Skip to content

lambdasec/autofix

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
examples
examples
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
autofix.py
autofix.py
 
 
demo.gif
demo.gif
 
 
howitworks.png
howitworks.png
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

Active development on this project has now moved to Patchwork. Patchwork is a more generic framework that combines tools and LLMs in agentic workflows for software development.

AutoFix

Static Analysis + LLM = AutoFix

Note: If you are looking for a cloud service for vulnerability remediation, please try patched.

  • The new StarCoder model is now supported. Pass --model bigcode/starcoderbase-1b to AutoFix to try the 1B parameter base model.

  • We now support using the CodeGen2 model from Salesforce. Just use --model Salesforce/codegen2-1B with AutoFix. Note that the inference on CPU with CodeGen2 is very slow compared to SantaFixer.

In the initial release, we used Semgrep for doing static analysis and the SantaFixer LLM for bug fixing.

Setup

python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

Usage

python autofix.py --input examples/example.java

Demo

How it works?

About

Static Analysis meets Large Language Models

Topics

static-analysis vulnerability-detection bug-fixing remediation auto-remediation large-language-models

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

50 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages