Vulntrain

Changes

- Dataset generation: CVSS are now extracted from GitHub and PySec security advisories.
- Dataset generation: CVSS, CPE, title and description (summary) are now extracted from CSAF document.

News

- Trainers: Support of roberta-base for the text classifier with improved
settings for TrainingArguments.
- Validators: Validator for severity classification.

News

- Introduced a new trainer to automatically classify vulnerabilities based on their descriptions,
even when CVSS scores are unavailable.
- Added CVSS parsing to the dataset generation script.

Changes

- Refactored the project structure for better organization.
- Improved CPE parsing.
- Enhanced the dataset generation script.
- Optimized the trainer for text generation on vulnerability descriptions.
- Improved command-line argument parsing.
- Improved the process of pushing the tokenizer and trainer to Hugging Face.

Fixed configuration module name.

Added support of configuration file.

The dataset generation step now uses data from GitHub Advisories,
and the VulnExtractor cleans the summary and details fields.