Home / kubesphere / kubesphere
Repository Analysis

kubesphere/kubesphere

The container platform tailored for Kubernetes multi-cloud, datacenter, and edge management ⎈ 🖥 ☁️

1.4 Likely human-written View on GitHub
1.4
Adjusted Score
1.4
Raw Score
100%
Time Factor
2026-05-06
Last Push
16,950
Stars
Go
Language
157,574
Lines of Code
785
Files
164
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 0HIGH 0MEDIUM 33LOW 131

Pattern Findings

164 matches across 14 categories. Click a row to expand file-level details.

Over-Commented Block103 hits · 103 pts
SeverityFileLineSnippet
LOWtools/cmd/dependencyverifier/dependencyverifier.go221
LOWstaging/src/kubesphere.io/client-go/rest/config.go81 // UserAgent is an optional field that specifies the caller of this request.
LOWstaging/src/kubesphere.io/client-go/rest/config.go261 // "application/json" is used.
LOWstaging/src/kubesphere.io/client-go/rest/with_retry.go61 // - we need to seek to the beginning of the request body before we
LOWstaging/src/kubesphere.io/client-go/rest/with_retry.go81
LOWstaging/src/kubesphere.io/client-go/rest/with_retry.go121 // retry after parameters that pertain to the attempt that is to
LOW…aging/src/kubesphere.io/client-go/rest/request_test.go3061 sleeps []string
LOWstaging/src/kubesphere.io/client-go/rest/request.go1241 klogV.Infof("%s:\n%s", prefix, truncateBody(hex.Dump(body)))
LOWstaging/src/kubesphere.io/client-go/rest/client.go61 // This value will be set as the Accept header on requests made to the server if
LOWstaging/src/kubesphere.io/client-go/rest/client.go161// resp, err := c.Verb("GET").
LOWstaging/src/kubesphere.io/api/cluster/v1alpha1/types.go81 // Should provide this field explicitly if connection type is direct.
LOW…/src/kubesphere.io/api/extensions/v1alpha1/upstream.go21 // +optional
LOWstaging/src/kubesphere.io/api/iam/v1alpha2/types.go101 Email string `json:"email"`
LOWstaging/src/kubesphere.io/api/iam/v1alpha2/types.go121 // So we adopted an alternative scheme to achieve.
LOWstaging/src/kubesphere.io/api/iam/v1beta1/types.go61 // Unique email address(https://www.ietf.org/rfc/rfc5322.txt).
LOWstaging/src/kubesphere.io/api/iam/v1beta1/types.go81 // But in Go, we don't have ?= (back tracking) capability in regexp (also in CRD validation pattern)
LOWstaging/src/kubesphere.io/api/iam/v1beta1/types.go341
LOWstaging/src/kubesphere.io/api/iam/v1beta1/types.go361func (t ExtraValue) String() string {
LOWstaging/src/kubesphere.io/api/iam/v1beta1/types.go381 // Group is the API Group of the Resource. "*" means all.
LOWstaging/src/kubesphere.io/api/iam/v1beta1/types.go401 // +optional
LOWstaging/src/kubesphere.io/api/application/v2/types.go101}
LOWtest/e2e/framework/log.go61// PrunedStack is a wrapper around debug.Stack() that removes information
LOWconfig/ks-core/values.yaml1## @param global.imageRegistry Global Docker image registry
LOWconfig/ks-core/values.yaml341 size: 5Gi
LOWconfig/ks-core/charts/redis-ha/values.yaml101 resources: {}
LOWconfig/ks-core/charts/redis-ha/values.yaml141
LOWconfig/ks-core/charts/redis-ha/values.yaml181 ## Whether the haproxy pods should be forced to run on separate nodes.
LOWconfig/ks-core/charts/redis-ha/values.yaml221 # name: my-redis-client-namespace
LOWconfig/ks-core/charts/redis-ha/values.yaml341 # - name: empty
LOWconfig/ks-core/charts/redis-ha/values.yaml401 # customConfig: |-
LOWconfig/ks-core/charts/redis-ha/values.yaml441
LOWconfig/ks-core/charts/redis-ha/values.yaml481##
LOWconfig/ks-core/charts/redis-ha/values.yaml521 # Address/Host for Redis instance. Default: localhost
LOWconfig/ks-core/charts/redis-ha/values.yaml541 # -- More info about Redis Lua scripting: https://redis.io/commands/eval
LOWconfig/ks-core/charts/redis-ha/values.yaml561 # When set true then use a ServiceMonitor to configure scraping
LOWconfig/ks-core/charts/redis-ha/values.yaml621 resources: {}
LOWconfig/ks-core/charts/redis-ha/values.yaml641 # secretName: tls-secret
LOWconfig/ks-core/charts/redis-ha/values.yaml681 # prometheusRule.enabled -- If true, creates a Prometheus Operator PrometheusRule.
