Super-squash branch 'main' using huggingface_hub

.gitattributes

@@ -0,0 +1,35 @@
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.arrow filter=lfs diff=lfs merge=lfs -text
+*.bin filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.ckpt filter=lfs diff=lfs merge=lfs -text
+*.ftz filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.h5 filter=lfs diff=lfs merge=lfs -text
+*.joblib filter=lfs diff=lfs merge=lfs -text
+*.lfs.* filter=lfs diff=lfs merge=lfs -text
+*.mlmodel filter=lfs diff=lfs merge=lfs -text
+*.model filter=lfs diff=lfs merge=lfs -text
+*.msgpack filter=lfs diff=lfs merge=lfs -text
+*.npy filter=lfs diff=lfs merge=lfs -text
+*.npz filter=lfs diff=lfs merge=lfs -text
+*.onnx filter=lfs diff=lfs merge=lfs -text
+*.ot filter=lfs diff=lfs merge=lfs -text
+*.parquet filter=lfs diff=lfs merge=lfs -text
+*.pb filter=lfs diff=lfs merge=lfs -text
+*.pickle filter=lfs diff=lfs merge=lfs -text
+*.pkl filter=lfs diff=lfs merge=lfs -text
+*.pt filter=lfs diff=lfs merge=lfs -text
+*.pth filter=lfs diff=lfs merge=lfs -text
+*.rar filter=lfs diff=lfs merge=lfs -text
+*.safetensors filter=lfs diff=lfs merge=lfs -text
+saved_model/**/* filter=lfs diff=lfs merge=lfs -text
+*.tar.* filter=lfs diff=lfs merge=lfs -text
+*.tar filter=lfs diff=lfs merge=lfs -text
+*.tflite filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.wasm filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
+*tfevents* filter=lfs diff=lfs merge=lfs -text

README.md

@@ -0,0 +1,188 @@
+---
+license: cc-by-4.0
+language:
+  - en
+library_name: transformers
+pipeline_tag: text-classification
+tags:
+  - cybersecurity
+  - vulnerability
+  - cwe
+  - cve
+  - nvd
+  - roberta
+base_model: FacebookAI/roberta-base
+datasets:
+  - xamxte/cve-to-cwe
+metrics:
+  - accuracy
+  - f1
+model-index:
+  - name: cwe-classifier-roberta-base
+    results:
+      - task:
+          type: text-classification
+          name: CWE Classification
+        dataset:
+          name: cve-to-cwe (test split)
+          type: xamxte/cve-to-cwe
+          split: test
+        metrics:
+          - name: Top-1 Accuracy
+            type: accuracy
+            value: 0.8744
+          - name: Top-3 Accuracy
+            type: accuracy
+            value: 0.9467
+          - name: Macro F1
+            type: f1
+            value: 0.6071
+      - task:
+          type: text-classification
+          name: CWE Classification (CTI-Bench)
+        dataset:
+          name: CTI-Bench cti-rcm
+          type: xashru/cti-bench
+        metrics:
+          - name: Strict Top-1
+            type: accuracy
+            value: 0.756
+          - name: Hierarchy-aware Top-1
+            type: accuracy
+            value: 0.865
+---
+
+# CWE Classifier (RoBERTa-base)
+
+A fine-tuned RoBERTa-base model that maps CVE (Common Vulnerabilities and Exposures) descriptions to CWE (Common Weakness Enumeration) categories. 125M parameters, 205 CWE classes.
+
+## Performance
+
+### Internal Test Set (27,780 gold-standard samples)
+
+| Metric | Score |
+|--------|-------|
+| Top-1 Accuracy | **87.4%** |
+| Top-3 Accuracy | **94.7%** |
+| Macro F1 | **0.607** |
+| Weighted F1 | 0.872 |
+
+### CTI-Bench External Benchmark (NeurIPS 2024, zero training overlap)
+
+| Benchmark | Strict Top-1 | Hierarchy-aware Top-1 |
+|-----------|--------------|-----------------------|
+| cti-rcm (2023-2024 CVEs) | 75.6% | **86.5%** |
+| cti-rcm-2021 (2011-2021 CVEs) | 71.8% | **82.8%** |
+
+### Comparison on CTI-Bench cti-rcm (strict exact match)
+
+All scores below use the official CTI-Bench evaluation protocol: strict exact CWE ID match.
