reason": "Issue in governance.yml", + "type": "missing_timeout_minutes", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "missing_timeout_minutes", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "missing_timeout_minutes", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "missing_timeout_minutes", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "missing_timeout_minutes", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "mirror.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "hypatia-scan.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "governance.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "26 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "72946dc3d8259257874973f2714ce4e2057f273c", + "submitted_at": "2026-06-13T13:13:50Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 462886ef..b20ee97e 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-131145.json \ No newline at end of file +20260613-131348.json \ No newline at end of file From 3f0239ea7e74c8c416961ba1aa1b9784da542bc1 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:05:17 +0000 Subject: [PATCH 03/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 54 findings Commit: dac40d146856cb4a91e77ca789b081bcabdb6a56 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-140516.json | 442 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 443 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-140516.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-140516.json b/shared-context/findings/hyperpolymath-hypatia/20260613-140516.json new file mode 100644 index 00000000..3520a467 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-140516.json @@ -0,0 +1,442 @@ +{ + "findings": [ + { + "reason": "Issue in governance.yml", + "type": "missing_timeout_minutes", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "missing_timeout_minutes", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "missing_timeout_minutes", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "missing_timeout_minutes", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "missing_timeout_minutes", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "mirror.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "hypatia-scan.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "governance.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "26 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "dac40d146856cb4a91e77ca789b081bcabdb6a56", + "submitted_at": "2026-06-13T14:05:17Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index b20ee97e..83d012dc 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-131348.json \ No newline at end of file +20260613-140516.json \ No newline at end of file From 57fe047480f93912985ec5e2925bb5df92313733 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:09:36 +0000 Subject: [PATCH 04/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 54 findings Commit: 2f458f3b9ebd0b5c9ff3351ee83ba201895ef594 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-140934.json | 442 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 443 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-140934.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-140934.json b/shared-context/findings/hyperpolymath-hypatia/20260613-140934.json new file mode 100644 index 00000000..0094feb1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-140934.json @@ -0,0 +1,442 @@ +{ + "findings": [ + { + "reason": "Issue in governance.yml", + "type": "missing_timeout_minutes", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "missing_timeout_minutes", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "missing_timeout_minutes", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "missing_timeout_minutes", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "missing_timeout_minutes", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "mirror.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "hypatia-scan.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "governance.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "26 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "2f458f3b9ebd0b5c9ff3351ee83ba201895ef594", + "submitted_at": "2026-06-13T14:09:36Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 83d012dc..1667bd70 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-140516.json \ No newline at end of file +20260613-140934.json \ No newline at end of file From 30d8a0e0edbf497b511500fe2de4a2c529951e51 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:16:42 +0000 Subject: [PATCH 05/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 54 findings Commit: 9b170f39905beb644fcd315435d4aa27f33cba77 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-141640.json | 442 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 443 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-141640.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-141640.json b/shared-context/findings/hyperpolymath-hypatia/20260613-141640.json new file mode 100644 index 00000000..23567912 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-141640.json @@ -0,0 +1,442 @@ +{ + "findings": [ + { + "reason": "Issue in governance.yml", + "type": "missing_timeout_minutes", + "file": "governance.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in hypatia-scan.yml", + "type": "missing_timeout_minutes", + "file": "hypatia-scan.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in mirror.yml", + "type": "missing_timeout_minutes", + "file": "mirror.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in scorecard.yml", + "type": "missing_timeout_minutes", + "file": "scorecard.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in secret-scanner.yml", + "type": "missing_timeout_minutes", + "file": "secret-scanner.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "mirror.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "hypatia-scan.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "governance.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "26 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9b170f39905beb644fcd315435d4aa27f33cba77", + "submitted_at": "2026-06-13T14:16:41Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 1667bd70..27d0d9b8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-140934.json \ No newline at end of file +20260613-141640.json \ No newline at end of file From 29764698dc1d7c4b6360378c9ea7e9161c21631e Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:26:14 +0000 Subject: [PATCH 06/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 49 findings Commit: f53f5efe44d3f8d8fa404be8725297222100c3dd Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-142611.json | 402 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 403 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-142611.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-142611.json b/shared-context/findings/hyperpolymath-hypatia/20260613-142611.json new file mode 100644 index 00000000..76fa1ea1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-142611.json @@ -0,0 +1,402 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "secret-scanner.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "scorecard.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "mirror.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "hypatia-scan.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 13 day(s) old", + "type": "CSA001", + "file": "governance.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "26 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "f53f5efe44d3f8d8fa404be8725297222100c3dd", + "submitted_at": "2026-06-13T14:26:14Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 27d0d9b8..dfdd2e08 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-141640.json \ No newline at end of file +20260613-142611.json \ No newline at end of file From 66ee2cac1e8ae391ebed52feceaf860eeb9e8ad8 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:26:28 +0000 Subject: [PATCH 07/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: ec552be432a8db33ec349d590177e3b2ec9bd0d1 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-142626.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-142626.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-142626.json b/shared-context/findings/hyperpolymath-hypatia/20260613-142626.json new file mode 100644 index 00000000..da066ca7 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-142626.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ec552be432a8db33ec349d590177e3b2ec9bd0d1", + "submitted_at": "2026-06-13T14:26:28Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index dfdd2e08..ae336f69 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-142611.json \ No newline at end of file +20260613-142626.json \ No newline at end of file From edd4f27bc995ed08d0dcc767b9083b31e68dd508 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:31:45 +0000 Subject: [PATCH 08/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: d7b1ca7218a80d303f9f5e52202505a82c886cea Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-143144.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-143144.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-143144.json b/shared-context/findings/hyperpolymath-hypatia/20260613-143144.json new file mode 100644 index 00000000..485a9ea2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-143144.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d7b1ca7218a80d303f9f5e52202505a82c886cea", + "submitted_at": "2026-06-13T14:31:45Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index ae336f69..06ae873a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-142626.json \ No newline at end of file +20260613-143144.json \ No newline at end of file From c295bfb1d0a189db3ecd282f8e8219a198b00d0f Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:45:01 +0000 Subject: [PATCH 09/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 2aea4d44ceb75ede3a71d1e4c982c7762b585498 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-144459.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-144459.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-144459.json b/shared-context/findings/hyperpolymath-hypatia/20260613-144459.json new file mode 100644 index 00000000..00b42af6 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-144459.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "2aea4d44ceb75ede3a71d1e4c982c7762b585498", + "submitted_at": "2026-06-13T14:45:01Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 06ae873a..066af225 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-143144.json \ No newline at end of file +20260613-144459.json \ No newline at end of file From ad5496c1a5ea655d5e777b8f26ef27e17cc891f5 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:46:56 +0000 Subject: [PATCH 10/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 47 findings Commit: b9d8a97428698bd8877d116ae2c20eb438453046 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-144655.json | 388 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 389 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-144655.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-144655.json b/shared-context/findings/hyperpolymath-hypatia/20260613-144655.json new file mode 100644 index 00000000..5d5cf537 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-144655.json @@ -0,0 +1,388 @@ +{ + "findings": [ + { + "reason": "Action actions/add-to-project@v1.0.2 needs attention", + "type": "unpinned_action", + "file": "add-to-roadmap.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in hypatia", + "type": "DependencyPinning", + "file": "/home/runner/work/hypatia/hypatia", + "action": "auto_fix", + "rule_module": "scorecard", + "severity": "medium", + "remediation": "Pin GitHub Actions and Docker base images by SHA hash.", + "scorecard_check": "Pinned-Dependencies" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "b9d8a97428698bd8877d116ae2c20eb438453046", + "submitted_at": "2026-06-13T14:46:56Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 066af225..2c957e9e 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-144459.json \ No newline at end of file +20260613-144655.json \ No newline at end of file From 43debdbe412e6a29befdf0900ff2e22d85c28c82 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:52:03 +0000 Subject: [PATCH 11/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 7cf804b81d9a479d73e19f25ce9d633ec7f680bc Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-145200.