LOWconfig/ks-core/charts/redis-ha/values.yaml721 ## user defines ingress rules that Redis should permit into
LOWconfig/ks-core/charts/ks-crds/Chart.yaml1apiVersion: v2
LOWconfig/ks-core/charts/ks-crds/Chart.yaml21# incremented each time you make changes to the application. Versions are not expected to
LOWhack/update-vendor-licenses.sh1#!/usr/bin/env bash
LOWhack/update-vendor.sh1#!/usr/bin/env bash
LOWhack/verify-gofmt.sh1#!/usr/bin/env bash
LOWhack/generate_group.sh1#!/usr/bin/env bash
LOWhack/test-go.sh1#!/usr/bin/env bash
LOWhack/verify-licenses.sh1#!/usr/bin/env bash
LOWhack/pin-dependency.sh1#!/usr/bin/env bash
LOWhack/verify-vendor-licenses.sh1#!/usr/bin/env bash
LOWhack/lint-dependencies.sh1#!/usr/bin/env bash
LOWhack/update-internal-modules.sh1#!/usr/bin/env bash
LOWhack/update-goimports.sh1#!/usr/bin/env bash
LOWhack/verify-spelling.sh1#!/usr/bin/env bash
LOWhack/update-gofmt.sh1#!/usr/bin/env bash
LOWhack/verify-all.sh1#!/usr/bin/env bash
LOWhack/verify-shellcheck.sh1#!/usr/bin/env bash
LOWhack/boilerplate.go.txt1// Copyright 2025 The KubeSphere Authors.
LOWhack/verify-goimports.sh1#!/usr/bin/env bash
LOWhack/make-rules/make-help.sh1#!/usr/bin/env bash
LOWhack/make-rules/verify.sh1#!/usr/bin/env bash
43 more matches not shown…
Excessive Try-Catch Wrapping24 hits · 51 pts
SeverityFileLineSnippet
MEDIUM…egration-yaml/scripts/generate_frontend_integration.py590 print(f"Error: {error}", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py73 print(f"Error: Failed to get token. HTTP {response.status_code}", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py80 print("Error: No access_token in response", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py87 print(f"Error: {exc}", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py100 print("Error: No token available. Run `login` first or set KUBESPHERE_TOKEN.", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py127 print("Error: PATCH requests must use a JSON Patch array body.", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py144 print(f"Error: {exc}", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py153 print(f"Error: HTTP {response.status_code}", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py181 print(f"Error: Invalid JSON body: {exc}", file=sys.stderr)
MEDIUMskills/nodegroup/scripts/nodegroup_api.py218 print("Error: patch requires at least one of --alias, --description, --manager", file=sys.stderr)
MEDIUMskills/kubesphere-core/scripts/ks_api.py77 print(f"Error: Failed to get token. HTTP {response.status_code}", file=sys.stderr)
MEDIUMskills/kubesphere-core/scripts/ks_api.py85 print("Error: No access_token in response", file=sys.stderr)
MEDIUMskills/kubesphere-core/scripts/ks_api.py96 print(f"Error: {e}", file=sys.stderr)
MEDIUMskills/kubesphere-core/scripts/ks_api.py179 print("Error: No token available. Use --login to get a new token.", file=sys.stderr)
MEDIUMskills/kubesphere-core/scripts/ks_api.py209 print(f"Error: Invalid JSON body: {e}", file=sys.stderr)
MEDIUMskills/kubesphere-core/scripts/ks_api.py232 print(f"Error: HTTP {response.status_code}", file=sys.stderr)
MEDIUMskills/kubesphere-core/scripts/ks_api.py239 print(f"Error: {e}", file=sys.stderr)
MEDIUM…s/kubesphere-multi-tenant-management/scripts/ks_api.py77 print(f"Error: Failed to get token. HTTP {response.status_code}", file=sys.stderr)
MEDIUM…s/kubesphere-multi-tenant-management/scripts/ks_api.py85 print("Error: No access_token in response", file=sys.stderr)
MEDIUM…s/kubesphere-multi-tenant-management/scripts/ks_api.py96 print(f"Error: {e}", file=sys.stderr)
MEDIUM…s/kubesphere-multi-tenant-management/scripts/ks_api.py179 print("Error: No token available. Use --login to get a new token.", file=sys.stderr)
MEDIUM…s/kubesphere-multi-tenant-management/scripts/ks_api.py209 print(f"Error: Invalid JSON body: {e}", file=sys.stderr)
MEDIUM…s/kubesphere-multi-tenant-management/scripts/ks_api.py232 print(f"Error: HTTP {response.status_code}", file=sys.stderr)
