HumanEval — a procurement-grade audit of the code benchmark every model card cites.

Clean JSONL via HuggingFace, drop-in compatible with the datasets library. Original release on GitHub is canonical. Every problem record carries task_id, prompt, canonical_solution, test, entry_point. The lm-eval-harness, EleutherAI's harness, BigCode's harness, and OpenAI's own evals all consume HumanEval without custom code. 5-point deduction is for the JSONL-only canonical release (no parquet variant ships from OpenAI; HF mirrors offer one).

MIT license. Unambiguous, commercial-friendly, no inherited license terms from upstream sources (every problem and test is OpenAI-authored, not scraped). This is the model other benchmark releases should follow. 5-point deduction reflects the absence of an explicit ToU addendum addressing the contamination question — should downstream users disclose if their training corpus may have included HumanEval problems?

This is HumanEval's structural strength. Every problem ships with executable unit tests (avg. 7.7 tests per problem) authored alongside the reference solution. Correctness is determined by passing the tests, not by matching a single canonical solution. This eliminates the label-noise concern that dominates the MMLU audit — there's no "is this the right answer?" disagreement when the answer is "does this code pass these tests?" 6-point deduction reflects the rare cases where tests are themselves under-specified (a test that doesn't cover an edge case the canonical solution handles, or vice versa).

Fully reproducible. Problems and tests are public. The evaluation harness is published (openai/human-eval). Standard pass@k math is well-defined. Anyone can re-run the full evaluation on a model's generations and reproduce the published numbers exactly (modulo sampling temperature). 8-point deduction is for the original sampling-temperature choices in the Codex paper (T=0.2, T=0.8, T=0.95 for different k values) — well-documented but not always replicated faithfully in third-party reports.

The Codex paper documents construction methodology, problem-distribution statistics, evaluation protocol, and per-domain performance for the original Codex models. The HuggingFace dataset card mirrors this. What's missing: a published per-problem difficulty distribution, a published topic-domain breakdown (how many string-manipulation vs. dynamic-programming vs. recursion-heavy problems), and a formal datasheet-for-datasets following the Gebru et al. template. Adequate for the era; not best-in-class by 2026 standards.

OpenAI shipped the benchmark in 2021 alongside the Codex paper. It has not been actively maintained since — no version updates, no errata log, no responsive issue tracker on the openai/human-eval repo. The benchmark has effectively been adopted by the community (BigCode, HuggingFace, lm-eval-harness all maintain their own integrations). For an academic benchmark this is acceptable; for a procurement-cited artifact it's a yellow flag. 15-point deduction reflects the maintenance dynamic, not any historical wrongdoing.

Internal deduplication is fine — no two problems within HumanEval are paraphrases of each other. The procurement concern is external: HumanEval problems map to common algorithmic patterns (string reverse, list filtering, classic dynamic-programming patterns) that appear in countless coding-interview websites, LeetCode-style archives, and academic textbooks. The boundary between "HumanEval problem" and "this exact problem on a coding-prep site" is fuzzy. The contamination report quantifies this; the dedup score reflects the boundary fuzziness rather than internal duplication.

164 problems span basic algorithms, string manipulation, mathematical sequences, list/dict operations, and simple control-flow patterns. Notably absent: object-oriented design problems, multi-file projects, async/concurrent code, type-system reasoning, library-use patterns (using requests, pandas, sklearn), debugging-existing-code tasks, refactoring tasks. A model that excels at HumanEval may be weak at any of these. For procurement use cases beyond "generate a small Python function," HumanEval undersells coverage gaps.

Python only. For a 2021 benchmark this was sensible (Python was and is the dominant language for ML and Codex-era models). For 2026 procurement use cases, JavaScript / TypeScript, Rust, Go, Java, C++ are all materially under-represented. The MultiPL-E project (Cassano et al.) translated HumanEval to 18 languages, but those translations are downstream artifacts, not part of HumanEval itself. A code model audited solely against HumanEval is audited only for Python capability.

164 problems. At typical model performance (70–95% pass@1), Wilson 95% binomial intervals are ±4 to ±7 percentage points. Two models scoring 89% and 92% have overlapping confidence intervals: the published gap is smaller than the binomial noise. Yet HumanEval scores are routinely reported to 0.1% precision in model cards and leaderboards, implying signal the sample size doesn't support. For procurement comparisons within ~5 percentage points, HumanEval cannot adjudicate. Bigger benchmarks (BigCodeBench, APPS, the larger MBPP set) reduce this floor.

Code benchmarks have a distinct contamination problem: the reference solutions get scraped into downstream training corpora. The LabelSets Contamination Report 001 found HumanEval in 11 of 80 scanned post-training datasets at non-zero similarity. The Stack (a 6 TB code corpus widely used for code-model pretraining) explicitly contains HumanEval problems — they exist on GitHub, and The Stack scrapes GitHub. Models trained on any post-2021 code corpus have likely seen HumanEval during training. The standard model-card claim "we evaluated on HumanEval" rarely includes a documented decontamination pass.

The community fix has been "use HumanEval+" (Liu et al. 2023, which adds more rigorous tests to existing problems but doesn't change the prompts) or "use BigCodeBench / LiveCodeBench" which extend the difficulty and freshness profile. Original HumanEval scores in 2026 model cards should be treated as a baseline-completeness check, not a clean capability signal.

HumanEval problems use natural-language docstrings as prompts. A model can pass the tests without "solving the problem" by overfitting to docstring keywords or recognizing memorized solutions. Adversarial variants (rephrased docstrings, problem reorderings, prompt-jitter benchmarks) consistently show 5–15 percentage point drops compared to original HumanEval scores. The benchmark is not robust to the kind of distribution shift a model encounters in deployment. 52-point deduction reflects this fragility.