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-145200.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-145200.json b/shared-context/findings/hyperpolymath-hypatia/20260613-145200.json new file mode 100644 index 00000000..63307974 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-145200.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "7cf804b81d9a479d73e19f25ce9d633ec7f680bc", + "submitted_at": "2026-06-13T14:52:02Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2c957e9e..e004f5a8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-144655.json \ No newline at end of file +20260613-145200.json \ No newline at end of file From a0d79e9188112bdd6b3e07ebc4e74c102e7c14f6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:53:37 +0000 Subject: [PATCH 12/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: c0dc00581791fa82dea87a6bff475cde7e3e8a78 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-145336.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-145336.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-145336.json b/shared-context/findings/hyperpolymath-hypatia/20260613-145336.json new file mode 100644 index 00000000..9258b70f --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-145336.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c0dc00581791fa82dea87a6bff475cde7e3e8a78", + "submitted_at": "2026-06-13T14:53:37Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index e004f5a8..4ea29ca2 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-145200.json \ No newline at end of file +20260613-145336.json \ No newline at end of file From d1742b347750db3a51debc820d3a034454904294 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 14:54:07 +0000 Subject: [PATCH 13/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 47 findings Commit: ed5267fca6e089dab9973eba2095042d74cf8014 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-145406.json | 388 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 389 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-145406.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-145406.json b/shared-context/findings/hyperpolymath-hypatia/20260613-145406.json new file mode 100644 index 00000000..3034bdde --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-145406.json @@ -0,0 +1,388 @@ +{ + "findings": [ + { + "reason": "Action actions/add-to-project@v1.0.2 needs attention", + "type": "unpinned_action", + "file": "add-to-roadmap.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in hypatia", + "type": "DependencyPinning", + "file": "/home/runner/work/hypatia/hypatia", + "action": "auto_fix", + "rule_module": "scorecard", + "severity": "medium", + "remediation": "Pin GitHub Actions and Docker base images by SHA hash.", + "scorecard_check": "Pinned-Dependencies" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ed5267fca6e089dab9973eba2095042d74cf8014", + "submitted_at": "2026-06-13T14:54:07Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 4ea29ca2..bf639e30 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-145336.json \ No newline at end of file +20260613-145406.json \ No newline at end of file From 73525d3672046f5401f443f8121c84ecc3677e3b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 15:05:03 +0000 Subject: [PATCH 14/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 0988aa4507f02205e27918225bd76e76c6c8d938 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-150502.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-150502.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-150502.json b/shared-context/findings/hyperpolymath-hypatia/20260613-150502.json new file mode 100644 index 00000000..5f0a852d --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-150502.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0988aa4507f02205e27918225bd76e76c6c8d938", + "submitted_at": "2026-06-13T15:05:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index bf639e30..f49cc087 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-145406.json \ No newline at end of file +20260613-150502.json \ No newline at end of file From fac11ede4b37ac52e7d9a3ff6adfdf3eaa43ea46 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 15:18:08 +0000 Subject: [PATCH 15/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 78479983c8842208d88f6df456891c75d4265ff5 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-151807.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-151807.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-151807.json b/shared-context/findings/hyperpolymath-hypatia/20260613-151807.json new file mode 100644 index 00000000..09aaf09e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-151807.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "78479983c8842208d88f6df456891c75d4265ff5", + "submitted_at": "2026-06-13T15:18:08Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index f49cc087..3dd4fd4d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-150502.json \ No newline at end of file +20260613-151807.json \ No newline at end of file From 8ec5ce65b373b19ca1ec6328b7f0445f66c4fe2b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 15:33:15 +0000 Subject: [PATCH 16/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 213d4c14767f13a74ca09e853d8ae0d8e8ca432e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-153313.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-153313.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-153313.json b/shared-context/findings/hyperpolymath-hypatia/20260613-153313.json new file mode 100644 index 00000000..87a76a6c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-153313.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "213d4c14767f13a74ca09e853d8ae0d8e8ca432e", + "submitted_at": "2026-06-13T15:33:15Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 3dd4fd4d..83553e6b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-151807.json \ No newline at end of file +20260613-153313.json \ No newline at end of file From 73212d0bb6219b025b463d1d70ea51eac8c75fd0 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 15:38:28 +0000 Subject: [PATCH 17/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 759a789661e872cf0fe1e70fcf585f700f225dd7 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-153827.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-153827.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-153827.json b/shared-context/findings/hyperpolymath-hypatia/20260613-153827.json new file mode 100644 index 00000000..18933d4b --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-153827.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "759a789661e872cf0fe1e70fcf585f700f225dd7", + "submitted_at": "2026-06-13T15:38:28Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 83553e6b..f8d8fd12 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-153313.json \ No newline at end of file +20260613-153827.json \ No newline at end of file From 5c4c77d43b9c70991fd963078bdc79828fbf645b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 16:26:42 +0000 Subject: [PATCH 18/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: de87243a661aa32af6874c9f78e1984567c9b7ce Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-162640.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-162640.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-162640.json b/shared-context/findings/hyperpolymath-hypatia/20260613-162640.json new file mode 100644 index 00000000..9e815fc1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-162640.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "de87243a661aa32af6874c9f78e1984567c9b7ce", + "submitted_at": "2026-06-13T16:26:42Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index f8d8fd12..1ba0a238 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-153827.json \ No newline at end of file +20260613-162640.json \ No newline at end of file From f8c6f9f72fce50798ef6720daea73c2042414887 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 16:27:47 +0000 Subject: [PATCH 19/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 79e356dda25a65007ab0255bd187c4fa5af5f940 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-162745.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-162745.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-162745.json b/shared-context/findings/hyperpolymath-hypatia/20260613-162745.json new file mode 100644 index 00000000..0280e066 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-162745.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "79e356dda25a65007ab0255bd187c4fa5af5f940", + "submitted_at": "2026-06-13T16:27:47Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 1ba0a238..204c0136 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-162640.json \ No newline at end of file +20260613-162745.json \ No newline at end of file From ab590b2f86d3aaf5721bfd2f30ea9225c3636cea Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 16:37:24 +0000 Subject: [PATCH 20/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 47 findings Commit: 4eb47b78ccf358da10679c52e4362ba62b18c0da Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-163722.json | 388 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 389 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-163722.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-163722.json b/shared-context/findings/hyperpolymath-hypatia/20260613-163722.json new file mode 100644 index 00000000..aeca5f2e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-163722.json @@ -0,0 +1,388 @@ +{ + "findings": [ + { + "reason": "Action actions/add-to-project@v1.0.2 needs attention", + "type": "unpinned_action", + "file": "add-to-roadmap.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in hypatia", + "type": "DependencyPinning", + "file": "/home/runner/work/hypatia/hypatia", + "action": "auto_fix", + "rule_module": "scorecard", + "severity": "medium", + "remediation": "Pin GitHub Actions and Docker base images by SHA hash.", + "scorecard_check": "Pinned-Dependencies" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "4eb47b78ccf358da10679c52e4362ba62b18c0da", + "submitted_at": "2026-06-13T16:37:23Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 204c0136..ea5aff1c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-162745.json \ No newline at end of file +20260613-163722.json \ No newline at end of file From bb2d9bfc72e636d23930831deddfb82727fe16c3 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 16:42:30 +0000 Subject: [PATCH 21/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: c557cb7dd1aa76bb9fd750496a941833f81c143e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-164229.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-164229.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-164229.json b/shared-context/findings/hyperpolymath-hypatia/20260613-164229.json new file mode 100644 index 00000000..fc2b3106 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-164229.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c557cb7dd1aa76bb9fd750496a941833f81c143e", + "submitted_at": "2026-06-13T16:42:30Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index ea5aff1c..add2145a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-163722.json \ No newline at end of file +20260613-164229.json \ No newline at end of file From 7cffc8d9fded06e1f8eec2a1f2e68a68859e5cbf Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 17:03:53 +0000 Subject: [PATCH 22/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 47 findings Commit: c768fcafda85f556a3b33ab753e95f00eb84cc85 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-170352.json | 388 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 389 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-170352.