Hugging Face's logo

Spaces:
MMADS
/
cve-decoder
Sleeping

App Files Community
MMADS commited on
Commit
f72340f
·
1 Parent(s): 9c117f3

adopted to updated endpoint

Browse files
Files changed (1) hide show
  1. app.py +36 -30
app.py CHANGED
@@ -357,7 +357,7 @@ class CVEDashboard:
357
 
358
  def generate_tailored_summary(cve_description: str, audience: str, hf_token: Optional[str] = None, max_retries: int = 2) -> str:
359
  """
360
- Generates a tailored CVE summary using google/gemma-3-270m-it via HuggingFace Inference API.
361
 
362
  Args:
363
  cve_description: The original CVE description
@@ -380,9 +380,9 @@ def generate_tailored_summary(cve_description: str, audience: str, hf_token: Opt
380
  if audience not in AUDIENCE_PROFILES:
381
  return f"❌ Unknown audience: {audience}"
382
 
383
- # Define the model to use
384
  models = [
385
- "google/gemma-3-270m-it",
386
  ]
387
 
388
  headers = {"Authorization": f"Bearer {token}"}
@@ -401,22 +401,22 @@ Rewrite this CVE description for a {audience}.
401
  {cve_description[:1200]}
402
  Provide a concise, actionable summary (2-3 sentences) highlighting what matters most to this audience. Focus on practical implications and next steps."""
403
 
404
- # Manually apply the Gemma chat template
405
- prompt = f"<start_of_turn>user\n{full_prompt}<end_of_turn>\n<start_of_turn>model\n"
 
 
 
 
 
406
 
407
  for model in models:
408
- api_url = f"https://api-inference.huggingface.co/models/{model}"
409
-
410
  payload = {
411
- "inputs": prompt,
412
- "parameters": {
413
- "max_new_tokens": 200,
414
- "temperature": 0.7,
415
- "top_p": 0.95, # Recommended
416
- "do_sample": True,
417
- "return_full_text": False,
418
- "stop": ["<end_of_turn>", "<start_of_turn>"] # Stop sequences for Gemma
419
- }
420
  }
421
 
422
  for attempt in range(max_retries):
@@ -424,19 +424,25 @@ Provide a concise, actionable summary (2-3 sentences) highlighting what matters
424
  logger.info(f"Generating summary with {model} (attempt {attempt + 1})")
425
 
426
  response = requests.post(api_url, headers=headers, json=payload, timeout=45)
 
427
  if response.status_code == 200:
428
  try:
429
  result = response.json()
430
 
431
- # Standard response format for this payload type
432
  summary = ""
433
- if isinstance(result, list) and len(result) > 0:
434
- summary = result[0].get('generated_text', '').strip()
 
435
 
436
  if summary and len(summary) > 20:
437
  logger.info(f"Successfully generated summary with {model}")
438
  return f"**{audience} Summary (via {model.split('/')[-1]}):**\n\n{summary}"
439
-
 
 
 
 
440
  except json.JSONDecodeError as e:
441
  logger.warning(f"JSON decode error with {model}: {e}")
442
  continue
@@ -451,22 +457,22 @@ Provide a concise, actionable summary (2-3 sentences) highlighting what matters
451
  continue
452
  else:
453
  break
454
-
455
  else:
456
- logger.warning(f"HTTP {response.status_code} with {model}")
 
 
 
 
457
  break
458
 
459
  except requests.exceptions.Timeout:
460
- logger.warning(f"Timeout with {model}, trying next model...")
461
- break
 
462
 
463
  except requests.exceptions.RequestException as e:
464
  logger.error(f"Request failed with {model}: {e}")
465
  break
466
-
467
- except Exception as e:
468
- logger.error(f"Unexpected error with {model}: {e}")
469
- break
470
 
471
  return "⏳ AI models are currently busy. This can happen during peak usage. Please try again in a few minutes."
472
 
@@ -588,7 +594,7 @@ def create_interface():
588
  - Search CVEs by date range and keywords
589
  - Filter by severity levels
590
  - Visualize CVE distributions and trends
591
- - AI-powered audience-specific summaries using the google/gemma-3-270m-it model.
592
 
593
  **Supported Audiences:**
594
  - **Cybersecurity Professional:** Focus on threats, attack vectors, and mitigation
@@ -600,7 +606,7 @@ def create_interface():
600
 
601
  **Data Source:** [NIST NVD API](https://nvd.nist.gov/developers/vulnerabilities)
602
 
