{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T05:10:02Z","timestamp":1777871402313,"version":"3.51.4"},"reference-count":42,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2026,4,3]],"date-time":"2026-04-03T00:00:00Z","timestamp":1775174400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100002241","name":"Japan Science and Technology Agency","doi-asserted-by":"publisher","award":["JPMJSP2102"],"award-info":[{"award-number":["JPMJSP2102"]}],"id":[{"id":"10.13039\/501100002241","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Knowledge-Based Systems"],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1016\/j.knosys.2026.115925","type":"journal-article","created":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T17:29:41Z","timestamp":1775150981000},"page":"115925","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":0,"special_numbering":"C","title":["CodeEnhancer: LLM-generated Python code enhancement through SAST integration and fine-tuning"],"prefix":"10.1016","volume":"342","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-3258-1442","authenticated-orcid":false,"given":"Jongmin","family":"Lee","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-2488-6043","authenticated-orcid":false,"given":"Khang","family":"Mai","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5811-4789","authenticated-orcid":false,"given":"Nakul","family":"Ghate","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-8760-2939","authenticated-orcid":false,"given":"Tomohiko","family":"Yagyu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4109-3763","authenticated-orcid":false,"given":"Razvan","family":"Beuran","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-1232-1424","authenticated-orcid":false,"given":"Yasuo","family":"Tan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/j.knosys.2026.115925_b1","series-title":"GPT-4 technical report","author":"OpenAI","year":"2023"},{"key":"10.1016\/j.knosys.2026.115925_b2","series-title":"Code Llama: Open foundation models for code","author":"Rozi\u00e8re","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b3","series-title":"Evaluating large language models trained on code","author":"Chen","year":"2021"},{"key":"10.1016\/j.knosys.2026.115925_b4","doi-asserted-by":"crossref","unstructured":"H. Pearce, B. Ahmad, B. Tan, B. Dolan-Gavitt, R. Karri, Asleep at the Keyboard? Assessing the Security of GitHub Copilot\u2019s Code Contributions, in: IEEE Symposium on Security and Privacy, SP, 2022, pp. 754\u2013768.","DOI":"10.1109\/SP46214.2022.9833571"},{"key":"10.1016\/j.knosys.2026.115925_b5","series-title":"Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security","first-page":"2785","article-title":"Do users write more insecure code with AI assistants?","author":"Perry","year":"2023"},{"issue":"3","key":"10.1016\/j.knosys.2026.115925_b6","article-title":"Bugs in large language models generated code: an empirical study","volume":"30","author":"Tambon","year":"2025","journal-title":"Empir. Softw. Engg."},{"issue":"5","key":"10.1016\/j.knosys.2026.115925_b7","first-page":"30","article-title":"Examining GitHub Copilot\u2019s security vulnerabilities: A case study","volume":"20","author":"Pearce","year":"2022","journal-title":"IEEE Secur. Priv."},{"key":"10.1016\/j.knosys.2026.115925_b8","series-title":"CodeBLEU: A method for automatic evaluation of code synthesis","author":"Ren","year":"2020"},{"key":"10.1016\/j.knosys.2026.115925_b9","series-title":"Proceedings of the 2023 Conference on Empirical Methods in Natural Language Processing","first-page":"13921","article-title":"CodeBERTScore: Evaluating code generation with pretrained models of code","author":"Zhou","year":"2023"},{"issue":"3","key":"10.1016\/j.knosys.2026.115925_b10","doi-asserted-by":"crossref","DOI":"10.1145\/3695991","article-title":"CodeScore: Evaluating code generation by learning code execution","volume":"34","author":"Dong","year":"2025","journal-title":"ACM Trans. Softw. Eng. Methodol."},{"key":"10.1016\/j.knosys.2026.115925_b11","series-title":"Pylint","author":"PyCQA","year":"2003"},{"key":"10.1016\/j.knosys.2026.115925_b12","series-title":"Bandit","author":"PyCQA","year":"2014"},{"key":"10.1016\/j.knosys.2026.115925_b13","series-title":"2023 IEEE\/ACM 20th International Conference on Mining Software Repositories","first-page":"588","article-title":"LLMSecEval: A dataset of natural language prompts for security evaluations","author":"Tony","year":"2023"},{"key":"10.1016\/j.knosys.2026.115925_b14","series-title":"Proceedings of the 1st International Workshop on Mining Software Repositories Applications for Privacy and Security","first-page":"29","article-title":"SecurityEval dataset: mining vulnerability examples to evaluate machine learning-based code generation techniques","author":"Siddiq","year":"2022"},{"key":"10.1016\/j.knosys.2026.115925_b15","series-title":"Mistral 7B","author":"Jiang","year":"2023"},{"key":"10.1016\/j.knosys.2026.115925_b16","series-title":"DeepSeek-R1: Incentivizing reasoning capability in LLMs via reinforcement learning","author":"DeepSeek-AI","year":"2025"},{"key":"10.1016\/j.knosys.2026.115925_b17","series-title":"2023 IEEE International Conference on Medical Artificial Intelligence","first-page":"284","article-title":"A review on code generation with LLMs: Application and evaluation","author":"Wang","year":"2023"},{"key":"10.1016\/j.knosys.2026.115925_b18","series-title":"2013 35th International Conference on Software Engineering","first-page":"672","article-title":"Why don\u2019t software developers use static analysis tools to find bugs?","author":"Johnson","year":"2013"},{"key":"10.1016\/j.knosys.2026.115925_b19","series-title":"CodeQL","author":"GitHub","year":"2023"},{"key":"10.1016\/j.knosys.2026.115925_b20","series-title":"RTLFixer: Automatically fixing RTL syntax errors with large language models","author":"Tsai","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b21","series-title":"Unveiling inefficiencies in