+
+| Model | Params | Type | Top-1 Accuracy | Source |
+|-------|--------|------|---------------|--------|
+| [Sec-Gemini v1](https://security.googleblog.com/2025/04/google-launches-sec-gemini-v1-new.html) (Google)* | — | closed | ~86% | Google Security Blog |
+| [SecLM](https://security.googlecloudcommunity.com/community-blog-42/fueling-ai-innovation-in-secops-products-the-seclm-platform-and-sec-gemini-research-pipeline-3997) (Google)* | — | closed | ~85% | Google Cloud Blog |
+| **This model** | **125M** | **open** | **75.6%** | — |
+| [Foundation-Sec-8B-Reasoning](https://arxiv.org/abs/2601.21051) (Cisco) | 8B | open | 75.3% | arXiv 2601.21051 |
+| [GPT-4](https://arxiv.org/abs/2406.07599) | ~1.7T | closed | 72.0% | CTI-Bench paper |
+| [Foundation-Sec-8B](https://arxiv.org/abs/2504.21039) (Cisco) | 8B | open | 72.0% (±1.7%) | arXiv 2504.21039 |
+| [WhiteRabbitNeo-V2-70B](https://arxiv.org/abs/2504.21039) | 70B | open | 71.1% | arXiv 2504.21039 |
+| [Foundation-Sec-8B-Instruct](https://arxiv.org/abs/2601.21051) (Cisco) | 8B | open | 70.4% | arXiv 2601.21051 |
+| [Llama-Primus](https://huggingface.co/trend-cybertron/Llama-Primus-Base) (Trend Micro) | 8B | open | 67.8% | HuggingFace |
+| [GPT-3.5](https://arxiv.org/abs/2406.07599) | ~175B | closed | 67.2% | CTI-Bench paper |
+| [Gemini 1.5](https://arxiv.org/abs/2406.07599) | — | closed | 66.6% | CTI-Bench paper |
+| [LLaMA3-70B](https://arxiv.org/abs/2406.07599) | 70B | open | 65.9% | CTI-Bench paper |
+| [LLaMA3-8B](https://arxiv.org/abs/2406.07599) | 8B | open | 44.7% | CTI-Bench paper |
+
+*\*Sec-Gemini and SecLM scores are approximate, estimated from published comparison charts. Exact values were not reported.*
+
+**Competitive with the best open-weight models** at 64x fewer parameters (125M vs 8B).
+
+### Hierarchy-aware evaluation (supplementary)
+
+This model predicts specific child CWEs (e.g., CWE-121 Stack Buffer Overflow) while CTI-Bench ground truth often uses generic parent CWEs (e.g., CWE-119 Buffer Overflow). When parent↔child equivalences are counted as correct:
+
+| Benchmark | Strict Top-1 | Hierarchy-aware Top-1 |
+|-----------|--------------|-----------------------|
+| cti-rcm (2023-2024 CVEs) | 75.6% | 86.5% (+10.9pp) |
+| cti-rcm-2021 (2011-2021 CVEs) | 71.8% | 82.8% (+11.0pp) |
+
+*Note: Other models in the table above were evaluated with strict matching only. Hierarchy-aware scores are not directly comparable and are shown separately for transparency.*
+
+## Usage
+
+```python
+from transformers import pipeline
+
+classifier = pipeline("text-classification", model="xamxte/cwe-classifier-roberta-base", top_k=3)
+
+result = classifier("A SQL injection vulnerability in the login page allows remote attackers to execute arbitrary SQL commands via the username parameter.")
+print(result)
+# [[{'label': 'CWE-89', 'score': 0.95}, {'label': 'CWE-564', 'score': 0.02}, ...]]
+```
+
+### Manual inference
+
+```python
+from transformers import AutoTokenizer, AutoModelForSequenceClassification
+import torch
+import json
+
+model_name = "xamxte/cwe-classifier-roberta-base"
+tokenizer = AutoTokenizer.from_pretrained(model_name)
+model = AutoModelForSequenceClassification.from_pretrained(model_name)
+
+# Load label map
+from huggingface_hub import hf_hub_download
+label_map_path = hf_hub_download(repo_id=model_name, filename="cwe_label_map.json")
+with open(label_map_path) as f:
+    label_map = json.load(f)
+id_to_label = {v: k for k, v in label_map.items()}
+
+# Predict
+text = "CVE Description: A buffer overflow in the PNG parser allows remote code execution via crafted image files."