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-170352.json b/shared-context/findings/hyperpolymath-hypatia/20260613-170352.json new file mode 100644 index 00000000..81b00594 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-170352.json @@ -0,0 +1,388 @@ +{ + "findings": [ + { + "reason": "Action actions/add-to-project@v1.0.2 needs attention", + "type": "unpinned_action", + "file": "add-to-roadmap.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in hypatia", + "type": "DependencyPinning", + "file": "/home/runner/work/hypatia/hypatia", + "action": "auto_fix", + "rule_module": "scorecard", + "severity": "medium", + "remediation": "Pin GitHub Actions and Docker base images by SHA hash.", + "scorecard_check": "Pinned-Dependencies" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c768fcafda85f556a3b33ab753e95f00eb84cc85", + "submitted_at": "2026-06-13T17:03:53Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index add2145a..9d6e2c8f 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-164229.json \ No newline at end of file +20260613-170352.json \ No newline at end of file From 66eee6a2ef8601aa591af2fbc0e0f146cba25584 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 17:04:04 +0000 Subject: [PATCH 23/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 76241bd3c775bcd40b0117946cd99af63576d885 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-170402.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-170402.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-170402.json b/shared-context/findings/hyperpolymath-hypatia/20260613-170402.json new file mode 100644 index 00000000..f505f911 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-170402.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 6 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "76241bd3c775bcd40b0117946cd99af63576d885", + "submitted_at": "2026-06-13T17:04:04Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 9d6e2c8f..3c53c02d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-170352.json \ No newline at end of file +20260613-170402.json \ No newline at end of file From c6c90c425637695d3184ba5de4f4484574d49542 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 17:06:45 +0000 Subject: [PATCH 24/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 47 findings Commit: 5168aac6cdfef42058ad56b5844222e0e85cc05a Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-170643.json | 388 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 389 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-170643.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-170643.json b/shared-context/findings/hyperpolymath-hypatia/20260613-170643.json new file mode 100644 index 00000000..5c63738b --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-170643.json @@ -0,0 +1,388 @@ +{ + "findings": [ + { + "reason": "Action actions/add-to-project@v1.0.2 needs attention", + "type": "unpinned_action", + "file": "add-to-roadmap.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in codeql.yml", + "type": "codeql_missing_actions_language", + "file": "codeql.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in hypatia", + "type": "DependencyPinning", + "file": "/home/runner/work/hypatia/hypatia", + "action": "auto_fix", + "rule_module": "scorecard", + "severity": "medium", + "remediation": "Pin GitHub Actions and Docker base images by SHA hash.", + "scorecard_check": "Pinned-Dependencies" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "5168aac6cdfef42058ad56b5844222e0e85cc05a", + "submitted_at": "2026-06-13T17:06:44Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 3c53c02d..9ca0b054 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-170402.json \ No newline at end of file +20260613-170643.json \ No newline at end of file From fe9aa321d76bc5a89214655c4e8e35009105e9dc Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 17:45:01 +0000 Subject: [PATCH 25/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 48 findings Commit: bd9cc6bb86018c6c8586e7244fa1649e0835cc8e Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-174458.json | 396 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 397 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-174458.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-174458.json b/shared-context/findings/hyperpolymath-hypatia/20260613-174458.json new file mode 100644 index 00000000..71c9ac66 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-174458.json @@ -0,0 +1,396 @@ +{ + "findings": [ + { + "reason": "Action actions/add-to-project@v1.0.2 needs attention", + "type": "unpinned_action", + "file": "add-to-roadmap.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in hypatia", + "type": "DependencyPinning", + "file": "/home/runner/work/hypatia/hypatia", + "action": "auto_fix", + "rule_module": "scorecard", + "severity": "medium", + "remediation": "Pin GitHub Actions and Docker base images by SHA hash.", + "scorecard_check": "Pinned-Dependencies" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "23 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "bd9cc6bb86018c6c8586e7244fa1649e0835cc8e", + "submitted_at": "2026-06-13T17:45:00Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 9ca0b054..113a2ae8 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-170643.json \ No newline at end of file +20260613-174458.json \ No newline at end of file From dafe8bf9d19bf1b244ecb78c483fb5a23cf94ea6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 17:47:29 +0000 Subject: [PATCH 26/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 48 findings Commit: fe88a689258cbbcb18597277c09fd68d703a48ee Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-174728.json | 396 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 397 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-174728.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-174728.json b/shared-context/findings/hyperpolymath-hypatia/20260613-174728.json new file mode 100644 index 00000000..265e7d87 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-174728.json @@ -0,0 +1,396 @@ +{ + "findings": [ + { + "reason": "Action actions/add-to-project@v1.0.2 needs attention", + "type": "unpinned_action", + "file": "add-to-roadmap.yml", + "action": "pin_sha", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "1 workflow(s) with tag-pinned (not SHA-pinned) actions in hypatia", + "type": "DependencyPinning", + "file": "/home/runner/work/hypatia/hypatia", + "action": "auto_fix", + "rule_module": "scorecard", + "severity": "medium", + "remediation": "Pin GitHub Actions and Docker base images by SHA hash.", + "scorecard_check": "Pinned-Dependencies" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/codeql_missing_actions_language -- Hypatia workflow_audit: codeql_missing_actions_language -- 13 day(s) old", + "type": "CSA001", + "file": "codeql.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "23 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "fe88a689258cbbcb18597277c09fd68d703a48ee", + "submitted_at": "2026-06-13T17:47:29Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 113a2ae8..bf6cb8d4 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-174458.json \ No newline at end of file +20260613-174728.json \ No newline at end of file From 243a246ab0e1bf86ec7ffc6f2fe8545fa925d7d7 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 18:00:30 +0000 Subject: [PATCH 27/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 45 findings Commit: e47f8ae51fe4081e444d3b31519a8a2603d8b8e1 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-180029.json | 370 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 371 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-180029.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-180029.json b/shared-context/findings/hyperpolymath-hypatia/20260613-180029.json new file mode 100644 index 00000000..3cff71b7 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-180029.json @@ -0,0 +1,370 @@ +{ + "findings": [ + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "22 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e47f8ae51fe4081e444d3b31519a8a2603d8b8e1", + "submitted_at": "2026-06-13T18:00:30Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index bf6cb8d4..f9d35cd3 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-174728.json \ No newline at end of file +20260613-180029.json \ No newline at end of file From 4943b9debe44e8bd51e9b963ab50c3d232a2a7f6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 19:00:19 +0000 Subject: [PATCH 28/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 45 findings Commit: d042f7eedf35cc410beb139e45e7be212881fd54 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-190017.json | 370 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 371 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-190017.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-190017.json b/shared-context/findings/hyperpolymath-hypatia/20260613-190017.json new file mode 100644 index 00000000..0a741ad4 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-190017.json @@ -0,0 +1,370 @@ +{ + "findings": [ + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/unpinned_action -- Hypatia workflow_audit: unpinned_action -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "22 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d042f7eedf35cc410beb139e45e7be212881fd54", + "submitted_at": "2026-06-13T19:00:19Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index f9d35cd3..8530d95d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-180029.json \ No newline at end of file +20260613-190017.json \ No newline at end of file From ec07bbbc7cc6ca3ca87467987b8ae9efe5fe3815 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 19:11:29 +0000 Subject: [PATCH 29/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 8cbd0810d258b23f7d0faaaab97cbf8669e76cbc Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-191128.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-191128.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-191128.json b/shared-context/findings/hyperpolymath-hypatia/20260613-191128.json new file mode 100644 index 00000000..c521bf83 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-191128.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8cbd0810d258b23f7d0faaaab97cbf8669e76cbc", + "submitted_at": "2026-06-13T19:11:29Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 8530d95d..bceb745b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-190017.json \ No newline at end of file +20260613-191128.json \ No newline at end of file From 0354ac17a58a97141c2a4cce2000f5b4335ed639 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 19:14:07 +0000 Subject: [PATCH 30/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: d985e57d276e33d10e2f65c86f0e50c19c0ff60d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-191406.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-191406.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-191406.json b/shared-context/findings/hyperpolymath-hypatia/20260613-191406.json new file mode 100644 index 00000000..cc99f87c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-191406.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 10 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d985e57d276e33d10e2f65c86f0e50c19c0ff60d", + "submitted_at": "2026-06-13T19:14:07Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index bceb745b..2d2f373e 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-191128.json \ No newline at end of file +20260613-191406.json \ No newline at end of file From 055b49a36dde1f0ea079bd428882e9d8a658e861 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 20:04:49 +0000 Subject: [PATCH 31/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 141a2a376b9f89d7564b963791fb608c1c4bce2f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-200448.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-200448.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-200448.json b/shared-context/findings/hyperpolymath-hypatia/20260613-200448.json new file mode 100644 index 00000000..a97e0fc7 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-200448.