All findings
500 findings across categories.
Category:
Severity:
Rule:
500 findings
| Category | Rule | Evidence | Actions | ||
|---|---|---|---|---|---|
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:143 | string, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:144 | string Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:140 | apiKey: webhook.apiKey, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:147 | payload Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:142 | customHeaders: webhook.customHeaders as Record< Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:148 | ); Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:149 | Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:150 | // Determine next status Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:151 | const { status, nextRetryAt } = determineNextStatus(Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:152 | newAttemptNumber, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:155 | ); Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:146 | }, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:172 | deliveredAt: status === "success" ? new Date() : null, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:156 | Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:157 | // Update delivery log Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:158 | await database.webhookDeliveryLog.update({Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:159 | where: {Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:160 | tenantId_id: {Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:161 | tenantId: delivery.tenantId, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:162 | id: delivery.id, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:163 | }, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:164 | }, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:166 | status, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:167 | attemptNumber: newAttemptNumber, Scope-checking auth functions defined but never consumed by route handlers | |
| high | security theater | security_theater.api_key_scopes_never_enforced | apps/api/app/api/cron/webhook-retry/route.ts:168 | httpResponseStatus: result.httpStatus, Scope-checking auth functions defined but never consumed by route handlers |
Page 1 of 20