+inputs = tokenizer(text, return_tensors="pt", max_length=384, truncation=True, padding=True)
+
+with torch.no_grad():
+    logits = model(**inputs).logits
+
+top3 = torch.topk(logits, 3)
+for score, idx in zip(top3.values[0], top3.indices[0]):
+    print(f"{id_to_label[idx.item()]}: {score.item():.3f}")
+```
+
+## Training
+
+- **Base model:** FacebookAI/roberta-base (125M params)
+- **Dataset:** [xamxte/cve-to-cwe](https://huggingface.co/datasets/xamxte/cve-to-cwe) — 234,770 training samples with Claude Sonnet 4.6 refined labels
+- **Training method:** Two-phase fine-tuning
+  - Phase 1: Freeze first 8/12 transformer layers, train classifier head (4 epochs, lr=1e-4)
+  - Phase 2: Unfreeze all layers, full fine-tuning (9 epochs, lr=2e-5)
+- **Key hyperparameters:** max_length=384, batch_size=32, label_smoothing=0.1, cosine scheduler, bf16
+- **Hardware:** NVIDIA RTX 5080 (16GB), ~4 hours total
+- **Framework:** HuggingFace Transformers + PyTorch
+
+## Label Quality
+
+Training labels were refined using Claude Sonnet 4.6 via the Anthropic Batch API. The test/validation sets contain only "gold standard" samples where NVD and Sonnet labels agree (73.1% agreement rate). See the [dataset card](https://huggingface.co/datasets/xamxte/cve-to-cwe) for details.
+
+## CWE Hierarchy
+
+This model predicts **specific (child) CWE categories** where possible. For example, buffer overflows are classified as CWE-121 (Stack) or CWE-122 (Heap) rather than the generic CWE-119. This provides more actionable information for vulnerability triage, but means strict accuracy on benchmarks using parent CWEs appears lower than actual performance.
+
+## Limitations
+
+- **205 CWE classes only**: Covers the most common CWEs in NVD. Rare CWEs not in the training set will be mapped to the closest known class.
+- **English only**: Trained on English CVE descriptions from NVD.
+- **Description-based**: Uses only the text description, not CVSS scores, CPE, or other metadata.
+- **Single-label**: Predicts one CWE per CVE, though some vulnerabilities may involve multiple weakness types.
+
+## Citation
+
+```bibtex
+@model{cve_to_cwe_classifier_2025,
+  title={CWE Classifier (RoBERTa-base)},
+  year={2025},
+  url={https://huggingface.co/xamxte/cwe-classifier-roberta-base}
+}
+```

config.json

@@ -0,0 +1,442 @@
+{
+  "add_cross_attention": false,
+  "architectures": [
+    "RobertaForSequenceClassification"
+  ],
+  "attention_probs_dropout_prob": 0.1,
+  "bos_token_id": 0,
+  "classifier_dropout": null,
+  "dtype": "float32",
+  "eos_token_id": 2,
+  "hidden_act": "gelu",
+  "hidden_dropout_prob": 0.1,
+  "hidden_size": 768,
+  "id2label": {
+    "0": "LABEL_0",
+    "1": "LABEL_1",
+    "2": "LABEL_2",
+    "3": "LABEL_3",
+    "4": "LABEL_4",
+    "5": "LABEL_5",
+    "6": "LABEL_6",