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "141a2a376b9f89d7564b963791fb608c1c4bce2f", + "submitted_at": "2026-06-13T20:04:49Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2d2f373e..a0c99d2d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-191406.json \ No newline at end of file +20260613-200448.json \ No newline at end of file From 062b5bbbc4a06dec2564eebfe33f978da7a7b459 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 20:29:05 +0000 Subject: [PATCH 32/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 877a5301287b43221dba6c2ac72ff56bb07db069 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-202903.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-202903.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-202903.json b/shared-context/findings/hyperpolymath-hypatia/20260613-202903.json new file mode 100644 index 00000000..86a75283 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-202903.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "877a5301287b43221dba6c2ac72ff56bb07db069", + "submitted_at": "2026-06-13T20:29:05Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index a0c99d2d..8fc1fb43 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-200448.json \ No newline at end of file +20260613-202903.json \ No newline at end of file From cc9460a93c96b83738c6f820cb438950319b534e Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 20:30:42 +0000 Subject: [PATCH 33/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 44 findings Commit: 4f98373186afd7249dbd7ded457edbb80959b8f9 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-203040.json | 362 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 363 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-203040.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-203040.json b/shared-context/findings/hyperpolymath-hypatia/20260613-203040.json new file mode 100644 index 00000000..76d6ba49 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-203040.json @@ -0,0 +1,362 @@ +{ + "findings": [ + { + "reason": "Issue in add-to-roadmap.yml", + "type": "missing_timeout_minutes", + "file": "add-to-roadmap.yml", + "action": "flag", + "rule_module": "workflow_audit", + "severity": "medium" + }, + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "4f98373186afd7249dbd7ded457edbb80959b8f9", + "submitted_at": "2026-06-13T20:30:42Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 8fc1fb43..75156489 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-202903.json \ No newline at end of file +20260613-203040.json \ No newline at end of file From 08b1e6342e1e135d8490512e0559ad1433d74d4d Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 23:46:53 +0000 Subject: [PATCH 34/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 43 findings Commit: e739f58a45e03776a56a21dbab9e9b61892fafb1 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-234652.json | 354 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 355 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-234652.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-234652.json b/shared-context/findings/hyperpolymath-hypatia/20260613-234652.json new file mode 100644 index 00000000..583d9126 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-234652.json @@ -0,0 +1,354 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e739f58a45e03776a56a21dbab9e9b61892fafb1", + "submitted_at": "2026-06-13T23:46:53Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 75156489..6afb237f 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-203040.json \ No newline at end of file +20260613-234652.json \ No newline at end of file From 6b7a6db6f93ee6f60e4f31ee604cbc83af03b528 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sat, 13 Jun 2026 23:50:28 +0000 Subject: [PATCH 35/87] findings: hyperpolymath/hypatia @ 2026-06-13 Submitted: 43 findings Commit: 0a1bb3475415fb5f39944326b4830ff99d10e195 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260613-235026.json | 354 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 355 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260613-235026.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260613-235026.json b/shared-context/findings/hyperpolymath-hypatia/20260613-235026.json new file mode 100644 index 00000000..c1b876d1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260613-235026.json @@ -0,0 +1,354 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/workflow_audit/missing_timeout_minutes -- Hypatia workflow_audit: missing_timeout_minutes -- 0 day(s) old", + "type": "CSA001", + "file": "add-to-roadmap.yml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "21 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0a1bb3475415fb5f39944326b4830ff99d10e195", + "submitted_at": "2026-06-13T23:50:28Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6afb237f..c8357f20 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-234652.json \ No newline at end of file +20260613-235026.json \ No newline at end of file From 6d03ee48c0a3432ae76c8f7c9c59b247721ca2c8 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 02:48:41 +0000 Subject: [PATCH 36/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 9d3a8a4d84ee2cea6f9d8fb113e86f8ded666244 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-024840.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-024840.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-024840.json b/shared-context/findings/hyperpolymath-hypatia/20260614-024840.json new file mode 100644 index 00000000..5e34cd36 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-024840.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9d3a8a4d84ee2cea6f9d8fb113e86f8ded666244", + "submitted_at": "2026-06-14T02:48:41Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index c8357f20..b3173273 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260613-235026.json \ No newline at end of file +20260614-024840.json \ No newline at end of file From 9c2d3127e58dea2d624e8b5c61a5230ce7ea815b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 02:49:49 +0000 Subject: [PATCH 37/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: a22daea46b038353458585b6e2c0d627ddfeee2a Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-024948.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-024948.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-024948.json b/shared-context/findings/hyperpolymath-hypatia/20260614-024948.json new file mode 100644 index 00000000..8c950876 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-024948.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a22daea46b038353458585b6e2c0d627ddfeee2a", + "submitted_at": "2026-06-14T02:49:49Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index b3173273..6864f79b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-024840.json \ No newline at end of file +20260614-024948.json \ No newline at end of file From 6ab0ffb0096f3db19fdb82c73236985935725740 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 03:15:28 +0000 Subject: [PATCH 38/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 2c7a0601f89a8106acd2e91b828e86f833f25a64 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-031526.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-031526.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-031526.json b/shared-context/findings/hyperpolymath-hypatia/20260614-031526.json new file mode 100644 index 00000000..a33e282e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-031526.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "2c7a0601f89a8106acd2e91b828e86f833f25a64", + "submitted_at": "2026-06-14T03:15:28Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6864f79b..e5cf53a3 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-024948.json \ No newline at end of file +20260614-031526.json \ No newline at end of file From 88850a01cdb18fcc315c0d02d2f15411e2e38485 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 03:20:59 +0000 Subject: [PATCH 39/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: ab27fadd926fafae8022308a5e5f619ad68f27ed Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-032057.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-032057.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-032057.json b/shared-context/findings/hyperpolymath-hypatia/20260614-032057.json new file mode 100644 index 00000000..4fd72484 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-032057.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "ab27fadd926fafae8022308a5e5f619ad68f27ed", + "submitted_at": "2026-06-14T03:20:59Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index e5cf53a3..dc1fcbd0 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-031526.json \ No newline at end of file +20260614-032057.json \ No newline at end of file From d6f5f038f8283bc070452dc2de7e1258412d617c Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 03:26:00 +0000 Subject: [PATCH 40/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 6fa58df54223ee32f49c8667815c77d8975be808 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-032558.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-032558.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-032558.json b/shared-context/findings/hyperpolymath-hypatia/20260614-032558.json new file mode 100644 index 00000000..1f4cee95 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-032558.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "6fa58df54223ee32f49c8667815c77d8975be808", + "submitted_at": "2026-06-14T03:26:00Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index dc1fcbd0..51d4ae13 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-032057.json \ No newline at end of file +20260614-032558.json \ No newline at end of file From d00129eaa11c50bf2f883b61b3e90a391283b776 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 03:51:34 +0000 Subject: [PATCH 41/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 2b3c98e62ea02c0aee5f79eb5ba7bcb9173fc307 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-035132.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-035132.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-035132.json b/shared-context/findings/hyperpolymath-hypatia/20260614-035132.json new file mode 100644 index 00000000..278cabf7 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-035132.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "2b3c98e62ea02c0aee5f79eb5ba7bcb9173fc307", + "submitted_at": "2026-06-14T03:51:34Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 51d4ae13..25ae4d78 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-032558.json \ No newline at end of file +20260614-035132.json \ No newline at end of file From 1b69cbc989d17bc0107cbd3c7b4bd975afbc0ac6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:00:03 +0000 Subject: [PATCH 42/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 8d8ba6dc8c7bf7344413aa0a2911f9412b8537e8 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-040002.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-040002.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-040002.json b/shared-context/findings/hyperpolymath-hypatia/20260614-040002.json new file mode 100644 index 00000000..d606c3d2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-040002.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8d8ba6dc8c7bf7344413aa0a2911f9412b8537e8", + "submitted_at": "2026-06-14T04:00:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 25ae4d78..01fb136a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-035132.json \ No newline at end of file +20260614-040002.json \ No newline at end of file From f78fc78d23ceb65998b1033933c436072d1b0ea6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:03:21 +0000 Subject: [PATCH 43/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: d2595d40d8ac878736f34f6b81f29f990bd6fa44 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-040320.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-040320.