Skip to content
View sofiaoreis's full-sized avatar
👽
👽
61 followers · 25 following

Achievements

Achievement: StarstruckAchievement: YOLOAchievement: Arctic Code Vault ContributorAchievement: Pull Sharkx2

Achievements

Achievement: StarstruckAchievement: YOLOAchievement: Arctic Code Vault ContributorAchievement: Pull Sharkx2

Organizations

@alumniei @TQRG

Block or report sofiaoreis

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
sofiaoreis/README.md

Hi, there! 👽

I perform research in security, software engineering, productivity, program analysis, machine learning, software maintainability and best practices.

🍵 My projects:

  • Secbench - A dataset of 676 security patches (multi-language, single-commits).
  • Security Patches Dataset - Collection of security patches.
  • SECOM - A convention for security commit messages.
  • SECOMlint - A linter for security commit messages. It measures compliance against SECOM.
  • SAST - A collection of static analyzers for security.
  • Lithium-Slicer - A test minimization tool to help developers create smaller test inputs (i.e., code snippets) in their bug reports (program slicer based on the Mozilla lithium tool).
  • ... and many more that will soon be published.

✨ Contributions:

  • Infer - I've added models to Meta/Facebook's static analyzer to boost the detection of performance issues in C/C++ (12 weeks internship).

Pinned Loading

  1. TQRG/secbench Public

    🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)

    Python 38 6

  2. TQRG/secom Public

    🍵 Convention for security commit messages

    JavaScript 5 1

  3. TQRG/security-patches-dataset Public

    ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV); tools to automatically update the data are provided.

    Jupyter Notebook 90 28

  4. lithium-slicer Public

    ⚙️ Program slicer based on the Mozilla Lithium Tool for Java (also dubbed as Tandem-FL).

    Python 11 3

  5. TQRG/puppet-lint-infrasecure Public

    👷 Puppet-lint plugins for security.

    Ruby 8

  6. facebook/infer Public

    A static analyzer for Java, C, C++, and Objective-C

    OCaml 15.2k 2k

92 contributions in the last year

Contribution Graph
Day of Week April May June July August September October November December January February March April
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Learn how we count contributions
Less
No contributions.
Low contributions.
Medium-low contributions.
Medium-high contributions.
High contributions.
More

Activity overview

Contributed to coders-school-pt/coders-school-pt.github.io, TQRG/icse2024, sofiaoreis/lithium-slicer and 3 other repositories
Loading A graph representing sofiaoreis's contributions from April 21, 2024 to April 24, 2025. The contributions are 91% commits, 9% issues, 0% pull requests, 0% code review.

Contribution activity

April 2025

Created 1 commit in 1 repository
9 contributions in private repositories Apr 4
Loading