+    "7": "LABEL_7",
+    "8": "LABEL_8",
+    "9": "LABEL_9",
+    "10": "LABEL_10",
+    "11": "LABEL_11",
+    "12": "LABEL_12",
+    "13": "LABEL_13",
+    "14": "LABEL_14",
+    "15": "LABEL_15",
+    "16": "LABEL_16",
+    "17": "LABEL_17",
+    "18": "LABEL_18",
+    "19": "LABEL_19",
+    "20": "LABEL_20",
+    "21": "LABEL_21",
+    "22": "LABEL_22",
+    "23": "LABEL_23",
+    "24": "LABEL_24",
+    "25": "LABEL_25",
+    "26": "LABEL_26",
+    "27": "LABEL_27",
+    "28": "LABEL_28",
+    "29": "LABEL_29",
+    "30": "LABEL_30",
+    "31": "LABEL_31",
+    "32": "LABEL_32",
+    "33": "LABEL_33",
+    "34": "LABEL_34",
+    "35": "LABEL_35",
+    "36": "LABEL_36",
+    "37": "LABEL_37",
+    "38": "LABEL_38",
+    "39": "LABEL_39",
+    "40": "LABEL_40",
+    "41": "LABEL_41",
+    "42": "LABEL_42",
+    "43": "LABEL_43",
+    "44": "LABEL_44",
+    "45": "LABEL_45",
+    "46": "LABEL_46",
+    "47": "LABEL_47",
+    "48": "LABEL_48",
+    "49": "LABEL_49",
+    "50": "LABEL_50",
+    "51": "LABEL_51",
+    "52": "LABEL_52",
+    "53": "LABEL_53",
+    "54": "LABEL_54",
+    "55": "LABEL_55",
+    "56": "LABEL_56",
+    "57": "LABEL_57",
+    "58": "LABEL_58",
+    "59": "LABEL_59",
+    "60": "LABEL_60",
+    "61": "LABEL_61",
+    "62": "LABEL_62",
+    "63": "LABEL_63",
+    "64": "LABEL_64",
+    "65": "LABEL_65",
+    "66": "LABEL_66",
+    "67": "LABEL_67",
+    "68": "LABEL_68",
+    "69": "LABEL_69",
+    "70": "LABEL_70",
+    "71": "LABEL_71",
+    "72": "LABEL_72",
+    "73": "LABEL_73",
+    "74": "LABEL_74",
+    "75": "LABEL_75",
+    "76": "LABEL_76",
+    "77": "LABEL_77",
+    "78": "LABEL_78",
+    "79": "LABEL_79",
+    "80": "LABEL_80",
+    "81": "LABEL_81",
+    "82": "LABEL_82",
+    "83": "LABEL_83",
+    "84": "LABEL_84",
+    "85": "LABEL_85",
+    "86": "LABEL_86",
+    "87": "LABEL_87",
+    "88": "LABEL_88",
+    "89": "LABEL_89",
+    "90": "LABEL_90",
+    "91": "LABEL_91",
+    "92": "LABEL_92",
+    "93": "LABEL_93",
+    "94": "LABEL_94",
+    "95": "LABEL_95",
+    "96": "LABEL_96",
+    "97": "LABEL_97",
+    "98": "LABEL_98",
+    "99": "LABEL_99",
+    "100": "LABEL_100",
+    "101": "LABEL_101",
+    "102": "LABEL_102",
+    "103": "LABEL_103",
+    "104": "LABEL_104",
+    "105": "LABEL_105",
+    "106": "LABEL_106",
+    "107": "LABEL_107",
+    "108": "LABEL_108",
+    "109": "LABEL_109",
+    "110": "LABEL_110",
+    "111": "LABEL_111",
+    "112": "LABEL_112",
+    "113": "LABEL_113",
+    "114": "LABEL_114",
+    "115": "LABEL_115",
+    "116": "LABEL_116",
+    "117": "LABEL_117",
+    "118": "LABEL_118",
+    "119": "LABEL_119",
+    "120": "LABEL_120",
+    "121": "LABEL_121",
+    "122": "LABEL_122",
+    "123": "LABEL_123",
+    "124": "LABEL_124",
+    "125": "LABEL_125",
+    "126": "LABEL_126",