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-040320.json b/shared-context/findings/hyperpolymath-hypatia/20260614-040320.json new file mode 100644 index 00000000..1790c2ce --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-040320.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d2595d40d8ac878736f34f6b81f29f990bd6fa44", + "submitted_at": "2026-06-14T04:03:21Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 01fb136a..dc927888 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-040002.json \ No newline at end of file +20260614-040320.json \ No newline at end of file From c8f5d3d8ebca27e211e44a60efbbab459710aba8 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:14:08 +0000 Subject: [PATCH 44/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 491e27b5ada3b9fa8756578b17c76e76b5418751 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-041407.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-041407.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-041407.json b/shared-context/findings/hyperpolymath-hypatia/20260614-041407.json new file mode 100644 index 00000000..272e44c1 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-041407.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "491e27b5ada3b9fa8756578b17c76e76b5418751", + "submitted_at": "2026-06-14T04:14:08Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index dc927888..03c4b103 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-040320.json \ No newline at end of file +20260614-041407.json \ No newline at end of file From 2d8e4d478bd9f48763ed77206fe700ff484e37c0 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:16:50 +0000 Subject: [PATCH 45/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 9c36bc2cbf048b1b41d5a863ff044e26f1fecd5f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-041649.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-041649.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-041649.json b/shared-context/findings/hyperpolymath-hypatia/20260614-041649.json new file mode 100644 index 00000000..9e8d891a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-041649.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9c36bc2cbf048b1b41d5a863ff044e26f1fecd5f", + "submitted_at": "2026-06-14T04:16:50Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 03c4b103..761d8b2a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-041407.json \ No newline at end of file +20260614-041649.json \ No newline at end of file From bdb8cad0ab180e1b0d8ebabde9b12a8b7c3c628b Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:27:03 +0000 Subject: [PATCH 46/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 43 findings Commit: b661a5f17c3e18cda1d95c9b2ea886427c4ae6ac Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-042702.json | 354 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 355 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-042702.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-042702.json b/shared-context/findings/hyperpolymath-hypatia/20260614-042702.json new file mode 100644 index 00000000..0f77824c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-042702.json @@ -0,0 +1,354 @@ +{ + "findings": [ + { + "reason": "String.to_existing_atom with user input exhausts atom table -- use to_existing_atom (1 occurrences, CWE-400)", + "type": "elixir_atom_from_user", + "file": "/home/runner/work/hypatia/hypatia/lib/merge_orchestration/sensor.ex", + "action": "flag", + "rule_module": "code_safety", + "severity": "high" + }, + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "b661a5f17c3e18cda1d95c9b2ea886427c4ae6ac", + "submitted_at": "2026-06-14T04:27:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 761d8b2a..00723d5b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-041649.json \ No newline at end of file +20260614-042702.json \ No newline at end of file From c7301cba9add5a1cab0e95c8792e37b3a4a0a739 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:30:11 +0000 Subject: [PATCH 47/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: eeb945b499c33c1294b147f9c291d7eeb59e2c1b Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-043009.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-043009.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-043009.json b/shared-context/findings/hyperpolymath-hypatia/20260614-043009.json new file mode 100644 index 00000000..65036bc9 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-043009.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "eeb945b499c33c1294b147f9c291d7eeb59e2c1b", + "submitted_at": "2026-06-14T04:30:10Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 00723d5b..4c7dbc58 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-042702.json \ No newline at end of file +20260614-043009.json \ No newline at end of file From e75e7109a7ec257ec1627dcf91af6c022c146230 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:31:17 +0000 Subject: [PATCH 48/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: b98acbfbd020d7aa870d5ed078bfdf56c27aeb1c Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-043115.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-043115.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-043115.json b/shared-context/findings/hyperpolymath-hypatia/20260614-043115.json new file mode 100644 index 00000000..cafb3393 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-043115.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "b98acbfbd020d7aa870d5ed078bfdf56c27aeb1c", + "submitted_at": "2026-06-14T04:31:17Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 4c7dbc58..62a2aafa 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-043009.json \ No newline at end of file +20260614-043115.json \ No newline at end of file From 96905ca8f6bec57e6f790984d03cc73409263bc7 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 04:42:10 +0000 Subject: [PATCH 49/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: b98acbfbd020d7aa870d5ed078bfdf56c27aeb1c Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-044209.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-044209.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-044209.json b/shared-context/findings/hyperpolymath-hypatia/20260614-044209.json new file mode 100644 index 00000000..7858e3ba --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-044209.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "b98acbfbd020d7aa870d5ed078bfdf56c27aeb1c", + "submitted_at": "2026-06-14T04:42:10Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 62a2aafa..83e43a2f 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-043115.json \ No newline at end of file +20260614-044209.json \ No newline at end of file From 24ec13548f3d18cfb648e718f769387cfe93f29f Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 10:26:16 +0000 Subject: [PATCH 50/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: f34f255992939e4c6768001d2d08f2c5f7705047 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-102615.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-102615.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-102615.json b/shared-context/findings/hyperpolymath-hypatia/20260614-102615.json new file mode 100644 index 00000000..45fd379c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-102615.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "f34f255992939e4c6768001d2d08f2c5f7705047", + "submitted_at": "2026-06-14T10:26:16Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 83e43a2f..6d51802a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-044209.json \ No newline at end of file +20260614-102615.json \ No newline at end of file From 4fc4f30b778c67bc5ccde288e2e25155d8f14043 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 10:53:32 +0000 Subject: [PATCH 51/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 37c241de42096d8ac490b2ea9e9cd8a9a87219a7 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-105330.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-105330.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-105330.json b/shared-context/findings/hyperpolymath-hypatia/20260614-105330.json new file mode 100644 index 00000000..212a630c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-105330.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "37c241de42096d8ac490b2ea9e9cd8a9a87219a7", + "submitted_at": "2026-06-14T10:53:32Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6d51802a..791e453d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-102615.json \ No newline at end of file +20260614-105330.json \ No newline at end of file From 16cca2c5c8712c6c588c630c98449addd70381c8 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 12:37:26 +0000 Subject: [PATCH 52/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 3cb0494c6ea5bf35cbcd05e56f275271b6ba98d9 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-123724.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-123724.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-123724.json b/shared-context/findings/hyperpolymath-hypatia/20260614-123724.json new file mode 100644 index 00000000..48d45ec9 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-123724.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3cb0494c6ea5bf35cbcd05e56f275271b6ba98d9", + "submitted_at": "2026-06-14T12:37:25Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 791e453d..4927aa4c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-105330.json \ No newline at end of file +20260614-123724.json \ No newline at end of file From 6bea1a925da56f6609aa2af5cdd10b3677517162 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 12:38:37 +0000 Subject: [PATCH 53/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 32da8f2f52dd9dfe94370a7a2d674b8bf98abfca Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-123835.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-123835.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-123835.json b/shared-context/findings/hyperpolymath-hypatia/20260614-123835.json new file mode 100644 index 00000000..02815906 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-123835.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "32da8f2f52dd9dfe94370a7a2d674b8bf98abfca", + "submitted_at": "2026-06-14T12:38:37Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 4927aa4c..b5877b6f 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-123724.json \ No newline at end of file +20260614-123835.json \ No newline at end of file From 1fd7b361921f00ca660ef047698bcb4a0bb560a2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 12:47:22 +0000 Subject: [PATCH 54/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: bacb4750586ff299ac48407bae0497f633ab1cbb Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-124721.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-124721.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-124721.json b/shared-context/findings/hyperpolymath-hypatia/20260614-124721.json new file mode 100644 index 00000000..4a578dd5 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-124721.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "bacb4750586ff299ac48407bae0497f633ab1cbb", + "submitted_at": "2026-06-14T12:47:22Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index b5877b6f..70e95f2f 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-123835.json \ No newline at end of file +20260614-124721.json \ No newline at end of file From b089b70c4eba278fddd8a101e4cd64f4aee2617e Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 12:47:53 +0000 Subject: [PATCH 55/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 61fa135522188053e6048acd9d1fc00651714e6c Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-124752.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-124752.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-124752.json b/shared-context/findings/hyperpolymath-hypatia/20260614-124752.json new file mode 100644 index 00000000..a894aca0 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-124752.