-
Notifications
You must be signed in to change notification settings - Fork 1.6k
/
Copy pathCodeVulnerabilityEvaluator.xml
199 lines (199 loc) · 16.2 KB
/
CodeVulnerabilityEvaluator.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
<Type Name="CodeVulnerabilityEvaluator" FullName="Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator">
<TypeSignature Language="C#" Value="public sealed class CodeVulnerabilityEvaluator : Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyEvaluator" />
<TypeSignature Language="ILAsm" Value=".class public auto ansi sealed beforefieldinit CodeVulnerabilityEvaluator extends Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyEvaluator" />
<TypeSignature Language="DocId" Value="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" />
<TypeSignature Language="VB.NET" Value="Public NotInheritable Class CodeVulnerabilityEvaluator
Inherits ContentSafetyEvaluator" />
<TypeSignature Language="F#" Value="type CodeVulnerabilityEvaluator = class
 inherit ContentSafetyEvaluator" />
<TypeSignature Language="C++ CLI" Value="public ref class CodeVulnerabilityEvaluator sealed : Microsoft::Extensions::AI::Evaluation::Safety::ContentSafetyEvaluator" />
<AssemblyInfo>
<AssemblyName>Microsoft.Extensions.AI.Evaluation.Safety</AssemblyName>
<AssemblyVersion>9.4.0.0</AssemblyVersion>
</AssemblyInfo>
<Base>
<BaseTypeName>Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyEvaluator</BaseTypeName>
</Base>
<Interfaces />
<Attributes>
<Attribute FrameworkAlternate="net-10.0-pp;net-8.0-pp;net-9.0-pp">
<AttributeName Language="C#">[System.Runtime.CompilerServices.Nullable(0)]</AttributeName>
<AttributeName Language="F#">[<System.Runtime.CompilerServices.Nullable(0)>]</AttributeName>
</Attribute>
</Attributes>
<Docs>
<param name="contentSafetyServiceConfiguration">
Specifies the Azure AI project that should be used and credentials that should be used when this
<see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyEvaluator" /> communicates with the Azure AI Content Safety service to perform
evaluations.
</param>
<summary>
An <see cref="T:Microsoft.Extensions.AI.Evaluation.IEvaluator" /> that utilizes the Azure AI Content Safety service to evaluate code completion responses
produced by an AI model for the presence of vulnerable code.
</summary>
<remarks>
<para>
<see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> supports evaluation of code vulnerabilities in the following programming
languages: Python, Java, C++, C#, Go, JavaScript and SQL. It can identify a variety of code vulnerabilities such as
sql injection, stack trace exposure, hardcoded credentials etc.
</para>
<para>
<see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> returns a <see cref="T:Microsoft.Extensions.AI.Evaluation.BooleanMetric" /> with a value of
<see langword="true" /> indicating the presence of an vulnerable code in the evaluated response, and a value of
<see langword="false" /> indicating the absence of vulnerable code.
</para>
<para>
Note that <see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> does not support evaluation of multimodal content present in
the evaluated responses. Images and other multimodal content present in the evaluated responses will be ignored.
Also note that if a multi-turn conversation is supplied as input, <see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> will
only evaluate the code present in the last conversation turn. Any code present in the previous conversation turns
will be ignored.
</para>
</remarks>
</Docs>
<Members>
<Member MemberName=".ctor">
<MemberSignature Language="C#" Value="public CodeVulnerabilityEvaluator (Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyServiceConfiguration contentSafetyServiceConfiguration);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig specialname rtspecialname instance void .ctor(class Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyServiceConfiguration contentSafetyServiceConfiguration) cil managed" />
<MemberSignature Language="DocId" Value="M:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator.#ctor(Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyServiceConfiguration)" />
<MemberSignature Language="VB.NET" Value="Public Sub New (contentSafetyServiceConfiguration As ContentSafetyServiceConfiguration)" />
<MemberSignature Language="F#" Value="new Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator : Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyServiceConfiguration -> Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" Usage="new Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator contentSafetyServiceConfiguration" />
<MemberSignature Language="C++ CLI" Value="public:
 CodeVulnerabilityEvaluator(Microsoft::Extensions::AI::Evaluation::Safety::ContentSafetyServiceConfiguration ^ contentSafetyServiceConfiguration);" />
<MemberType>Constructor</MemberType>
<AssemblyInfo>
<AssemblyName>Microsoft.Extensions.AI.Evaluation.Safety</AssemblyName>
<AssemblyVersion>9.4.0.0</AssemblyVersion>
</AssemblyInfo>
<Parameters>
<Parameter Name="contentSafetyServiceConfiguration" Type="Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyServiceConfiguration" />
</Parameters>
<Docs>
<param name="contentSafetyServiceConfiguration">
Specifies the Azure AI project that should be used and credentials that should be used when this
<see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.ContentSafetyEvaluator" /> communicates with the Azure AI Content Safety service to perform
evaluations.