LLM-generated code: Toward a comprehensive taxonomy","author":"Nasrat","year":"2025"},{"key":"10.1016\/j.knosys.2026.115925_b22","series-title":"Large language models cannot self-correct reasoning yet","author":"Huang","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b23","first-page":"1417","article-title":"When can LLMs actually correct their own mistakes? A critical survey of self-correction of LLMs","volume":"12","author":"Kamoi","year":"2024","journal-title":"\u201cTransactions Comput. Linguistics\u201d"},{"key":"10.1016\/j.knosys.2026.115925_b24","series-title":"Proceedings of the 2024 IEEE\/ACM First International Conference on AI Foundation Models and Software Engineering","first-page":"86","article-title":"Fine tuning large language model for secure code generation","author":"Li","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b25","doi-asserted-by":"crossref","DOI":"10.1145\/3714461","article-title":"Exploring parameter-efficient fine-tuning techniques for code generation with large language models","author":"Weyssow","year":"2025","journal-title":"ACM Trans. Softw. Eng. Methodol."},{"key":"10.1016\/j.knosys.2026.115925_b26","series-title":"Can LLMs patch security issues?","author":"Alrashedy","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b27","doi-asserted-by":"crossref","unstructured":"H. Pearce, B. Tan, B. Ahmad, R. Karri, B. Dolan-Gavitt, Examining Zero-Shot Vulnerability Repair with Large Language Models, in: IEEE Symposium on Security and Privacy, SP, 2023, pp. 1355\u20131369.","DOI":"10.1109\/SP46215.2023.10179324"},{"key":"10.1016\/j.knosys.2026.115925_b28","series-title":"LSAST: Enhancing cybersecurity through LLM-supported static application security testing","author":"Keltek","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b29","series-title":"Code generation with AlphaCodium: From prompt engineering to flow engineering","author":"Ridnik","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b30","series-title":"The Twelfth International Conference on Learning Representations","article-title":"Is self-repair a silver bullet for code generation?","author":"Olausson","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b31","series-title":"ICLR","article-title":"Training language models to self-correct via reinforcement learning","author":"Kumar","year":"2025"},{"key":"10.1016\/j.knosys.2026.115925_b32","series-title":"2024 IEEE Conference on Secure and Trustworthy Machine Learning","first-page":"684","article-title":"CodeLMSec benchmark: Systematically evaluating and finding security vulnerabilities in black-box code language models","author":"Hajipour","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b33","series-title":"A comprehensive study of LLM secure code generation","author":"Dai","year":"2025"},{"key":"10.1016\/j.knosys.2026.115925_b34","series-title":"SonarQube","author":"SonarSource","year":"2007"},{"key":"10.1016\/j.knosys.2026.115925_b35","series-title":"Checkmarx SAST","author":"Checkmarx","year":"2006"},{"key":"10.1016\/j.knosys.2026.115925_b36","series-title":"Program synthesis with large language models","author":"Austin","year":"2021"},{"issue":"9","key":"10.1016\/j.knosys.2026.115925_b37","doi-asserted-by":"crossref","first-page":"2254","DOI":"10.1109\/TSE.2024.3428972","article-title":"LLM-based test-driven interactive code generation: User study and empirical evaluation","volume":"50","author":"Fakhoury","year":"2024","journal-title":"IEEE Trans. Softw. Eng."},{"key":"10.1016\/j.knosys.2026.115925_b38","series-title":"Findings of the Association for Computational Linguistics: EACL 2024","first-page":"2141","article-title":"ICE-Score: Instructing large language models to evaluate code","author":"Zhang","year":"2024"},{"key":"10.1016\/j.knosys.2026.115925_b39","series-title":"Bridging LLM-generated code and requirements: Reverse generation technique and SBC metric for developer insights","author":"Nasrat","year":"2025"},{"key":"10.1016\/j.knosys.2026.115925_b40","series-title":"2021 18th International Conference on Privacy, Security and Trust","first-page":"1","article-title":"A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI","author":"Ruohonen","year":"2021"},{"key":"10.1016\/j.knosys.2026.115925_b41","doi-asserted-by":"crossref","first-page":"2023","DOI":"10.1016\/j.procs.2020.04.217","article-title":"A comparative study of static code analysis tools for vulnerability detection in C\/C++ and JAVA source code","volume":"171","author":"Kaur","year":"2020","journal-title":"Procedia Comput. Sci."},{"key":"10.1016\/j.knosys.2026.115925_b42","doi-asserted-by":"crossref","DOI":"10.1016\/j.cose.2021.102470","article-title":"On the adoption of static analysis for software security assessment\u2013A case study of an open-source e-government project","volume":"111","author":"Nguyen-Duc","year":"2021","journal-title":"Comput. Secur."}],"container-title":["Knowledge-Based Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0950705126006519?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0950705126006519?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T17:15:26Z","timestamp":1777569326000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0950705126006519"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,6]]},"references-count":42,"alternative-id":["S0950705126006519"],"URL":"https:\/\/doi.org\/10.1016\/j.knosys.2026.115925","relation":{},"ISSN":["0950-7051"],"issn-type":[{"value":"0950-7051","type":"print"}],"subject":[],"published":{"date-parts":[[2026,6]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"CodeEnhancer: LLM-generated Python code enhancement through SAST integration and fine-tuning","name":"articletitle","label":"Article Title"},{"value":"Knowledge-Based Systems","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.knosys.2026.115925","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2026 The Authors. Published by Elsevier B.V.","name":"copyright","label":"Copyright"}],"article-number":"115925"}}