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "61fa135522188053e6048acd9d1fc00651714e6c", + "submitted_at": "2026-06-14T12:47:53Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 70e95f2f..98f3f078 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-124721.json \ No newline at end of file +20260614-124752.json \ No newline at end of file From a80303df0c18097600183c2c9bef2e7d3759cedb Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 13:02:05 +0000 Subject: [PATCH 56/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 37c6a8574070fdf2b2dc47f7cedd8582264e26a4 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-130203.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-130203.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-130203.json b/shared-context/findings/hyperpolymath-hypatia/20260614-130203.json new file mode 100644 index 00000000..95bf5c5a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-130203.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "37c6a8574070fdf2b2dc47f7cedd8582264e26a4", + "submitted_at": "2026-06-14T13:02:04Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 98f3f078..7eae6565 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-124752.json \ No newline at end of file +20260614-130203.json \ No newline at end of file From 20ddd60eecabb2226a9dda8e5d27bb50538248c2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 14:08:10 +0000 Subject: [PATCH 57/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 39167dc4f276603d5861ec32fcfdaad51008ca74 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-140808.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-140808.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-140808.json b/shared-context/findings/hyperpolymath-hypatia/20260614-140808.json new file mode 100644 index 00000000..7468f3c6 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-140808.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "39167dc4f276603d5861ec32fcfdaad51008ca74", + "submitted_at": "2026-06-14T14:08:10Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 7eae6565..6524fcd0 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-130203.json \ No newline at end of file +20260614-140808.json \ No newline at end of file From 166882c7b08e63559ed2564619eb4b8292637cf6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 14:22:04 +0000 Subject: [PATCH 58/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 75fa5c9db6050c44137e1969f9090c4c65009484 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-142202.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-142202.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-142202.json b/shared-context/findings/hyperpolymath-hypatia/20260614-142202.json new file mode 100644 index 00000000..81d15580 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-142202.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "75fa5c9db6050c44137e1969f9090c4c65009484", + "submitted_at": "2026-06-14T14:22:03Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 6524fcd0..29e01878 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-140808.json \ No newline at end of file +20260614-142202.json \ No newline at end of file From 07440015c2c5a4a64d79aa7502d9de78fa647caa Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 14:32:22 +0000 Subject: [PATCH 59/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: d7b24b39a7fd4901ef8b0e5728d9f31f4b1c6f81 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-143220.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-143220.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-143220.json b/shared-context/findings/hyperpolymath-hypatia/20260614-143220.json new file mode 100644 index 00000000..fe100c8e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-143220.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d7b24b39a7fd4901ef8b0e5728d9f31f4b1c6f81", + "submitted_at": "2026-06-14T14:32:22Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 29e01878..fb8777b6 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-142202.json \ No newline at end of file +20260614-143220.json \ No newline at end of file From b801d6734a9ddee96023541cceaa549713c062dd Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 14:39:01 +0000 Subject: [PATCH 60/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: f9b95c1a554b01b433eeb53d10c4d0891ded8328 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-143859.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-143859.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-143859.json b/shared-context/findings/hyperpolymath-hypatia/20260614-143859.json new file mode 100644 index 00000000..459a3fcf --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-143859.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "f9b95c1a554b01b433eeb53d10c4d0891ded8328", + "submitted_at": "2026-06-14T14:39:00Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index fb8777b6..aeefd6be 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-143220.json \ No newline at end of file +20260614-143859.json \ No newline at end of file From 6ffb86eb40fa6dd4c850c8ba8c11b80cace0184d Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 14:40:16 +0000 Subject: [PATCH 61/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: e05a43d799457ba766fe114589a0a004ac28c6da Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-144015.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-144015.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-144015.json b/shared-context/findings/hyperpolymath-hypatia/20260614-144015.json new file mode 100644 index 00000000..6f54d1df --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-144015.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e05a43d799457ba766fe114589a0a004ac28c6da", + "submitted_at": "2026-06-14T14:40:16Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index aeefd6be..e33ec73b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-143859.json \ No newline at end of file +20260614-144015.json \ No newline at end of file From a3fbf3c857821dbb718b31f1850c7af762faab8f Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 14:49:20 +0000 Subject: [PATCH 62/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 98d65decb49325f8c9309ded6582164fac479615 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-144918.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-144918.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-144918.json b/shared-context/findings/hyperpolymath-hypatia/20260614-144918.json new file mode 100644 index 00000000..afaac592 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-144918.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "98d65decb49325f8c9309ded6582164fac479615", + "submitted_at": "2026-06-14T14:49:20Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index e33ec73b..ac8ac245 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-144015.json \ No newline at end of file +20260614-144918.json \ No newline at end of file From 178ac1e5dbed079dbf8b8890ac94f00763d54cba Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 14:50:39 +0000 Subject: [PATCH 63/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: c1708656f91b504e19fac0953d84034743e47c53 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-145037.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-145037.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-145037.json b/shared-context/findings/hyperpolymath-hypatia/20260614-145037.json new file mode 100644 index 00000000..480e2976 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-145037.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c1708656f91b504e19fac0953d84034743e47c53", + "submitted_at": "2026-06-14T14:50:39Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index ac8ac245..777acb11 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-144918.json \ No newline at end of file +20260614-145037.json \ No newline at end of file From d1a10d8789fbb9e5015f16b9b971d4e0a70f1bae Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 15:39:24 +0000 Subject: [PATCH 64/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: adcc6bf62149d4ad769c92a4b7d349da2a77a3b4 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-153922.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-153922.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-153922.json b/shared-context/findings/hyperpolymath-hypatia/20260614-153922.json new file mode 100644 index 00000000..6ca9a535 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-153922.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "adcc6bf62149d4ad769c92a4b7d349da2a77a3b4", + "submitted_at": "2026-06-14T15:39:24Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 777acb11..48f1a902 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-145037.json \ No newline at end of file +20260614-153922.json \ No newline at end of file From cb8b7735c3ff2eca8ca1cca247a0067f4ef2b5af Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 15:43:06 +0000 Subject: [PATCH 65/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 9f4d07daced005bd9fd891c31f17358003ff5452 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-154304.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-154304.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-154304.json b/shared-context/findings/hyperpolymath-hypatia/20260614-154304.json new file mode 100644 index 00000000..d8aba9f6 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-154304.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9f4d07daced005bd9fd891c31f17358003ff5452", + "submitted_at": "2026-06-14T15:43:05Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 48f1a902..1c28545c 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-153922.json \ No newline at end of file +20260614-154304.json \ No newline at end of file From a1173869223f45fcdf9368bec4bab00b868aec69 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 16:34:34 +0000 Subject: [PATCH 66/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 0fe6cb3fd27ec4ff82888526dd0051f62de9db18 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-163433.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-163433.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-163433.json b/shared-context/findings/hyperpolymath-hypatia/20260614-163433.json new file mode 100644 index 00000000..a4c322ff --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-163433.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0fe6cb3fd27ec4ff82888526dd0051f62de9db18", + "submitted_at": "2026-06-14T16:34:34Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 1c28545c..13788c39 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-154304.json \ No newline at end of file +20260614-163433.json \ No newline at end of file From 4c79a185468d9e909e3e01a97804093d434aa306 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Sun, 14 Jun 2026 16:34:49 +0000 Subject: [PATCH 67/87] findings: hyperpolymath/hypatia @ 2026-06-14 Submitted: 42 findings Commit: 8a368d637342526bed01f38bbf51604915a0b82b Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260614-163447.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260614-163447.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260614-163447.json b/shared-context/findings/hyperpolymath-hypatia/20260614-163447.json new file mode 100644 index 00000000..2931c4c5 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260614-163447.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 11 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "8a368d637342526bed01f38bbf51604915a0b82b", + "submitted_at": "2026-06-14T16:34:49Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 13788c39..522aa4a7 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-163433.json \ No newline at end of file +20260614-163447.json \ No newline at end of file From b2339b30d3564cb718700079ef0e791c3b136905 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Mon, 15 Jun 2026 23:38:01 +0000 Subject: [PATCH 68/87] findings: hyperpolymath/hypatia @ 2026-06-15 Submitted: 42 findings Commit: 1fb2e9cd6409b3b909fe86ea2f1c19227b8d54e7 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260615-233759.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260615-233759.