-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathindex.html
More file actions
335 lines (317 loc) Β· 16.7 KB
/
index.html
File metadata and controls
335 lines (317 loc) Β· 16.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="description" content="RepoAudit is an open-source tool for repository quality assessment and bug management.">
<meta name="keywords" content="RepoAudit, Repository Audit, Bug Report, Code Quality, Open Source">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>RepoAudit</title>
<!-- Optional Google Analytics -->
<link href="https://fonts.googleapis.com/css?family=Google+Sans|Noto+Sans|Castoro" rel="stylesheet">
<link rel="stylesheet" href="./static/css/bulma.min.css">
<link rel="stylesheet" href="./static/css/bulma-carousel.min.css">
<link rel="stylesheet" href="./static/css/bulma-slider.min.css">
<link rel="stylesheet" href="./static/css/fontawesome.all.min.css">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/jpswalsh/academicons@1/css/academicons.min.css">
<link rel="stylesheet" href="./static/css/index.css">
<link rel="icon" href="./static/images/favicon.svg">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script defer src="./static/js/fontawesome.all.min.js"></script>
<script src="./static/js/bulma-carousel.min.js"></script>
<script src="./static/js/bulma-slider.min.js"></script>
<script src="./static/js/index.js"></script>
<style>
/* Responsive adjustments for compact layout */
.hero .hero-body { padding: 2rem 1rem !important; }
.section { padding: 1.5rem 1rem !important; }
.container { margin-top: 0.5rem; margin-bottom: 0.5rem; }
.box { padding: 1rem !important; margin-bottom: 1rem !important; }
.loading { text-align: center; font-size: 1.2em; margin-top: 20px; color: #555; }
/* Navbar burger adjustments for mobile */
@media screen and (max-width: 1023px) {
.navbar-menu { display: none; }
.navbar-menu.is-active { display: block; }
}
</style>
</head>
<body>
<!-- Navbar with additional links -->
<!-- Navbar with additional links -->
<nav class="navbar" role="navigation" aria-label="main navigation">
<div class="navbar-brand">
<a role="button" class="navbar-burger" aria-label="menu" aria-expanded="false" data-target="navMenu">
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
</a>
</div>
<div id="navMenu" class="navbar-menu">
<div class="navbar-start" style="flex-grow: 1; justify-content: center;">
<a class="navbar-item" href="index.html">
<span class="icon"><i class="fas fa-home"></i></span>
</a>
<a class="navbar-item" href="bugreports.html">Bug Reports</a>
<a class="navbar-item" href="documentation.html">Docs</a>
<a class="navbar-item" href="support.html">Support</a>
<a class="navbar-item" href="resources.html">Resources</a>
</div>
</div>
</nav>
<!-- Add this script block at the end of the document (before </body>) -->
<script>
document.addEventListener('DOMContentLoaded', () => {
const navbarBurgers = document.querySelectorAll('.navbar-burger');
navbarBurgers.forEach(el => {
el.addEventListener('click', () => {
const targetId = el.dataset.target;
const target = document.getElementById(targetId);
el.classList.toggle('is-active');
target.classList.toggle('is-active');
});
});
});
</script>
<!-- Hero Section: Introduction -->
<section class="hero">
<div class="hero-body">
<div class="container is-max-widescreen">
<div class="columns is-centered">
<div class="column has-text-centered">
<h1 class="title is-1">RepoAudit: Auditing Code As Humans</h1>
<div class="is-size-5" style="margin-top: 1rem;">
An autonomous LLM-agent designed for large-scale, repository-level code auditing.
</div>
<div class="buttons is-centered" style="margin-top: 1.5rem;">
<a href="https://arxiv.org/abs/2501.18160" class="button is-normal is-rounded is-dark" target="_blank">
<span class="icon"><i class="ai ai-arxiv"></i></span>
<span>Paper</span>
</a>
<a href="https://github.com/PurCL/RepoAudit" class="button is-normal is-rounded is-dark" target="_blank">
<span class="icon"><i class="fab fa-github"></i></span>
<span>Code</span>
</a>
</div>
</div>
</div>
</div>
</div>
<div class="container is-max-widescreen">
<div class="box">
<p><span style="font-size: 2em;">π΅βπ«</span> Are you still troubled by code security issues?</p>
<p><span style="font-size: 2em;">π΅βπ«</span> Have you ever complained that program testing misses countless bugs?</p>
<p><span style="font-size: 2em;">π΅βπ«</span> Have you found static code analysis tools too cumbersome to use, especially when they only support a limited set of bug types and languages like C/C++?</p>
<p><span style="font-size: 2em;">πΊ</span> If you face these challenges, RepoAudit is your ultimate lifesaver!</p>
<p>
<span style="font-size: 2.5em;">π―</span> Our mission is to enable automated code auditing with minimal human intervention. As a multi-agent framework blending the core principles of traditional static analysis with advanced large language models, RepoAudit reinvents code auditing by delivering:
</p>
<div class="content">
<ul>
<li><strong>Build-Free:</strong> No need to compile your programsβdetect potential bugs during development, even in incomplete code generated by AI tools like Copilot.</li>
<li><strong>Easy-to-Customize:</strong> Forget about dealing with compiler internals like LLVM IR. Simply write custom prompts. Few-shot chain-of-thought (CoT) prompting is all you need.</li>
<li><strong>Multi-Lingual Support:</strong> Analyze code in multiple languages with ease. RepoAudit currently supports C/C++, Java, Go, Ada, and even binary code, with additional language support on the horizon.</li>
</ul>
<p>
For a brand-new code auditing experience, check out the following demo videos and have a quick start.