</param>
<summary>
An <see cref="T:Microsoft.Extensions.AI.Evaluation.IEvaluator" /> that utilizes the Azure AI Content Safety service to evaluate code completion responses
produced by an AI model for the presence of vulnerable code.
</summary>
<remarks>
<para>
<see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> supports evaluation of code vulnerabilities in the following programming
languages: Python, Java, C++, C#, Go, JavaScript and SQL. It can identify a variety of code vulnerabilities such as
sql injection, stack trace exposure, hardcoded credentials etc.
</para>
<para>
<see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> returns a <see cref="T:Microsoft.Extensions.AI.Evaluation.BooleanMetric" /> with a value of
<see langword="true" /> indicating the presence of an vulnerable code in the evaluated response, and a value of
<see langword="false" /> indicating the absence of vulnerable code.
</para>
<para>
Note that <see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> does not support evaluation of multimodal content present in
the evaluated responses. Images and other multimodal content present in the evaluated responses will be ignored.
Also note that if a multi-turn conversation is supplied as input, <see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" /> will
only evaluate the code present in the last conversation turn. Any code present in the previous conversation turns
will be ignored.
</para>
</remarks>
</Docs>
</Member>
<Member MemberName="CodeVulnerabilityMetricName">
<MemberSignature Language="C#" Value="public static string CodeVulnerabilityMetricName { get; }" />
<MemberSignature Language="ILAsm" Value=".property string CodeVulnerabilityMetricName" />
<MemberSignature Language="DocId" Value="P:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator.CodeVulnerabilityMetricName" />
<MemberSignature Language="VB.NET" Value="Public Shared ReadOnly Property CodeVulnerabilityMetricName As String" />
<MemberSignature Language="F#" Value="static member CodeVulnerabilityMetricName : string" Usage="Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator.CodeVulnerabilityMetricName" />
<MemberSignature Language="C++ CLI" Value="public:
 static property System::String ^ CodeVulnerabilityMetricName { System::String ^ get(); };" />
<MemberType>Property</MemberType>
<AssemblyInfo>
<AssemblyName>Microsoft.Extensions.AI.Evaluation.Safety</AssemblyName>
<AssemblyVersion>9.4.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.String</ReturnType>
</ReturnValue>
<Docs>
<summary>
Gets the <see cref="P:Microsoft.Extensions.AI.Evaluation.EvaluationMetric.Name" /> of the <see cref="T:Microsoft.Extensions.AI.Evaluation.BooleanMetric" /> returned by
<see cref="T:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator" />.
</summary>
<value>To be added.</value>
<remarks>To be added.</remarks>
</Docs>
</Member>
<Member MemberName="EvaluateAsync">
<MemberSignature Language="C#" Value="public override System.Threading.Tasks.ValueTask<Microsoft.Extensions.AI.Evaluation.EvaluationResult> EvaluateAsync (System.Collections.Generic.IEnumerable<Microsoft.Extensions.AI.ChatMessage> messages, Microsoft.Extensions.AI.ChatResponse modelResponse, Microsoft.Extensions.AI.Evaluation.ChatConfiguration? chatConfiguration = default, System.Collections.Generic.IEnumerable<Microsoft.Extensions.AI.Evaluation.EvaluationContext>? additionalContext = default, System.Threading.CancellationToken cancellationToken = default);" />
<MemberSignature Language="ILAsm" Value=".method public hidebysig virtual instance valuetype System.Threading.Tasks.ValueTask`1<class Microsoft.Extensions.AI.Evaluation.EvaluationResult> EvaluateAsync(class System.Collections.Generic.IEnumerable`1<class Microsoft.Extensions.AI.ChatMessage> messages, class Microsoft.Extensions.AI.ChatResponse modelResponse, class Microsoft.Extensions.AI.Evaluation.ChatConfiguration chatConfiguration, class System.Collections.Generic.IEnumerable`1<class Microsoft.Extensions.AI.Evaluation.EvaluationContext> additionalContext, valuetype System.Threading.CancellationToken cancellationToken) cil managed" />
<MemberSignature Language="DocId" Value="M:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator.EvaluateAsync(System.Collections.Generic.IEnumerable{Microsoft.Extensions.AI.ChatMessage},Microsoft.Extensions.AI.ChatResponse,Microsoft.Extensions.AI.Evaluation.ChatConfiguration,System.Collections.Generic.IEnumerable{Microsoft.Extensions.AI.Evaluation.EvaluationContext},System.Threading.CancellationToken)" />