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260615-233759.json b/shared-context/findings/hyperpolymath-hypatia/20260615-233759.json new file mode 100644 index 00000000..fa4a091c --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260615-233759.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "1fb2e9cd6409b3b909fe86ea2f1c19227b8d54e7", + "submitted_at": "2026-06-15T23:38:01Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 522aa4a7..62af87f7 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260614-163447.json \ No newline at end of file +20260615-233759.json \ No newline at end of file From e95f7c2a7595c5fdb31b912abac31bcd864535d6 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Mon, 15 Jun 2026 23:38:19 +0000 Subject: [PATCH 69/87] findings: hyperpolymath/hypatia @ 2026-06-15 Submitted: 42 findings Commit: 7a712581acd3b4648493358f57ca3e34bac55b50 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260615-233818.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260615-233818.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260615-233818.json b/shared-context/findings/hyperpolymath-hypatia/20260615-233818.json new file mode 100644 index 00000000..ee111dd2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260615-233818.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "7a712581acd3b4648493358f57ca3e34bac55b50", + "submitted_at": "2026-06-15T23:38:19Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 62af87f7..c816f12d 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260615-233759.json \ No newline at end of file +20260615-233818.json \ No newline at end of file From 0b16de403d135860e9a2a268235a9053bdb85d3c Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 16 Jun 2026 17:14:14 +0000 Subject: [PATCH 70/87] findings: hyperpolymath/hypatia @ 2026-06-16 Submitted: 42 findings Commit: d9124f71b2e272cfc9168ef43bf4383e788ef7ea Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260616-171412.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260616-171412.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260616-171412.json b/shared-context/findings/hyperpolymath-hypatia/20260616-171412.json new file mode 100644 index 00000000..9a8953a0 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260616-171412.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d9124f71b2e272cfc9168ef43bf4383e788ef7ea", + "submitted_at": "2026-06-16T17:14:14Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index c816f12d..c596007a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260615-233818.json \ No newline at end of file +20260616-171412.json \ No newline at end of file From c8fd3561046e7c1e97be7be5fcfcc4d5b467b47a Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Tue, 16 Jun 2026 17:21:59 +0000 Subject: [PATCH 71/87] findings: hyperpolymath/hypatia @ 2026-06-16 Submitted: 42 findings Commit: 5a15dde05e2300212bc25f99a79478ce8cbe9323 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260616-172157.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260616-172157.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260616-172157.json b/shared-context/findings/hyperpolymath-hypatia/20260616-172157.json new file mode 100644 index 00000000..79771b86 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260616-172157.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 13 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "5a15dde05e2300212bc25f99a79478ce8cbe9323", + "submitted_at": "2026-06-16T17:21:59Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index c596007a..2f6a6892 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260616-171412.json \ No newline at end of file +20260616-172157.json \ No newline at end of file From bd222e3ac46d0c1e7bee0b08b620e4c01aae89e5 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 17 Jun 2026 02:43:22 +0000 Subject: [PATCH 72/87] findings: hyperpolymath/hypatia @ 2026-06-17 Submitted: 42 findings Commit: c8a13753a458ef5ad4ead78b93c28bf04cdb9b3c Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260617-024321.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260617-024321.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260617-024321.json b/shared-context/findings/hyperpolymath-hypatia/20260617-024321.json new file mode 100644 index 00000000..7c4dfe26 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260617-024321.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 14 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "c8a13753a458ef5ad4ead78b93c28bf04cdb9b3c", + "submitted_at": "2026-06-17T02:43:22Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 2f6a6892..d683e159 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260616-172157.json \ No newline at end of file +20260617-024321.json \ No newline at end of file From 04f609caa95c90e9e6bc7ec439578e267d54f842 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 17 Jun 2026 20:54:48 +0000 Subject: [PATCH 73/87] findings: hyperpolymath/hypatia @ 2026-06-17 Submitted: 42 findings Commit: 3a28a203268db2dd8a1cf96e081b9065cf513b7d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260617-205446.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260617-205446.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260617-205446.json b/shared-context/findings/hyperpolymath-hypatia/20260617-205446.json new file mode 100644 index 00000000..a5785052 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260617-205446.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3a28a203268db2dd8a1cf96e081b9065cf513b7d", + "submitted_at": "2026-06-17T20:54:48Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index d683e159..47940ae6 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260617-024321.json \ No newline at end of file +20260617-205446.json \ No newline at end of file From f14e2bdcb4bc856eda3626885740506a637929d2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 17 Jun 2026 21:12:01 +0000 Subject: [PATCH 74/87] findings: hyperpolymath/hypatia @ 2026-06-17 Submitted: 42 findings Commit: a3aa2bbcf179dbcf37df460d59bbee1981622683 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260617-211159.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260617-211159.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260617-211159.json b/shared-context/findings/hyperpolymath-hypatia/20260617-211159.json new file mode 100644 index 00000000..0c67194f --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260617-211159.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a3aa2bbcf179dbcf37df460d59bbee1981622683", + "submitted_at": "2026-06-17T21:12:01Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 47940ae6..0b777d9a 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260617-205446.json \ No newline at end of file +20260617-211159.json \ No newline at end of file From ab12ab803e01f0741ce6875f491843340a845263 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 17 Jun 2026 21:12:55 +0000 Subject: [PATCH 75/87] findings: hyperpolymath/hypatia @ 2026-06-17 Submitted: 42 findings Commit: 03f089092e13c755326d6a9dcc592534561a34bf Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260617-211254.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260617-211254.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260617-211254.json b/shared-context/findings/hyperpolymath-hypatia/20260617-211254.json new file mode 100644 index 00000000..1b169b11 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260617-211254.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "03f089092e13c755326d6a9dcc592534561a34bf", + "submitted_at": "2026-06-17T21:12:55Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 0b777d9a..8a334423 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260617-211159.json \ No newline at end of file +20260617-211254.json \ No newline at end of file From 1018588f8592d7ba20375d79c7972cf8da0e8dcb Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 17 Jun 2026 21:13:27 +0000 Subject: [PATCH 76/87] findings: hyperpolymath/hypatia @ 2026-06-17 Submitted: 42 findings Commit: a4fc639c4476ec449d968ec442521c86fcfd279d Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260617-211326.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260617-211326.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260617-211326.json b/shared-context/findings/hyperpolymath-hypatia/20260617-211326.json new file mode 100644 index 00000000..d07ca4a2 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260617-211326.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "a4fc639c4476ec449d968ec442521c86fcfd279d", + "submitted_at": "2026-06-17T21:13:27Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 8a334423..e62ec923 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260617-211254.json \ No newline at end of file +20260617-211326.json \ No newline at end of file From 7c6133a12ff5eeca37eb6aa046d1f952bc3db5a9 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 17 Jun 2026 21:42:19 +0000 Subject: [PATCH 77/87] findings: hyperpolymath/hypatia @ 2026-06-17 Submitted: 42 findings Commit: 64a44cf0e423d53bb25351da7be1fac81ebc2e5f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260617-214218.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260617-214218.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260617-214218.json b/shared-context/findings/hyperpolymath-hypatia/20260617-214218.json new file mode 100644 index 00000000..8837001f --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260617-214218.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "64a44cf0e423d53bb25351da7be1fac81ebc2e5f", + "submitted_at": "2026-06-17T21:42:19Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index e62ec923..8f286ffc 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260617-211326.json \ No newline at end of file +20260617-214218.json \ No newline at end of file From a518d0e644f28b6b8a35f664dc5bc788add4866f Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Wed, 17 Jun 2026 23:10:09 +0000 Subject: [PATCH 78/87] findings: hyperpolymath/hypatia @ 2026-06-17 Submitted: 42 findings Commit: 1e03bbf4b8bfc240f6039adf984cb404a5a10d1f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260617-231007.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260617-231007.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260617-231007.json b/shared-context/findings/hyperpolymath-hypatia/20260617-231007.json new file mode 100644 index 00000000..0b534f29 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260617-231007.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "1e03bbf4b8bfc240f6039adf984cb404a5a10d1f", + "submitted_at": "2026-06-17T23:10:09Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 8f286ffc..820302c3 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260617-214218.json \ No newline at end of file +20260617-231007.json \ No newline at end of file From 7566401c68d09b42579173102c464affc5406f40 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 18 Jun 2026 00:31:46 +0000 Subject: [PATCH 79/87] findings: hyperpolymath/hypatia @ 2026-06-18 Submitted: 42 findings Commit: 95346e1e36d5ed92dadf6ba1e43e89b94850a421 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260618-003144.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260618-003144.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260618-003144.json b/shared-context/findings/hyperpolymath-hypatia/20260618-003144.json new file mode 100644 index 00000000..5957defb --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260618-003144.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "95346e1e36d5ed92dadf6ba1e43e89b94850a421", + "submitted_at": "2026-06-18T00:31:46Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 820302c3..1e69aaa3 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260617-231007.json \ No newline at end of file +20260618-003144.json \ No newline at end of file From 8580fb0f628597b813974543d8ad5b7f8e457a60 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 18 Jun 2026 00:44:59 +0000 Subject: [PATCH 80/87] findings: hyperpolymath/hypatia @ 2026-06-18 Submitted: 42 findings Commit: 6891a5f410561ebf5037884fdd6056221e794d53 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260618-004457.