</p>
</div>
</div>
<div class="columns" style="margin-top: 1rem;">
<div class="column">
<video controls muted loop poster="./static/videos/intro_preview.jpg" style="width: 100%; border: 3px solid black; border-radius: 8px;">
<source src="./static/videos/Intro.mp4" type="video/mp4">
Your browser does not support the video tag.
</video>
</div>
<div class="column">
<video controls muted loop style="width: 100%; border: 3px solid black; border-radius: 8px;">
<source src="./static/videos/demo.mp4" type="video/mp4">
Your browser does not support the video tag.
</video>
</div>
</div>
</div>
</section>
<!-- News Section -->
<section class="section" id="news">
<div class="container is-max-widescreen">
<h2 class="title is-3">Latest News</h2>
<div class="box">
<ul style="list-style: none; padding-left: 0;">
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(09/2025):</strong>
RepoAudit supports <strong>binary scanning</strong>, enabling deep analysis beyond source code. It has already uncovered dozens of critical vulnerabilities with PoC (Proof of Concept) in real-world firmware, proving its effectiveness in securing software supply chains.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(07/2025):</strong>
We released the <a href="https://arxiv.org/abs/2507.15671" target="_blank">preprint</a> of <strong>bugscope</strong>, an agent that learns to detect diverse bugs from examples. It beats <a href="https://docs.cursor.com/bugbot" target="_blank">Cursor BugBot</a> and <a href="https://www.coderabbit.ai/" target="_blank">CodeRabbit</a>, detecting 2Γ more bugs with high precision. Check out the <a href="https://arxiv.org/abs/2507.15671" target="_blank">preprint</a> for more details!
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(07/2025):</strong>
RepoAudit now supports auditing Ada code.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(06/2025):</strong>
The <a href="https://arxiv.org/abs/2506.00714" target="_blank">preprint</a> of "An LLM Agent for Functional Bug Detection in Network Protocols" has been released, providing the technical details of <strong>rfcscan</strong>!
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(05/2025):</strong>
RepoAudit was accepted to <a href="https://icml.cc/virtual/2025/poster/45170" target="_blank">ICML'25</a>.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(04/2025):</strong>
RepoAudit now can detect functional bugs in network protocol implementations, supporting <strong>rfcscan</strong>.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(04/2025):</strong>
We open-sourced the agent <strong>dfbscan</strong>, a data-flow bug detector in RepoAudit (<a href="https://github.com/PurCL/RepoAudit">Link</a>). Stay tuned as we will open-source other agents (such as <strong>bugscope</strong>, <strong>llmsa</strong>, <strong>rfcscan</strong>, <strong>patinf</strong>, and <strong>propscan</strong>) in RepoAudit very soon.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(03/2025):</strong>
We were invited to DARPA's Resilient Software Systems Demo Day. Here is the <a href="https://www.youtube.com/watch?v=XTtDh1EPx-g&list=PL6wMum5UsYvZhEOoP4YtAwtZdLSBIAltk&index=7" target="_blank">demo video</a>.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(03/2025):</strong>
RepoAudit detected a memory leak in Uber's geospatial indexing system <a href="https://github.com/uber/h3" target="_blank">h3</a>. The <a href="https://github.com/uber/h3/pull/976" target="_blank">bug</a> has been confirmed and the patch has been merged by the developers.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(02/2025):</strong>
We published the preprint of RepoAudit on arXiv. Here is the <a href="https://arxiv.org/abs/2501.18160" target="_blank">link</a> to the paper.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(01/2025):</strong>
We were invited to deliver a talk to the CodeQL team @ GitHub. Here is the <a href="https://www.youtube.com/watch?v=nOS56VC0FTQ" target="_blank">recording</a> of the talk.
