jayansh21
/

codesheriff-bug-classifier

@@ -1,199 +1,149 @@
 ---
 library_name: transformers
-tags: []
 ---
-# Model Card for Model ID
-<!-- Provide a quick summary of what the model is/does. -->
-## Model Details
-### Model Description
-<!-- Provide a longer summary of what this model is. -->
-This is the model card of a 🤗 transformers model that has been pushed on the Hub. This model card has been automatically generated.
-- **Developed by:** [More Information Needed]
-- **Funded by [optional]:** [More Information Needed]
-- **Shared by [optional]:** [More Information Needed]
-- **Model type:** [More Information Needed]
-- **Language(s) (NLP):** [More Information Needed]
-- **License:** [More Information Needed]
-- **Finetuned from model [optional]:** [More Information Needed]
-### Model Sources [optional]
-<!-- Provide the basic links for the model. -->
-- **Repository:** [More Information Needed]
-- **Paper [optional]:** [More Information Needed]
-- **Demo [optional]:** [More Information Needed]
-## Uses
-<!-- Address questions around how the model is intended to be used, including the foreseeable users of the model and those affected by the model. -->
-### Direct Use
-<!-- This section is for the model use without fine-tuning or plugging into a larger ecosystem/app. -->
-[More Information Needed]
-### Downstream Use [optional]
-<!-- This section is for the model use when fine-tuned for a task, or when plugged into a larger ecosystem/app -->
-[More Information Needed]
-### Out-of-Scope Use
-<!-- This section addresses misuse, malicious use, and uses that the model will not work well for. -->
-[More Information Needed]
-## Bias, Risks, and Limitations
-<!-- This section is meant to convey both technical and sociotechnical limitations. -->
-[More Information Needed]
-### Recommendations
-<!-- This section is meant to convey recommendations with respect to the bias, risk, and technical limitations. -->
-Users (both direct and downstream) should be made aware of the risks, biases and limitations of the model. More information needed for further recommendations.
-## How to Get Started with the Model
-Use the code below to get started with the model.
-[More Information Needed]
-## Training Details
-### Training Data
-<!-- This should link to a Dataset Card, perhaps with a short stub of information on what the training data is all about as well as documentation related to data pre-processing or additional filtering. -->
-[More Information Needed]
-### Training Procedure
-<!-- This relates heavily to the Technical Specifications. Content here should link to that section when it is relevant to the training procedure. -->
-#### Preprocessing [optional]
-[More Information Needed]
-#### Training Hyperparameters
-- **Training regime:** [More Information Needed] <!--fp32, fp16 mixed precision, bf16 mixed precision, bf16 non-mixed precision, fp16 non-mixed precision, fp8 mixed precision -->
-#### Speeds, Sizes, Times [optional]
-<!-- This section provides information about throughput, start/end time, checkpoint size if relevant, etc. -->
-[More Information Needed]
 ## Evaluation
-<!-- This section describes the evaluation protocols and provides the results. -->
-### Testing Data, Factors & Metrics
-#### Testing Data
-<!-- This should link to a Dataset Card if possible. -->
-[More Information Needed]
-#### Factors
-<!-- These are the things the evaluation is disaggregating by, e.g., subpopulations or domains. -->
-[More Information Needed]
-#### Metrics
-<!-- These are the evaluation metrics being used, ideally with a description of why. -->
-[More Information Needed]
-### Results
-[More Information Needed]
-#### Summary
-## Model Examination [optional]
-<!-- Relevant interpretability work for the model goes here -->
-[More Information Needed]
-## Environmental Impact
-<!-- Total emissions (in grams of CO2eq) and additional considerations, such as electricity usage, go here. Edit the suggested text below accordingly -->
-Carbon emissions can be estimated using the [Machine Learning Impact calculator](https://mlco2.github.io/impact#compute) presented in [Lacoste et al. (2019)](https://arxiv.org/abs/1910.09700).
-- **Hardware Type:** [More Information Needed]
-- **Hours used:** [More Information Needed]
-- **Cloud Provider:** [More Information Needed]
-- **Compute Region:** [More Information Needed]
-- **Carbon Emitted:** [More Information Needed]
-## Technical Specifications [optional]
-### Model Architecture and Objective
-[More Information Needed]
-### Compute Infrastructure
-[More Information Needed]
-#### Hardware
-[More Information Needed]
-#### Software
-[More Information Needed]
-## Citation [optional]
-<!-- If there is a paper or blog post introducing the model, the APA and Bibtex information for that should go in this section. -->
-**BibTeX:**
-[More Information Needed]
-**APA:**
-[More Information Needed]
-## Glossary [optional]
-<!-- If relevant, include terms and calculations in this section that can help readers understand the model or model card. -->
-[More Information Needed]
-## More Information [optional]
-[More Information Needed]
-## Model Card Authors [optional]
-[More Information Needed]
-## Model Card Contact
-[More Information Needed]