603
- **AI Model:** [google/gemma-3-270m-it](https://huggingface.co/google/gemma-3-270m-it)
604
 
605
  **Disclaimer:** Generated content may be inaccurate or false.
606
 
 
357
 
358
  def generate_tailored_summary(cve_description: str, audience: str, hf_token: Optional[str] = None, max_retries: int = 2) -> str:
359
  """
360
+ Generates a tailored CVE summary using google/gemma-2-9b-it via HuggingFace Inference API.
361
 
362
  Args:
363
  cve_description: The original CVE description
 
380
  if audience not in AUDIENCE_PROFILES:
381
  return f"❌ Unknown audience: {audience}"
382
 
383
+ # Define the model(s) to use
384
  models = [
385
+ "google/gemma-2-9b-it",
386
  ]
387
 
388
  headers = {"Authorization": f"Bearer {token}"}
 
401
  {cve_description[:1200]}
402
  Provide a concise, actionable summary (2-3 sentences) highlighting what matters most to this audience. Focus on practical implications and next steps."""
403
 
404
+ # Use the OpenAI-compatible messages format
405
+ messages = [
406
+ {"role": "user", "content": full_prompt}
407
+ ]
408
+
409
+ # Use the new, standardized router endpoint
410
+ api_url = "https://router.huggingface.co/v1/chat/completions"
411
 
412
  for model in models:
 
 
413
  payload = {
414
+ "model": model,
415
+ "messages": messages,
416
+ "max_tokens": 250,
417
+ "temperature": 0.7,
418
+ "top_p": 0.95,
419
+ "stop": ["<end_of_turn>", "<start_of_turn>"] # Stop sequences for Gemma
 
 
 
420
  }
421
 
422
  for attempt in range(max_retries):
 
424
  logger.info(f"Generating summary with {model} (attempt {attempt + 1})")
425
 
426
  response = requests.post(api_url, headers=headers, json=payload, timeout=45)
427
+
428
  if response.status_code == 200:
429
  try:
430
  result = response.json()
431
 
432
+ # New OpenAI-compatible response parsing
433
  summary = ""
434
+ if "choices" in result and len(result["choices"]) > 0:
435
+ message = result["choices"][0].get("message", {})
436
+ summary = message.get("content", "").strip()
437
 
438
  if summary and len(summary) > 20:
439
  logger.info(f"Successfully generated summary with {model}")
440
  return f"**{audience} Summary (via {model.split('/')[-1]}):**\n\n{summary}"
441
+ else:
442
+ # Handle cases where the model returns an empty summary
443
+ logger.warning(f"Model {model} returned an empty or short summary.")
444
+ continue # Retry if possible
445
+
446
  except json.JSONDecodeError as e:
447
  logger.warning(f"JSON decode error with {model}: {e}")
448
  continue
 
457
  continue
458
  else:
459
  break
 
460
  else:
461
+ error_message = response.json().get("error", response.text)
462
+ logger.warning(f"HTTP {response.status_code} with {model}: {error_message}")
463
+ # If the model is not found or there's a validation error, don't retry.
464
+ if response.status_code in [404, 422]:
465
+ return f"❌ Model '{model}' not found or request is invalid. Please check the model name."
466
  break
467
 
468
  except requests.exceptions.Timeout:
469
+ logger.warning(f"Timeout with {model} on attempt {attempt + 1}")
470
+ if attempt >= max_retries - 1:
471
+ break # Break outer loop if all retries failed
472
 
473
  except requests.exceptions.RequestException as e:
474
  logger.error(f"Request failed with {model}: {e}")
475
  break
 
 
 
 
476
 
477
  return "⏳ AI models are currently busy. This can happen during peak usage. Please try again in a few minutes."
478
 
 
594
  - Search CVEs by date range and keywords
595
  - Filter by severity levels
596
  - Visualize CVE distributions and trends
597
+ - AI-powered audience-specific summaries using the google/gemma-2-9b-it model.
598
 
599
  **Supported Audiences:**
600
  - **Cybersecurity Professional:** Focus on threats, attack vectors, and mitigation
 
606
 
607
  **Data Source:** [NIST NVD API](https://nvd.nist.gov/developers/vulnerabilities)
608
 
609
+ **AI Model:** [google/gemma-2-9b-it](https://huggingface.co/google/gemma-2-9b-it)
610
 
611
  **Disclaimer:** Generated content may be inaccurate or false.
612