MEDIUM…s/kubesphere-multi-tenant-management/scripts/ks_api.py239 print(f"Error: {e}", file=sys.stderr)
Redundant / Tautological Comments11 hits · 16 pts
SeverityFileLineSnippet
LOWconfig/ks-core/charts/redis-ha/values.yaml149 # Set path to redis-exporter telemtery-path
LOWconfig/ks-core/charts/redis-ha/values.yaml526 ## Set this to true if you want to connect to redis tls port
LOWconfig/ks-core/charts/redis-ha/values.yaml567 # Set path to redis-exporter telemtery-path
LOWconfig/ks-core/charts/redis-ha/values.yaml662 # Set existingSecret to true to use secret specified in existingSecret above
LOWconfig/ks-core/templates/post-patch-user-job.yaml32 # Check if variables are not empty and not <none>
LOWhack/lint-dependencies.sh46# Check if unwanted dependencies are removed
LOWhack/lib/version.sh60 # Check if the tree is dirty. default to dirty
LOWhack/lib/util.sh667# Check if we have "docker buildx" commands available
LOWhack/lib/util.sh680# Check if we are using a supported bash version
LOWskills/kubesphere-core/scripts/ks_api.py47 # Check if token expired
LOW…s/kubesphere-multi-tenant-management/scripts/ks_api.py47 # Check if token expired
Self-Referential Comments4 hits · 12 pts
SeverityFileLineSnippet
MEDIUMhack/verify-licenses.sh36# Creating a new repository tree
MEDIUMhack/lib/util.sh130# Create a temp dir that'll be deleted at the end of this bash session.
MEDIUMhack/lib/util.sh626 # Create a temp dir for cfssl if no directory was given
MEDIUM.github/workflows/sync-helm-chart.yaml64 # Create a PR in the kubesphere/helm-charts repository
AI Slop Vocabulary4 hits · 9 pts
SeverityFileLineSnippet
MEDIUMconfig/ks-core/charts/redis-ha/values.yaml242# You can now use securityContext.sysctls to leverage this capability
LOWhack/lib/golang.sh507 # * We can't just set GOBIN because that does not work on cross-compiles.
LOWhack/lib/golang.sh572# Ideally this wouldn't be necessary and we could just set GOBIN to
MEDIUMpkg/kapis/oauth/handler.go361// Communication with the Token Endpoint is required to utilize TLS for security.
Decorative Section Separators3 hits · 9 pts
SeverityFileLineSnippet
MEDIUMhack/lib/golang.sh90# ------------
MEDIUMhack/lib/golang.sh99# ------------
MEDIUMhack/lib/version.sh17# -----------------------------------------------------------------------------
Fake / Example Data5 hits · 4 pts
SeverityFileLineSnippet
LOWskills/whizard-notification/SKILL.md284 "to": ["user@example.com"],
LOWskills/whizard-notification/SKILL.md311 "to": ["user@example.com"],
LOWskills/whizard-notification/SKILL.md463 "to": ["user@example.com", "admin@example.com"],
LOWskills/whizard-notification/SKILL.md463 "to": ["user@example.com", "admin@example.com"],
LOWskills/kubesphere-devops-pipeline/SKILL.md701 {"name": "PERSON", "value": "John Doe"},
Example Usage Blocks2 hits · 3 pts
SeverityFileLineSnippet
LOWhack/update-vendor-licenses.sh19# Usage:
LOWhack/lib/util.sh779# Example usage:
Verbosity Indicators2 hits · 3 pts
SeverityFileLineSnippet
LOWkube/plugin/pkg/admission/resourcequota/controller.go360 // if a resource is consumed, we need to check if it matches on the limited resource list.
LOWpkg/utils/directives/rewrite.go96 // before continuing, we need to check if a query string
Deep Nesting2 hits · 2 pts
SeverityFileLineSnippet
LOW…egration-yaml/scripts/generate_frontend_integration.py268
LOW…egration-yaml/scripts/generate_frontend_integration.py514
Slop Phrases1 hit · 1 pts
SeverityFileLineSnippet
LOWhack/update-vendor.sh338kube::log::status "NOTE: don't forget to handle vendor/* and LICENSE/* files that were added or removed" >&11
Hyper-Verbose Identifiers1 hit · 1 pts
SeverityFileLineSnippet
LOW…egration-yaml/scripts/generate_frontend_integration.py125def create_update_time_column() -> dict[str, Any]:
Overly Generic Function Names1 hit · 1 pts
SeverityFileLineSnippet
LOWskills/nodegroup/scripts/nodegroup_api.py174def handle_request(args: argparse.Namespace) -> None:
Unused Imports1 hit · 1 pts
SeverityFileLineSnippet
LOWskills/nodegroup/scripts/nodegroup_api.py25