how the text description of the patch is used

SunLab-GMU / GraphSPD

The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IEEE Symposium on Security and Privacy (S&P), San Francisco, CA, May 22-26, 2023.

https://github.com/SunLab-GMU/GraphSPD

Apache License 2.0

40 stars 7 forks source link

how the text description of the patch is used #6

Closed klssstis closed 10 months ago

klssstis commented 11 months ago

Good afternoon.

judging by the test example, the analysis does not use information from the text description of the patch, the "Subject:"

is this a limitation of the public version, or graphSPD only works with code change lines.

shuwang127 commented 10 months ago

Right. The original version of GraphSPD only relies on the source code part, but it is also available to include the analysis of commit message. Please refer to https://github.com/shuwang127/patchrnn-demo, where we use RNN to analyze the commit message and source code. You can also use other modern language models to analyze them.

klssstis commented 10 months ago

thank you