+    "127": "LABEL_127",
+    "128": "LABEL_128",
+    "129": "LABEL_129",
+    "130": "LABEL_130",
+    "131": "LABEL_131",
+    "132": "LABEL_132",
+    "133": "LABEL_133",
+    "134": "LABEL_134",
+    "135": "LABEL_135",
+    "136": "LABEL_136",
+    "137": "LABEL_137",
+    "138": "LABEL_138",
+    "139": "LABEL_139",
+    "140": "LABEL_140",
+    "141": "LABEL_141",
+    "142": "LABEL_142",
+    "143": "LABEL_143",
+    "144": "LABEL_144",
+    "145": "LABEL_145",
+    "146": "LABEL_146",
+    "147": "LABEL_147",
+    "148": "LABEL_148",
+    "149": "LABEL_149",
+    "150": "LABEL_150",
+    "151": "LABEL_151",
+    "152": "LABEL_152",
+    "153": "LABEL_153",
+    "154": "LABEL_154",
+    "155": "LABEL_155",
+    "156": "LABEL_156",
+    "157": "LABEL_157",
+    "158": "LABEL_158",
+    "159": "LABEL_159",
+    "160": "LABEL_160",
+    "161": "LABEL_161",
+    "162": "LABEL_162",
+    "163": "LABEL_163",
+    "164": "LABEL_164",
+    "165": "LABEL_165",
+    "166": "LABEL_166",
+    "167": "LABEL_167",
+    "168": "LABEL_168",
+    "169": "LABEL_169",
+    "170": "LABEL_170",
+    "171": "LABEL_171",
+    "172": "LABEL_172",
+    "173": "LABEL_173",
+    "174": "LABEL_174",
+    "175": "LABEL_175",
+    "176": "LABEL_176",
+    "177": "LABEL_177",
+    "178": "LABEL_178",
+    "179": "LABEL_179",
+    "180": "LABEL_180",
+    "181": "LABEL_181",
+    "182": "LABEL_182",
+    "183": "LABEL_183",
+    "184": "LABEL_184",
+    "185": "LABEL_185",
+    "186": "LABEL_186",
+    "187": "LABEL_187",
+    "188": "LABEL_188",
+    "189": "LABEL_189",
+    "190": "LABEL_190",
+    "191": "LABEL_191",
+    "192": "LABEL_192",
+    "193": "LABEL_193",
+    "194": "LABEL_194",
+    "195": "LABEL_195",
+    "196": "LABEL_196",
+    "197": "LABEL_197",
+    "198": "LABEL_198",
+    "199": "LABEL_199",
+    "200": "LABEL_200",
+    "201": "LABEL_201",
+    "202": "LABEL_202",
+    "203": "LABEL_203",
+    "204": "LABEL_204"
+  },
+  "initializer_range": 0.02,
+  "intermediate_size": 3072,
+  "is_decoder": false,
+  "label2id": {
+    "LABEL_0": 0,
+    "LABEL_1": 1,
+    "LABEL_10": 10,
+    "LABEL_100": 100,
+    "LABEL_101": 101,
+    "LABEL_102": 102,
+    "LABEL_103": 103,
+    "LABEL_104": 104,
+    "LABEL_105": 105,
+    "LABEL_106": 106,
+    "LABEL_107": 107,
+    "LABEL_108": 108,
+    "LABEL_109": 109,
+    "LABEL_11": 11,
+    "LABEL_110": 110,
+    "LABEL_111": 111,
+    "LABEL_112": 112,
+    "LABEL_113": 113,
+    "LABEL_114": 114,
+    "LABEL_115": 115,
+    "LABEL_116": 116,
+    "LABEL_117": 117,
+    "LABEL_118": 118,
+    "LABEL_119": 119,
+    "LABEL_12": 12,
+    "LABEL_120": 120,
+    "LABEL_121": 121,
+    "LABEL_122": 122,
+    "LABEL_123": 123,
+    "LABEL_124": 124,
+    "LABEL_125": 125,
+    "LABEL_126": 126,
+    "LABEL_127": 127,
+    "LABEL_128": 128,
