Problem
The repo has no .gitignore. The documented workflow generates a sibling .gml file per APK via generateCG.sh and runs a Jupyter notebook, both of which produce artifacts (*.gml, __pycache__/, .ipynb_checkpoints/) that are easy to accidentally stage and commit — and the GML call graphs can be large and numerous (one per malware sample, thousands of samples).
Evidence
- Repo root contains only
My First Malware.ipynb, README.md, generateCG.sh — no .gitignore.
generateCG.sh:11 writes gmlPath=${sourcePath%.*}.${extension} next to each APK; README.md describes generating thousands of .gml files.
Impact
Without an ignore file, a stray git add . can balloon the repo with generated graph data or leak local cache directories.
Recommendation
Add a .gitignore covering __pycache__/, *.pyc, .ipynb_checkpoints/, and *.gml (and any local dataset dirs).
Severity: low · Category: practices · Filed by an automated multi-repo code review.
Problem
The repo has no
.gitignore. The documented workflow generates a sibling.gmlfile per APK viagenerateCG.shand runs a Jupyter notebook, both of which produce artifacts (*.gml,__pycache__/,.ipynb_checkpoints/) that are easy to accidentally stage and commit — and the GML call graphs can be large and numerous (one per malware sample, thousands of samples).Evidence
My First Malware.ipynb,README.md,generateCG.sh— no.gitignore.generateCG.sh:11writesgmlPath=${sourcePath%.*}.${extension}next to each APK;README.mddescribes generating thousands of.gmlfiles.Impact
Without an ignore file, a stray
git add .can balloon the repo with generated graph data or leak local cache directories.Recommendation
Add a
.gitignorecovering__pycache__/,*.pyc,.ipynb_checkpoints/, and*.gml(and any local dataset dirs).Severity: low · Category: practices · Filed by an automated multi-repo code review.