Thanks! Exactly β tuning an LLM is another great use case. For instance, our Checkov case study could serve as labeled data to help the model learn to identify Infrastructure as Code anti-patterns.
27.04.2025 15:36 β π 2 π 0 π¬ 0 π 0
π Paper: programming-group.com/assets/pdf/p...
π¦ Dataset: zenodo.org/records/1421...
26.04.2025 15:12 β π 0 π 0 π¬ 0 π 0
For example, hundreds of IAM policies grant full administrative access, posing serious risks in real-world deployments. These insights show how TerraDS can serve as a foundation for improving tooling, analysis, and security in the IaC ecosystem.
26.04.2025 15:12 β π 0 π 0 π¬ 1 π 0
TerraDS fills this gap, collecting data from over 62,000 repositories, enriched with metadata and original HCL source code. As a case study, we used Checkov, a static analysis tool, to explore security issues in the dataset.
26.04.2025 15:11 β π 0 π 0 π¬ 1 π 0
Terraform is among the most established and widely adopted Infrastructure as Code (IaC) tools in use today. Yet, despite its popularity, there has been no comprehensive dataset to study real-world HCL programs at scale.
26.04.2025 15:10 β π 0 π 0 π¬ 1 π 0
Excited to introduce TerraDS, the first large-scale dataset of Terraform (by @hashicorp.com) configurations written in HCL, sourced exclusively from open-source repositories with permissive licenses to support reproducible research and tool development.
26.04.2025 15:08 β π 3 π 2 π¬ 2 π 0
Approaches to solving this issue vary, but the trend is clear: IaC tools are becoming increasingly complex as they shoulder a growing share of the security burden.
07.03.2025 14:38 β π 1 π 0 π¬ 0 π 0
Unlike Terraform, OpenTofu supports encrypting entire state files at rest. This means secrets remain unreadable without a decryption key or passphrase. (But where do we securely store the key or passphrase?)
07.03.2025 14:38 β π 1 π 0 π¬ 1 π 0
Terraform 1.11 (just released) expanded on this with write-only arguments, which can be written to but never readβmaking them suitable for secret values. Meanwhile, OpenTofu, the open-source Terraform fork, introduced built-in state file encryption (April 2024).
07.03.2025 14:38 β π 0 π 0 π¬ 1 π 0
For years, Terraform (by HashiCorp) stored secrets in plaintext (!) within its state files. A single misconfigured access control or exposed file could compromise these secrets. Terraform 1.10 (Nov 2024) introduced ephemeral values, preventing secrets from being stored in state and plan files.
07.03.2025 14:38 β π 0 π 0 π¬ 1 π 0
Managing secrets such as private keys, API tokens, and database credentials has always been one of the most challenging aspects of security. Despite improvements, secret leakage remains a major cause of breaches, and Infrastructure as Code (IaC) is no exception.
07.03.2025 14:38 β π 5 π 0 π¬ 1 π 1
New Horizon project! We will work on Infrastructure as Code, contributing to European Digital Sovereignty for a European, green cloud-computing infrastructure.
17.02.2025 10:54 β π 8 π 3 π¬ 0 π 0
Incoming Lecturer (Assistant Professor) at The University of Manchester
π©βππ¨βπ Looking for PhD students!
Formal Methods Engineering Lab: https://manchester-fme.github.io
HashiCorp helps you automate multi-cloud and hybrid environments with Infrastructure and Security Lifecycle Management.
Together, we can do cloud right.
Computer scientist at Imperial College London, specialising in programming languages, software testing, and formal verification. Leader of FastPL group: https://fastpl.doc.ic.ac.uk
Lecturer (Assistant Professor) at Loughborough University.
Working on Software Engineering, Programming Languages, and Formal Methods.
π Looking for PhD and visiting students.
Researcher with the Programming-Group at the University of St. Gallen, Switzerland. Interested in nearly everything related to computers ;-)
Assistant Professor at the National University of Singapore, leading the Trustworthy Engineering of Software Technologies lab (https://nus-test.github.io/). We focus on improving data-centric systems, particularly their reliability.
ProTeam Management Trainee at #LufthansaGroup, ex Applied Scientist Intern at #AWS, Software Engineer, and Research Scientist
Welcome to the official account of the University of St.Gallen (HSG).
https://www.unisg.ch
PhD Student in Programming Languages at the University of St. Gallen (HSG)
PhD student at @prg-grp.bsky.app
Interested in PL and Type Systems.
Programmer for more than 10 years.
Based in π¨π from π±π§
(he/him)
https://grgz.me
Programming Group at the University of St. Gallen - School of Computer Science
Prof. Guido Salvaneschi
https://programming-group.com
Prof. University of St.Gallen, Director at the Institute of Computer Science. Programming languages, software engineering, cybersecurity
official Bluesky account (check usernameπ)
Bugs, feature requests, feedback: support@bsky.app