+    "LABEL_129": 129,
+    "LABEL_13": 13,
+    "LABEL_130": 130,
+    "LABEL_131": 131,
+    "LABEL_132": 132,
+    "LABEL_133": 133,
+    "LABEL_134": 134,
+    "LABEL_135": 135,
+    "LABEL_136": 136,
+    "LABEL_137": 137,
+    "LABEL_138": 138,
+    "LABEL_139": 139,
+    "LABEL_14": 14,
+    "LABEL_140": 140,
+    "LABEL_141": 141,
+    "LABEL_142": 142,
+    "LABEL_143": 143,
+    "LABEL_144": 144,
+    "LABEL_145": 145,
+    "LABEL_146": 146,
+    "LABEL_147": 147,
+    "LABEL_148": 148,
+    "LABEL_149": 149,
+    "LABEL_15": 15,
+    "LABEL_150": 150,
+    "LABEL_151": 151,
+    "LABEL_152": 152,
+    "LABEL_153": 153,
+    "LABEL_154": 154,
+    "LABEL_155": 155,
+    "LABEL_156": 156,
+    "LABEL_157": 157,
+    "LABEL_158": 158,
+    "LABEL_159": 159,
+    "LABEL_16": 16,
+    "LABEL_160": 160,
+    "LABEL_161": 161,
+    "LABEL_162": 162,
+    "LABEL_163": 163,
+    "LABEL_164": 164,
+    "LABEL_165": 165,
+    "LABEL_166": 166,
+    "LABEL_167": 167,
+    "LABEL_168": 168,
+    "LABEL_169": 169,
+    "LABEL_17": 17,
+    "LABEL_170": 170,
+    "LABEL_171": 171,
+    "LABEL_172": 172,
+    "LABEL_173": 173,
+    "LABEL_174": 174,
+    "LABEL_175": 175,
+    "LABEL_176": 176,
+    "LABEL_177": 177,
+    "LABEL_178": 178,
+    "LABEL_179": 179,
+    "LABEL_18": 18,
+    "LABEL_180": 180,
+    "LABEL_181": 181,
+    "LABEL_182": 182,
+    "LABEL_183": 183,
+    "LABEL_184": 184,
+    "LABEL_185": 185,
+    "LABEL_186": 186,
+    "LABEL_187": 187,
+    "LABEL_188": 188,
+    "LABEL_189": 189,
+    "LABEL_19": 19,
+    "LABEL_190": 190,
+    "LABEL_191": 191,
+    "LABEL_192": 192,
+    "LABEL_193": 193,
+    "LABEL_194": 194,
+    "LABEL_195": 195,
+    "LABEL_196": 196,
+    "LABEL_197": 197,
+    "LABEL_198": 198,
+    "LABEL_199": 199,
+    "LABEL_2": 2,
+    "LABEL_20": 20,
+    "LABEL_200": 200,
+    "LABEL_201": 201,
+    "LABEL_202": 202,
+    "LABEL_203": 203,
+    "LABEL_204": 204,
+    "LABEL_21": 21,
+    "LABEL_22": 22,
+    "LABEL_23": 23,
+    "LABEL_24": 24,
+    "LABEL_25": 25,
+    "LABEL_26": 26,
+    "LABEL_27": 27,
+    "LABEL_28": 28,
+    "LABEL_29": 29,
+    "LABEL_3": 3,
+    "LABEL_30": 30,
+    "LABEL_31": 31,
+    "LABEL_32": 32,
+    "LABEL_33": 33,
+    "LABEL_34": 34,
+    "LABEL_35": 35,
+    "LABEL_36": 36,
+    "LABEL_37": 37,
+    "LABEL_38": 38,
+    "LABEL_39": 39,
+    "LABEL_4": 4,
+    "LABEL_40": 40,
+    "LABEL_41": 41,
+    "LABEL_42": 42,
+    "LABEL_43": 43,
+    "LABEL_44": 44,
+    "LABEL_45": 45,
+    "LABEL_46": 46,
+    "LABEL_47": 47,
+    "LABEL_48": 48,
+    "LABEL_49": 49,
+    "LABEL_5": 5,
+    "LABEL_50": 50,
+    "LABEL_51": 51,
+    "LABEL_52": 52,
+    "LABEL_53": 53,
+    "LABEL_54": 54,
+    "LABEL_55": 55,
+    "LABEL_56": 56,
+    "LABEL_57": 57,
+    "LABEL_58": 58,
+    "LABEL_59": 59,
