| ▲ | mbbutler 7 hours ago | |
It would be helpful to add in some cases that do not contain any vulnerabilities to assess false-positive rate as well. | ||
| ▲ | mufeedvh 7 hours ago | parent | next [-] | |
This is a good idea. Will incorporate false-positive rates into the rubric from the next run onwards. At winfunc, we spent a lot of research time taming these models to eradicate false-positive rates (it's high!) so this does feel important enough to be documented. Thanks! | ||
| ▲ | cortesoft 7 hours ago | parent | prev [-] | |
Any code that is certain that it doesn't have any vulnerabilities is going to be pretty trivial to verify. | ||