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260618-004457.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260618-004457.json b/shared-context/findings/hyperpolymath-hypatia/20260618-004457.json new file mode 100644 index 00000000..99864491 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260618-004457.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "6891a5f410561ebf5037884fdd6056221e794d53", + "submitted_at": "2026-06-18T00:44:59Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 1e69aaa3..7e96f9e1 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260618-003144.json \ No newline at end of file +20260618-004457.json \ No newline at end of file From ffa959584cd89289e5e89647e540f08c3e0c28f2 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 18 Jun 2026 17:33:45 +0000 Subject: [PATCH 81/87] findings: hyperpolymath/hypatia @ 2026-06-18 Submitted: 42 findings Commit: e4f4b103ec0b2fe04fe25a9d98d789eec2e1c6df Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260618-173343.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260618-173343.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260618-173343.json b/shared-context/findings/hyperpolymath-hypatia/20260618-173343.json new file mode 100644 index 00000000..18b05e23 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260618-173343.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e4f4b103ec0b2fe04fe25a9d98d789eec2e1c6df", + "submitted_at": "2026-06-18T17:33:44Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 7e96f9e1..fc6a85dd 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260618-004457.json \ No newline at end of file +20260618-173343.json \ No newline at end of file From 07e1a505aa639a5a4a8ead6b70e8a701c452b841 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 18 Jun 2026 17:51:40 +0000 Subject: [PATCH 82/87] findings: hyperpolymath/hypatia @ 2026-06-18 Submitted: 42 findings Commit: 3e49e0dd0560418f9d9473f0e290b8b352b4ed0f Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260618-175138.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260618-175138.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260618-175138.json b/shared-context/findings/hyperpolymath-hypatia/20260618-175138.json new file mode 100644 index 00000000..6a796bd9 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260618-175138.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "3e49e0dd0560418f9d9473f0e290b8b352b4ed0f", + "submitted_at": "2026-06-18T17:51:40Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index fc6a85dd..87f1a99f 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260618-173343.json \ No newline at end of file +20260618-175138.json \ No newline at end of file From c8c9c5ee82646f33ec68d8cb20de52db4f530ae8 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 18 Jun 2026 17:54:19 +0000 Subject: [PATCH 83/87] findings: hyperpolymath/hypatia @ 2026-06-18 Submitted: 42 findings Commit: d3170577daa5e0e6fa811f703e344febeeeb9408 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260618-175417.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260618-175417.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260618-175417.json b/shared-context/findings/hyperpolymath-hypatia/20260618-175417.json new file mode 100644 index 00000000..fb905a5a --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260618-175417.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 5 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "d3170577daa5e0e6fa811f703e344febeeeb9408", + "submitted_at": "2026-06-18T17:54:19Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 87f1a99f..d00910dd 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260618-175138.json \ No newline at end of file +20260618-175417.json \ No newline at end of file From 5215f1d72775f9bcf48445345e6beb606105ff57 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Thu, 18 Jun 2026 17:58:09 +0000 Subject: [PATCH 84/87] findings: hyperpolymath/hypatia @ 2026-06-18 Submitted: 42 findings Commit: e30e7f005be0d266e773aa2fe79a01687fcbca15 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260618-175807.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260618-175807.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260618-175807.json b/shared-context/findings/hyperpolymath-hypatia/20260618-175807.json new file mode 100644 index 00000000..ec0fbd2e --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260618-175807.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 15 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "e30e7f005be0d266e773aa2fe79a01687fcbca15", + "submitted_at": "2026-06-18T17:58:09Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index d00910dd..09ae5ea6 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260618-175417.json \ No newline at end of file +20260618-175807.json \ No newline at end of file From 7ab390f9596472a34d99ec6ab2cf417f842d3154 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Fri, 19 Jun 2026 06:32:46 +0000 Subject: [PATCH 85/87] findings: hyperpolymath/hypatia @ 2026-06-19 Submitted: 42 findings Commit: 552baebd3175d22142f3ae3d5edc993f82a40835 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260619-063244.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260619-063244.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260619-063244.json b/shared-context/findings/hyperpolymath-hypatia/20260619-063244.json new file mode 100644 index 00000000..832a7d8b --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260619-063244.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 4 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "552baebd3175d22142f3ae3d5edc993f82a40835", + "submitted_at": "2026-06-19T06:32:46Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index 09ae5ea6..add1bd08 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260618-175807.json \ No newline at end of file +20260619-063244.json \ No newline at end of file From 940e32204781fd72ba7493e877d45ce6762f6785 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Fri, 19 Jun 2026 06:33:10 +0000 Subject: [PATCH 86/87] findings: hyperpolymath/hypatia @ 2026-06-19 Submitted: 42 findings Commit: 0a278c97b73b4ffa296ccd25c3c1d849a7066829 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260619-063308.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260619-063308.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260619-063308.json b/shared-context/findings/hyperpolymath-hypatia/20260619-063308.json new file mode 100644 index 00000000..aaeb3375 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260619-063308.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 16 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "0a278c97b73b4ffa296ccd25c3c1d849a7066829", + "submitted_at": "2026-06-19T06:33:10Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index add1bd08..aa538170 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260619-063244.json \ No newline at end of file +20260619-063308.json \ No newline at end of file From fce6bd824dc9381e1b5da8ae2eb7c075b1970545 Mon Sep 17 00:00:00 2001 From: Hypatia Finding Submitter Date: Fri, 19 Jun 2026 21:07:01 +0000 Subject: [PATCH 87/87] findings: hyperpolymath/hypatia @ 2026-06-19 Submitted: 42 findings Commit: 9a638b24c87ad543562f2aadbce1392beadf6f58 Scanner: hypatia-v2 Automated submission from GitHub Actions. --- .../20260619-210658.json | 346 ++++++++++++++++++ .../hyperpolymath-hypatia/latest.json | 2 +- 2 files changed, 347 insertions(+), 1 deletion(-) create mode 100644 shared-context/findings/hyperpolymath-hypatia/20260619-210658.json diff --git a/shared-context/findings/hyperpolymath-hypatia/20260619-210658.json b/shared-context/findings/hyperpolymath-hypatia/20260619-210658.json new file mode 100644 index 00000000..b798ffd8 --- /dev/null +++ b/shared-context/findings/hyperpolymath-hypatia/20260619-210658.json @@ -0,0 +1,346 @@ +{ + "findings": [ + { + "reason": "Repository has 3 non-main remote branch(es). Policy: single main branch only.", + "type": "GS007", + "file": ".", + "action": "delete_remote_branches", + "rule_module": "git_state", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "src/ui/gossamer/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "scripts/ci-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "scripts/bench-tools/Cargo.toml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "ffi/zig/README.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/integration/github-registry.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/integration/a2ml-k9.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/architecture/system-integration.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "docs/EXPLAINME.adoc", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": "0-AI-MANIFEST.a2ml", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "Code scanning (Hypatia): hypatia/structural_drift/SD022 -- Hypatia structural_drift: SD022 -- 17 day(s) old", + "type": "CSA001", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "20 total open code-scanning alert(s) -- security hygiene review", + "type": "CSA002", + "file": "hyperpolymath/hypatia", + "action": "review", + "rule_module": "code_scanning_alerts", + "severity": "medium" + }, + { + "reason": "doc references `src/lib/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/package-candidates/REPORT.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/SUMMARY.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/api/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/echidnabot.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/i18n/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/greetings/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": ".audittraining/security-errors/polyglot-i18n.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "0-AI-MANIFEST.a2ml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/interface/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/Burble/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/EXPLAINME.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bridges/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/boundary-design-options.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/auth/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/architecture/system-integration.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/rust/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/a2ml-k9.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/commands/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/registry/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/integration/github-registry.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/ci_simulation/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "docs/reports/audit/audit-2026-04-15-post.md", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/connectors/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "ffi/zig/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/bench-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/bin/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "scripts/ci-tools/Cargo.toml", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + }, + { + "reason": "doc references `src/core/` but no such directory exists in the tree (likely surviving a directory rename)", + "type": "SD022", + "file": "src/ui/gossamer/README.adoc", + "action": "rename_sweep", + "rule_module": "structural_drift", + "severity": "medium" + } + ], + "submission_metadata": { + "repo": "hyperpolymath/hypatia", + "commit": "9a638b24c87ad543562f2aadbce1392beadf6f58", + "submitted_at": "2026-06-19T21:07:01Z", + "scanner_version": "hypatia-v2" + } +} diff --git a/shared-context/findings/hyperpolymath-hypatia/latest.json b/shared-context/findings/hyperpolymath-hypatia/latest.json index aa538170..a9d8bb6b 120000 --- a/shared-context/findings/hyperpolymath-hypatia/latest.json +++ b/shared-context/findings/hyperpolymath-hypatia/latest.json @@ -1 +1 @@ -20260619-063308.json \ No newline at end of file +20260619-210658.json \ No newline at end of file