+    "LABEL_6": 6,
+    "LABEL_60": 60,
+    "LABEL_61": 61,
+    "LABEL_62": 62,
+    "LABEL_63": 63,
+    "LABEL_64": 64,
+    "LABEL_65": 65,
+    "LABEL_66": 66,
+    "LABEL_67": 67,
+    "LABEL_68": 68,
+    "LABEL_69": 69,
+    "LABEL_7": 7,
+    "LABEL_70": 70,
+    "LABEL_71": 71,
+    "LABEL_72": 72,
+    "LABEL_73": 73,
+    "LABEL_74": 74,
+    "LABEL_75": 75,
+    "LABEL_76": 76,
+    "LABEL_77": 77,
+    "LABEL_78": 78,
+    "LABEL_79": 79,
+    "LABEL_8": 8,
+    "LABEL_80": 80,
+    "LABEL_81": 81,
+    "LABEL_82": 82,
+    "LABEL_83": 83,
+    "LABEL_84": 84,
+    "LABEL_85": 85,
+    "LABEL_86": 86,
+    "LABEL_87": 87,
+    "LABEL_88": 88,
+    "LABEL_89": 89,
+    "LABEL_9": 9,
+    "LABEL_90": 90,
+    "LABEL_91": 91,
+    "LABEL_92": 92,
+    "LABEL_93": 93,
+    "LABEL_94": 94,
+    "LABEL_95": 95,
+    "LABEL_96": 96,
+    "LABEL_97": 97,
+    "LABEL_98": 98,
+    "LABEL_99": 99
+  },
+  "layer_norm_eps": 1e-05,
+  "max_position_embeddings": 514,
+  "model_type": "roberta",
+  "num_attention_heads": 12,
+  "num_hidden_layers": 12,
+  "pad_token_id": 1,
+  "tie_word_embeddings": true,
+  "transformers_version": "5.3.0",
+  "type_vocab_size": 1,
+  "use_cache": false,
+  "vocab_size": 50265
+}

cwe_label_map.json

@@ -0,0 +1,207 @@
+{
+  "CWE-1021": 0,
+  "CWE-113": 1,
+  "CWE-116": 2,
+  "CWE-117": 3,
+  "CWE-1188": 4,
+  "CWE-119": 5,
+  "CWE-120": 6,
+  "CWE-121": 7,
+  "CWE-122": 8,
+  "CWE-1220": 9,
+  "CWE-1236": 10,
+  "CWE-125": 11,
+  "CWE-126": 12,
+  "CWE-1284": 13,
+  "CWE-1286": 14,
+  "CWE-1287": 15,
+  "CWE-129": 16,
+  "CWE-130": 17,
+  "CWE-131": 18,
+  "CWE-1321": 19,
+  "CWE-1333": 20,
+  "CWE-1336": 21,
+  "CWE-134": 22,
+  "CWE-1390": 23,
+  "CWE-1392": 24,
+  "CWE-16": 25,
+  "CWE-17": 26,
+  "CWE-184": 27,
+  "CWE-189": 28,
+  "CWE-19": 29,
+  "CWE-190": 30,
+  "CWE-191": 31,
+  "CWE-193": 32,
+  "CWE-20": 33,
+  "CWE-200": 34,
+  "CWE-201": 35,
+  "CWE-203": 36,
+  "CWE-204": 37,
+  "CWE-208": 38,
+  "CWE-209": 39,
+  "CWE-212": 40,
+  "CWE-22": 41,
+  "CWE-23": 42,
+  "CWE-24": 43,
+  "CWE-248": 44,
+  "CWE-250": 45,
+  "CWE-252": 46,
+  "CWE-254": 47,
+  "CWE-255": 48,
+  "CWE-256": 49,
+  "CWE-257": 50,
+  "CWE-259": 51,
+  "CWE-264": 52,
+  "CWE-266": 53,
+  "CWE-267": 54,
+  "CWE-269": 55,
+  "CWE-275": 56,
+  "CWE-276": 57,
+  "CWE-277": 58,
+  "CWE-280": 59,
+  "CWE-281": 60,
+  "CWE-284": 61,
+  "CWE-285": 62,
+  "CWE-287": 63,
+  "CWE-288": 64,
+  "CWE-29": 65,
+  "CWE-290": 66,
+  "CWE-294": 67,
+  "CWE-295": 68,
+  "CWE-300": 69,
+  "CWE-303": 70,
+  "CWE-305": 71,
+  "CWE-306": 72,
+  "CWE-307": 73,
+  "CWE-310": 74,
+  "CWE-311": 75,
+  "CWE-312": 76,
+  "CWE-319": 77,
+  "CWE-320": 78,
+  "CWE-321": 79,
+  "CWE-326": 80,
+  "CWE-327": 81,
+  "CWE-330": 82,
+  "CWE-331": 83,
+  "CWE-338": 84,
+  "CWE-345": 85,