 ---
+language:
+- code
 library_name: transformers
+pipeline_tag: text-classification
+tags:
+- code-review
+- bug-detection
+- codebert
+- python
+- security
+- static-analysis
+datasets:
+- code_search_net
+base_model: microsoft/codebert-base
+metrics:
+- f1
+- accuracy
+- precision
+- recall
+model-index:
+- name: codesheriff-bug-classifier
+  results:
+  - task:
+      type: text-classification
+      name: Code Bug Classification
+    dataset:
+      type: code_search_net
+      name: CodeSearchNet (Python split)
+      config: python
+    metrics:
+    - type: f1
+      value: 0.89
+      name: Macro F1
 ---
+# 🛡️ CodeSheriff Bug Classifier
+A fine-tuned **CodeBERT** model for automatic code bug classification in Python source code. Classifies code snippets into 5 categories to power AI-driven pull request reviews.
+## Model Description
+CodeSheriff Bug Classifier is a multi-class text classification model built on top of [microsoft/codebert-base](https://huggingface.co/microsoft/codebert-base). It takes a Python code snippet as input and predicts the type of bug present (or classifies it as clean).
+- **Base model:** `microsoft/codebert-base` (125M parameters)
+- **Task:** Multi-class code classification (5 classes)
+- **Language:** Python
+- **Framework:** PyTorch + HuggingFace Transformers
+## Intended Uses
+- **Primary use:** Backend classifier for the [CodeSheriff](https://github.com/jayansh21/CodeSheriff) automated PR review system.
+- **General use:** Any system that needs to classify Python code snippets for potential bugs (security vulnerabilities, null references, type mismatches, logic flaws).
+- **Out of scope:** This model is not designed for non-Python languages, natural language text, or code generation.
+## Labels
+| ID | Label                  | Description                                      |
+|----|------------------------|--------------------------------------------------|
+| 0  | Clean                  | Well-formed code with no detected issues         |
+| 1  | Null Reference Risk    | Potential `NoneType` access without null checks  |
+| 2  | Type Mismatch          | Incompatible type operations (e.g., `str + int`) |
+| 3  | Security Vulnerability | SQL injection, command injection, `eval()`, etc. |
+| 4  | Logic Flaw             | Off-by-one errors, division by zero, wrong logic |
+## Training
+### Dataset
+- **Source:** [CodeSearchNet](https://huggingface.co/datasets/code_search_net) (Python split)
+- **Labelling:** Heuristic rules applied to raw functions, augmented with 5,600 hand-crafted seed examples across all 5 classes (Clean: 3,000, Null Reference: 800, Type Mismatch: 500, Security: 500, Logic Flaw: 800)
+- **Preprocessing:** Function-level tokenization, max sequence length 512 tokens
+- **Split:** 80% train / 10% validation / 10% test (stratified, seed=42)
+### Hyperparameters
+| Parameter                  | Value   |
+|----------------------------|---------|
+| Base model                 | `microsoft/codebert-base` |
+| Max token length           | 512     |
+| Batch size                 | 8       |
+| Gradient accumulation steps| 2       |
+| Effective batch size       | 16      |
+| Learning rate              | 2e-5    |
+| Epochs                     | 4       |
+| Optimizer                  | AdamW   |
+| Scheduler                  | Linear warmup + decay |
+| Weight decay               | 0.01    |
+| Seed                       | 42      |
+### Training Infrastructure
+- **GPU:** NVIDIA RTX 3050 (4GB VRAM)
+- **Python:** 3.11.9
+- **PyTorch:** 2.x with CUDA
+- **Transformers:** 4.35+
 ## Evaluation
+### Metrics (Test Set)
+| Metric    | Score |
+|-----------|-------|
+| **Macro F1**  | **0.89** |
+| Accuracy  | 0.91  |
+### Per-Class Performance
+| Label                  | Precision | Recall | F1-Score |
+|------------------------|-----------|--------|----------|
+| Clean                  | 0.92      | 0.95   | 0.93     |
+| Null Reference Risk    | 0.85      | 0.82   | 0.83     |
+| Type Mismatch          | 0.84      | 0.80   | 0.82     |
+| Security Vulnerability | 0.96      | 0.98   | 0.97     |
+| Logic Flaw             | 0.87      | 0.86   | 0.87     |
+> Security Vulnerability achieves the highest F1 due to strong lexical signals (`os.system`, `eval`, SQL concatenation).
+## Confidence Gate
+In production, predictions below **60% confidence** are automatically downgraded to "Code Quality" (a generic low-priority label) to reduce false positives. Multi-label probabilities (`all_probs`) are also returned for downstream use.
+## How to Use
+### With Transformers
+```python
+from transformers import AutoTokenizer, AutoModelForSequenceClassification
+import torch
+model_name = "jayansh21/codesheriff-bug-classifier"
+tokenizer = AutoTokenizer.from_pretrained(model_name)
+model = AutoModelForSequenceClassification.from_pretrained(model_name)
+code = """
+def get_user(uid):
+    query = "SELECT * FROM users WHERE id=" + uid
+    return db.execute(query)
+"""
+inputs = tokenizer(code, return_tensors="pt", truncation=True, max_length=512)
+with torch.no_grad():
+    logits = model(**inputs).logits
+predicted_class = logits.argmax(dim=-1).item()
+labels = {0: "Clean", 1: "Null Reference Risk", 2: "Type Mismatch",
+          3: "Security Vulnerability", 4: "Logic Flaw"}
+print(f"Prediction: {labels[predicted_class]}")
+# Output: Prediction: Security Vulnerability