<MemberSignature Language="VB.NET" Value="Public Overrides Function EvaluateAsync (messages As IEnumerable(Of ChatMessage), modelResponse As ChatResponse, Optional chatConfiguration As ChatConfiguration = Nothing, Optional additionalContext As IEnumerable(Of EvaluationContext) = Nothing, Optional cancellationToken As CancellationToken = Nothing) As ValueTask(Of EvaluationResult)" />
<MemberSignature Language="F#" Value="override this.EvaluateAsync : seq<Microsoft.Extensions.AI.ChatMessage> * Microsoft.Extensions.AI.ChatResponse * Microsoft.Extensions.AI.Evaluation.ChatConfiguration * seq<Microsoft.Extensions.AI.Evaluation.EvaluationContext> * System.Threading.CancellationToken -> System.Threading.Tasks.ValueTask<Microsoft.Extensions.AI.Evaluation.EvaluationResult>" Usage="codeVulnerabilityEvaluator.EvaluateAsync (messages, modelResponse, chatConfiguration, additionalContext, cancellationToken)" />
<MemberType>Method</MemberType>
<AssemblyInfo>
<AssemblyName>Microsoft.Extensions.AI.Evaluation.Safety</AssemblyName>
<AssemblyVersion>9.4.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Threading.Tasks.ValueTask<Microsoft.Extensions.AI.Evaluation.EvaluationResult></ReturnType>
<Attributes>
<Attribute FrameworkAlternate="net-10.0-pp">
<AttributeName Language="C#">[System.Runtime.CompilerServices.Nullable(new System.Byte[] { 0, 1 })]</AttributeName>
<AttributeName Language="F#">[<System.Runtime.CompilerServices.Nullable(new System.Byte[] { 0, 1 })>]</AttributeName>
</Attribute>
</Attributes>
</ReturnValue>
<Parameters>
<Parameter Name="messages" Type="System.Collections.Generic.IEnumerable<Microsoft.Extensions.AI.ChatMessage>" />
<Parameter Name="modelResponse" Type="Microsoft.Extensions.AI.ChatResponse" />
<Parameter Name="chatConfiguration" Type="Microsoft.Extensions.AI.Evaluation.ChatConfiguration">
<Attributes>
<Attribute FrameworkAlternate="net-10.0-pp;net-8.0-pp;net-9.0-pp">
<AttributeName Language="C#">[System.Runtime.CompilerServices.Nullable(2)]</AttributeName>
<AttributeName Language="F#">[<System.Runtime.CompilerServices.Nullable(2)>]</AttributeName>
</Attribute>
</Attributes>
</Parameter>
<Parameter Name="additionalContext" Type="System.Collections.Generic.IEnumerable<Microsoft.Extensions.AI.Evaluation.EvaluationContext>">
<Attributes>
<Attribute FrameworkAlternate="net-10.0-pp;net-8.0-pp;net-9.0-pp">
<AttributeName Language="C#">[System.Runtime.CompilerServices.Nullable(new System.Byte[] { 2, 1 })]</AttributeName>
<AttributeName Language="F#">[<System.Runtime.CompilerServices.Nullable(new System.Byte[] { 2, 1 })>]</AttributeName>
</Attribute>
</Attributes>
</Parameter>
<Parameter Name="cancellationToken" Type="System.Threading.CancellationToken" />
</Parameters>
<Docs>
<param name="messages">To be added.</param>
<param name="modelResponse">To be added.</param>
<param name="chatConfiguration">To be added.</param>
<param name="additionalContext">To be added.</param>
<param name="cancellationToken">To be added.</param>
<summary>To be added.</summary>
<returns>To be added.</returns>
<remarks>To be added.</remarks>
<inheritdoc />
</Docs>
</Member>
<Member MemberName="EvaluationMetricNames">
<MemberSignature Language="C#" Value="public override System.Collections.Generic.IReadOnlyCollection<string> EvaluationMetricNames { get; }" />
<MemberSignature Language="ILAsm" Value=".property instance class System.Collections.Generic.IReadOnlyCollection`1<string> EvaluationMetricNames" />
<MemberSignature Language="DocId" Value="P:Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator.EvaluationMetricNames" />
<MemberSignature Language="VB.NET" Value="Public Overrides ReadOnly Property EvaluationMetricNames As IReadOnlyCollection(Of String)" />
<MemberSignature Language="F#" Value="member this.EvaluationMetricNames : System.Collections.Generic.IReadOnlyCollection<string>" Usage="Microsoft.Extensions.AI.Evaluation.Safety.CodeVulnerabilityEvaluator.EvaluationMetricNames" />
<MemberSignature Language="C++ CLI" Value="public:
 virtual property System::Collections::Generic::IReadOnlyCollection<System::String ^> ^ EvaluationMetricNames { System::Collections::Generic::IReadOnlyCollection<System::String ^> ^ get(); };" />
<MemberType>Property</MemberType>
<AssemblyInfo>
<AssemblyName>Microsoft.Extensions.AI.Evaluation.Safety</AssemblyName>
<AssemblyVersion>9.4.0.0</AssemblyVersion>
</AssemblyInfo>
<ReturnValue>
<ReturnType>System.Collections.Generic.IReadOnlyCollection<System.String></ReturnType>
</ReturnValue>
<Docs>
<summary>To be added.</summary>
<value>To be added.</value>
<remarks>To be added.</remarks>
<inheritdoc />
</Docs>
</Member>
</Members>
</Type>