FixMe is a lightweight approach for the collection of code patches based on analyzing the commits of various version control systems. The practical framework is designed to generate patches across a wide array of programming languages. This open-source tool streamlines the process of gathering vulnerability records from the Common Vulnerabilities and Exposures (CVE) database through an incremental approach. By embracing an incremental methodology, we expedite the acquisition of data, ensuring the inclusion of newly identified vulnerabilities and their corresponding patch pairs. Our methodology involves extracting security issues, obtaining vulnerability-fixing commits, and retrieving relevant source code from various projects. The extracted dataset by the FixMe tool supports for the automated patch prediction, automated program repair, commit classification, vulnerability prediction and so on.
The work is programmed in Python 3.8.0 and it requires the several python libraries as specified in requirements.txt.
To collect the data, we need to run collect.py file as follows-
python3 -m source.collect
The extraction method starts cloning the repository from a GitHub repository of CVElistV5, which mirrors all the CVE records.
The CVE repository is git-pulled every time we extract data to include the newly added CVE records and the recent updates on the existing records to the database.
The process exports the extracted information into sqlite3 database file (specified in config.yaml), which includes different granular levels of vulnerability data into different tables.
Citatation: Anonymous
Note: The most of the plots and table presented in paper can be automatically generated by executing the analyze-fixme.ipynb notebook. The notebook takes generated FixMe.db file as input and presents the statistics on the database tables.
Anonymous