Patents Assigned to SONATYPE, INC.
-
Patent number: 12197913Abstract: A preferably cloud-based platform supports improvements in software development by assessing quality of source code files, for example, when files are pushed to a software repository. Various static analysis tools are executed on a source file, and the resulting bug reports, which reflect native features of the tools are assembled in a dataset. The bug dataset is enhanced by adding additional features that are not natively generated by the static analysis tool. An ML classifier is trained to predict a selected bug feature, and the classifier is used to update the bug dataset to include estimated values of the selected feature. In an embodiment, post-processing analysis of bug report datasets applies machine learning methods to predict the “severity” of bug reports, an indication of whether they are likely to be true or false. Further, a report of code quality can be returned based on the severity predictions.Type: GrantFiled: December 7, 2020Date of Patent: January 14, 2025Assignee: SONATYPE, INC.Inventors: Stephen Magill, Pavani Guttula, Suresh Jagannathan
-
Publication number: 20140026121Abstract: A computer system, method, or computer-readable medium corrects a broken portion of an application. A fingerprint indicates classes that comprise the application. The classes indicated in the fingerprint are looked up to determine whether any is broken. For a broken class, a fixed class is substituted when the broken class is loaded at class load time for the application; a fixed class method is substituted into the broken class, when the broken class is loaded at class load time; fixed byte code is substituted for broken byte code corresponding to the broken class, when the broken class is loaded at class load time; the broken class is unloaded and the fixed class is loaded instead, when the application is running; or the broken class is replaced inside the static application with the fixed class; all without replacing classes which are not broken.Type: ApplicationFiled: July 20, 2012Publication date: January 23, 2014Applicant: SONATYPE, INC.Inventors: Wayne Jackson, Brian Edward Fox, Mike Hansen, Stuart McCulloch, Jason Van Zyl
-
Publication number: 20130311496Abstract: A computer system or method identifies components. A component fingerprint storage is configured to memorize known fingerprints of known components. The term “component” used herein is defined to be a specific version of pre-existing executable software, or a reusable pre-existing self-contained software code building block which is not a complete stand-alone finished product ready for use and which is binary or source code. A fingerprint is generated for a normalized unknown component and fingerprints are generated for all normalized components included in the unknown component. It is determined whether any of the fingerprints generated for the normalized unknown component and for the normalized components included in the unknown component match any of the known fingerprints of known components.Type: ApplicationFiled: May 21, 2012Publication date: November 21, 2013Applicant: SONATYPE, INC.Inventors: Igor Fedorenko, Vlad Tatavu, Jamie Whitehouse, Brian Edward Fox
-
Publication number: 20130212562Abstract: An artifact update notification system that includes a server computer and client computer is discussed and described. The server computer stores artifact preferences, determined according to objective and subjective criteria, of artifact characteristics. The client computer executes a software development environment that makes use of a software artifact. The server computer and client computer interact to perform an update cycle. The update cycle includes the server computer communicating to the client computer whether there is an actionable change to the software artifact with respect to the artifact preferences. If there has been an actionable change to the software artifact, the client computer performs an update action in the software development environment in response to the actionable change.Type: ApplicationFiled: February 9, 2012Publication date: August 15, 2013Applicant: SONATYPE, INC.Inventors: Brian Edward Fox, Joel Orlina
-
Publication number: 20130074038Abstract: A computer system includes a transceiver and a processor that is cooperatively operable with the transceiver. The processor gathers, over the transceiver, (i) issue tracking information stored in an issue tracking storage system, the issue tracking information having a history of issues filed against a plurality of artifacts, and (ii) source code management information stored in a source code management storage system, the source code management information having a history of code changes committed against another plurality of artifacts. The processor checks a combined history of the issue tracking information and the source code management information for a history of issues filed against an artifact and a history of commits and corresponding source code changes committed against the artifact. The processor provides an interpretation of the current state of the artifact based on the combined history of the issue tracking information and source code management information about the artifact.Type: ApplicationFiled: September 15, 2011Publication date: March 21, 2013Applicant: SONATYPE, INC.Inventors: Brian Edward Fox, Joel Orlina
-
Publication number: 20130067427Abstract: A computer system is provided, comprising: a transceiver; and a processor configured to facilitate: collecting and storing artifact information, including: an artifact identifier for one or more artifacts, project identifiers for one or more software projects that use each artifact, and information about the temporal version for the artifacts; collecting and storing project information related to the software projects, including: a project identifier for each project, and contact information for a user of each software project; collecting metadata associated with the software artifacts, the metadata including: information identifying the artifact, information about security risks associated with the artifact, information about a license associated with the artifact, or information indicative of a level of use or user rating of the artifact; periodically or continually monitoring the metadata to determine whether there has been any actionable change; and notifying the user about the actionable change.Type: ApplicationFiled: May 30, 2012Publication date: March 14, 2013Applicant: SONATYPE, INC.Inventors: Brian Edward Fox, Joel Orlina
-
Publication number: 20130067426Abstract: A computer system is provided, comprising: a transceiver; and a processor configured to facilitate: collecting and storing information related to a software project having one or more software artifacts, the information including: a project identifier, artifact identifiers for the artifacts used by the project, information about the temporal version for the artifacts, and contact information for a project user; collecting, from a repository, artifact metadata associated with the software artifacts, the artifact metadata including: information identifying the artifact, information about security risks associated with the artifact, information about a license associated with the artifact, or information indicative of a level of use or user rating of the artifact; periodically monitoring the metadata to determine whether there has been any actionable change in the artifact metadata; and notifying the project user using the contact information if it is determined that there has been an actionable change in the arType: ApplicationFiled: September 13, 2011Publication date: March 14, 2013Applicant: SONATYPE, INC.Inventors: Brian Edward Fox, Joel Orlina
-
Publication number: 20120311534Abstract: A system and method are discussed that relate to recommending one or more software artifacts to an artifact user. Characteristic information about the artifact user and about a desired artifact is obtained. First metadata about each of one or more candidate artifacts is retrieved. A score is assigned to each of the one or more candidate artifacts, based on a first evaluation of one or more predetermined criteria applied to the retrieved first metadata. The scored artifacts are scaled based on a second evaluation of each of the one or more scored artifacts, the scaling being in view of the characteristic information about the artifact user and the characteristic information about the desired artifact. Finally, one or more scaled artifacts are recommended to the artifact user based on the second evaluation applied to each of the one or more scored artifacts, that is based on the scaled scores.Type: ApplicationFiled: June 2, 2011Publication date: December 6, 2012Applicant: SONATYPE, INC.Inventors: Brian Edward Fox, Joel Orlina
-
Publication number: 20120272205Abstract: A software artifact is scored for a user. Metadata associated with an artifact about project activity of how active an artifact project is to which the artifact belongs, a security risk indicated in the metadata of the artifact, or a license indicated in the metadata of the artifact, is collected from a software repository. A weighting of the artifact alone is determined from the metadata associated with the artifact that indicates desirability of the project activity, the security risk, or the license. The metadata associated with the artifact is compared to appropriateness with a metadata of a user project to which the user belongs as indicated by a profile of the user, so as to provide a score considering the determined weighting of the artifact and a appropriateness of the artifact for the user with respect to an intended use of the artifact by the user.Type: ApplicationFiled: April 19, 2011Publication date: October 25, 2012Applicant: SONATYPE, INC.Inventors: Brian Edward Fox, Joel Orlina