</li>
<li style="margin-bottom: 0.5rem;">
<span style="color: #f39c12; font-weight: bold; margin-right: 0.5rem;">π</span>
<strong>(09/2024):</strong>
Two papers on AI code auditing were accepted by <a href="https://aclanthology.org/2024.findings-emnlp.217/" target="_blank">Findings of EMNLP'24</a> and <a href="https://neurips.cc/virtual/2024/poster/95227" target="_blank">NeurIPS'24</a>.
</li>
</ul>
</div>
</div>
</section>
<!-- Bug Report List Section: Top 10 -->
<section class="section" id="bug-reports">
<div class="container is-max-widescreen">
<h2 class="title is-3">Bug Report List (Top 10)</h2>
<div id="loading-message" class="loading">Loading bug reports...</div>
<table class="table is-striped is-hoverable is-fullwidth">
<thead>
<tr>
<th>ID</th>
<th>Project</th>
<th>Lang</th>
<th>Bug Type</th>
<th>Link</th>
<th>Status</th>
<th>Num</th>
<th>Agent</th>
<th>Date</th>
</tr>
</thead>
<tbody id="bug-report-table">
<!-- Dynamic rows will be inserted here -->
</tbody>
</table>
<div class="has-text-centered" style="margin-top: 1rem;">
<a href="bugreports.html" class="button is-link is-rounded">View More Bug Reports</a>
</div>
</div>
</section>
<!-- How to Start Section -->
<section class="section" id="how-to-start">
<div class="container is-max-widescreen">
<h2 class="title is-3">How to Start and Contribute</h2>
<div class="box">
<div class="content">
<ul>
<li>
<strong>For General Users:</strong> Get started by checking out our repositoryβs
<a href="https://github.com/PurCL/RepoAudit" target="_blank">README</a>. It provides step-by-step guides and usage examples. It also offers detailed instructions on how to integrate RepoAudit into your projects. Our
<a href="support.html" target="_blank">support page</a> gives further guidance on troubleshooting and common concerns.
</li>
<li>
<strong>For Domain Experts:</strong> Check out our
<a href="documentation.html" target="_blank">documentation</a> for detailed information. Learn how to extend RepoAudit for additional bug types and programming languages. You can even integrate your own knowledge base for multi-modal analysis.
</li>
<li>
<strong>For Researchers:</strong> Visit our
<a href="resources.html" target="_blank">Resource page</a> to explore more resources. We continuously post our projects on LLM-driven code auditing and update the list of research papers published in relevant venues.
</li>
</ul>
<p>
If you find any bugs in open-source projects using RepoAudit and get them confirmed, please submit an issue on our
<a href="bugreports.html" target="_blank">bug list</a>. We will acknowledge your contribution by listing the bugs.
</p>
</div>
</div>
</div>
</section>
<footer class="footer">
<div class="container">
<div class="content has-text-centered">
Template adapted from <a href="https://github.com/nerfies/nerfies.github.io" target="_blank">Nerfiese</a> by Keunhong Park et al.
</div>
</div>
</footer>
<!-- Navbar burger toggle script for mobile devices -->
<script>
document.addEventListener('DOMContentLoaded', () => {
const burger = document.querySelector('.navbar-burger');
const menu = document.getElementById(burger.dataset.target || "navMenu");
burger.addEventListener('click', () => {
burger.classList.toggle('is-active');
menu.classList.toggle('is-active');
});
});
async function loadBugReports() {
try {
const response = await fetch("static/bug/BugReport.json");
const bugReports = await response.json();
// Sort bugReports by descending sort_weight and then descending date
bugReports.sort((a, b) => {
if (b.sort_weight !== a.sort_weight) {
return b.sort_weight - a.sort_weight;
}
return new Date(b.date) - new Date(a.date);
});
const tableBody = document.getElementById("bug-report-table");
const loadingMessage = document.getElementById("loading-message");
// Remove loading message
loadingMessage.style.display = "none";
// Populate table rows with bug reports
bugReports.slice(0, 10).forEach((bug, index) => {
const row = document.createElement("tr");
row.innerHTML = `
<td>${index + 1}</td>
<td>${bug.repo_name}</td>
<td>${bug.language}</td>
<td>${bug.bug_type}</td>
<td><a href="${bug["patch/issue link"]}" target="_blank">View</a></td>
<td>${bug.status}</td>
<td>${bug["Bug Num"]}</td>
<td>${bug["Agent"]}</td>
<td>${bug.date}</td>
`;
tableBody.appendChild(row);
});
} catch (error) {
console.error("Error loading bug reports:", error);
document.getElementById("loading-message").textContent = "Failed to load bug reports.";
}
}
document.addEventListener("DOMContentLoaded", loadBugReports);
</script>
</body>
</html>