+  "CWE-346": 86,
+  "CWE-347": 87,
+  "CWE-35": 88,
+  "CWE-352": 89,
+  "CWE-354": 90,
+  "CWE-358": 91,
+  "CWE-359": 92,
+  "CWE-36": 93,
+  "CWE-362": 94,
+  "CWE-367": 95,
+  "CWE-369": 96,
+  "CWE-377": 97,
+  "CWE-384": 98,
+  "CWE-399": 99,
+  "CWE-400": 100,
+  "CWE-401": 101,
+  "CWE-404": 102,
+  "CWE-407": 103,
+  "CWE-415": 104,
+  "CWE-416": 105,
+  "CWE-425": 106,
+  "CWE-426": 107,
+  "CWE-427": 108,
+  "CWE-428": 109,
+  "CWE-434": 110,
+  "CWE-436": 111,
+  "CWE-441": 112,
+  "CWE-444": 113,
+  "CWE-451": 114,
+  "CWE-457": 115,
+  "CWE-459": 116,
+  "CWE-472": 117,
+  "CWE-476": 118,
+  "CWE-489": 119,
+  "CWE-494": 120,
+  "CWE-497": 121,
+  "CWE-502": 122,
+  "CWE-506": 123,
+  "CWE-521": 124,
+  "CWE-522": 125,
+  "CWE-532": 126,
+  "CWE-538": 127,
+  "CWE-548": 128,
+  "CWE-552": 129,
+  "CWE-565": 130,
+  "CWE-59": 131,
+  "CWE-591": 132,
+  "CWE-598": 133,
+  "CWE-601": 134,
+  "CWE-602": 135,
+  "CWE-61": 136,
+  "CWE-610": 137,
+  "CWE-611": 138,
+  "CWE-613": 139,
+  "CWE-617": 140,
+  "CWE-620": 141,
+  "CWE-639": 142,
+  "CWE-640": 143,
+  "CWE-648": 144,
+  "CWE-665": 145,
+  "CWE-667": 146,
+  "CWE-668": 147,
+  "CWE-669": 148,
+  "CWE-670": 149,
+  "CWE-674": 150,
+  "CWE-680": 151,
+  "CWE-681": 152,
+  "CWE-682": 153,
+  "CWE-693": 154,
+  "CWE-697": 155,
+  "CWE-703": 156,
+  "CWE-704": 157,
+  "CWE-706": 158,
+  "CWE-707": 159,
+  "CWE-73": 160,
+  "CWE-732": 161,
+  "CWE-74": 162,
+  "CWE-749": 163,
+  "CWE-754": 164,
+  "CWE-755": 165,
+  "CWE-763": 166,
+  "CWE-77": 167,
+  "CWE-770": 168,
+  "CWE-772": 169,
+  "CWE-776": 170,
+  "CWE-78": 171,
+  "CWE-787": 172,
+  "CWE-788": 173,
+  "CWE-789": 174,
+  "CWE-79": 175,
+  "CWE-798": 176,
+  "CWE-80": 177,
+  "CWE-822": 178,
+  "CWE-823": 179,
+  "CWE-824": 180,
+  "CWE-829": 181,
+  "CWE-834": 182,
+  "CWE-835": 183,
+  "CWE-840": 184,
+  "CWE-843": 185,
+  "CWE-862": 186,
+  "CWE-863": 187,
+  "CWE-88": 188,
+  "CWE-89": 189,
+  "CWE-908": 190,
+  "CWE-909": 191,
+  "CWE-91": 192,
+  "CWE-912": 193,
+  "CWE-913": 194,
+  "CWE-916": 195,
+  "CWE-917": 196,
+  "CWE-918": 197,
+  "CWE-922": 198,
+  "CWE-926": 199,
+  "CWE-93": 200,
+  "CWE-94": 201,
+  "CWE-95": 202,
+  "CWE-98": 203,
+  "CWE-OTHER": 204
+}

model.safetensors

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3c0cb92e88ac2fbe698ccc77ca23fecc4ad810f99307affa2fc3ac7b14a8344c
+size 499237228

tokenizer_config.json

@@ -0,0 +1,16 @@
+{
+  "add_prefix_space": false,
+  "backend": "tokenizers",
+  "bos_token": "<s>",
+  "cls_token": "<s>",
+  "eos_token": "</s>",
+  "errors": "replace",
+  "is_local": false,
+  "mask_token": "<mask>",
+  "model_max_length": 512,
+  "pad_token": "<pad>",
+  "sep_token": "</s>",
+  "tokenizer_class": "RobertaTokenizer",
+  "trim_offsets": true,
+  "unk_token": "<unk>"
+}