five

JsVul: A function-level dataset of vulnerable and fixed source code in JavaScript and TypeScript

收藏
Zenodo2026-02-05 更新2026-05-26 收录
下载链接:
https://zenodo.org/doi/10.5281/zenodo.18195838
下载链接
链接失效反馈
官方服务:
资源简介:
JsVul is a curated, function-level vulnerability dataset designed for the JavaScript and TypeScript ecosystems. Aggregated from seven major sources (CrossVul, CVEFixes, JS Vulnerability Dataset, OSSF CVE benchmark, SecBench.JS, OSV, and NVD), it supports the training of machine learning models for automated vulnerability detection. Unlike generic multi-language datasets, JsVul utilizes a language-specific pipeline to ensure high data quality. The curation process includes: Noise Filtering: Removal of minified code, test files, and non-semantic cosmetic edits. Syntax Normalization: Application of ESLint and Prettier to standardizes code structure. Rigorous Deduplication: Multi-stage filtering at the file, commit, and function levels. Repository ContentsThe repository provides three compressed archives: merged_data.zip: Raw source code files and JSON metadata for reproducibility. js_vul.zip: The complete dataset containing ~22,000 labeled functions (Vulnerable/Safe) in chronologically sorted JSON Lines (JSONL) format. js_vul_pairs_only.zip: A subset containing only matched pairs of pre-fix (vulnerable) and post-fix (safe) functions. Each JSONL record includes the function body, binary label, and associated metadata (CVE/CWE IDs, commit hash, and publication date).
提供机构:
Zenodo
创建时间:
2026-01-14
二维码
社区交流群
二维码
科研交流群
商业服务