We are sincerely grateful for your incredibly supportive and insightful review.

Response to Weaknesses

1. On the evaluation metric and leveraging human-verified environments.

This is a very insightful point, and we thank you for raising it. We would like to address the two parts of your suggestion separately.

On considering test pass/fail rates

This is an excellent suggestion, and we do consider it deeply during our experimental design. We choose EBSR as our primary metric for several practical reasons:

(1) For an arbitrary repository, the ground-truth pass rate is unknown. Many have legitimately failing tests, and establishing a reliable baseline for 420 diverse projects would require a massive, subjective manual effort. We lack the personnel to undertake this task. Moreover, it runs counter to our automation goal.

(2) A failed test can stem from multiple causes, like environment, test bug, source code bug, or wrapping imports in try...except clauses, etc. It makes the pass rate a potentially noisy signal for environment quality alone.

(3) To validate our choice, we conduct a new experiment. We randomly sample 50 successfully built repositories and run the full test suites. This process alone took over 30 hours. The analysis reveals that in these successfully built environments, a majority of tests indeed pass. Specifically, 87.2% of all tests (8,016 out of 9,190) pass, and 36 out of 50 repositories (72%) have a pass rate exceeding 60%. It confirms that EBSR is indeed a proxy for a highly functional and useful environment.

On leveraging human-verified environments like SWE-Smith

This is a fantastic idea for future validation. At the time we initiated this work, benchmarks like SWE-Smith were not yet available. Our initial manual experiments on a smaller scale confirm that just getting tests to run is an incredibly time-consuming and difficult task for humans, which motivates our large-scale automated approach. We now see a great opportunity to use curated benchmarks like SWE-Smith as a "gold standard" for evaluating the correctness of our generated environments in future work. Thank you for this suggestion.

2. On discussing generalizability to other languages

This is an excellent point, and we agree that demonstrating generalizability is a critical next step. While we focus on Python due to its prevalence, our framework's design is language-agnostic. It can be adapted to other languages by changing the base image and installation tools, as shown below. We have already implemented a prototype for TypeScript/JavaScript and plan to expand support for more programming languages.

We will add a paragraph discussing these potential challenges in the revised version.

Response to Questions

1. On the duplicated sentences in L265-266: Thank you for your meticulous reading! You are absolutely right; the sentences are redundant. We will correct this in our revised manuscript.

2. On the abrupt first sentence in Section 6.1: Thank you for the helpful suggestion on our writing. We will revise the opening of this section to ensure a smoother transition.

Thank you once again for your positive feedback and the constructive suggestions that have helped us strengthen our paper.

We are incredibly grateful for your enthusiastic and insightful review. Thank you for recognizing the impact of our work and the novelty of our approach.

Response to Questions

1. On the underlying LLM for baselines:

This is a crucial point for ensuring a fair comparison, and we thank you for raising it. Yes, you are absolutely correct. All LLM-based methods in our paper, including our full Repo2Run agent, the SWE-agent baseline, and the LLM generator baseline, use the exact same underlying model: gpt-4o-2024-05-13. We make this deliberate choice to ensure that the significant performance gains demonstrated by Repo2Run stem directly from its superior architectural design and not from an unfair advantage in the base model.

2. On the rollback mechanism and self-repair:

This is a very insightful question that gets to the core of our agent's learning process. Our design of the rollback mechanism is carefully considered. While the mechanism reverts the environment state to a clean checkpoint, it does not erase the agent's memory. The full context of the failed attempt, including the command that leads to the error and the resulting error message, is explicitly preserved and fed back into the agent's history.

This ensures the LLM is fully aware of what is wrong, prompting it to learn from the failure and attempt a different, often more effective, strategy (e.g., switching from pip to apt-get, or changing a dependency version). We do not observe the agent repeatedly making the same mistakes in our experiments, which validates this strategic choice.

Response to Suggestions

We sincerely thank you for your meticulous reading and for providing such helpful suggestions.

1. On the "engineerin" typo:

Thank you for catching this! We will correct it in the revised manuscript.

2. On the clarity of the ablation study:

Your understanding is correct: the "w/o rollback" ablation removes only the rollback feature while keeping the rest of the dual-environment architecture. We will revise the caption and the corresponding text for Table 3 to make the structure and results of our ablation studies clear and unambiguous.

3. On rollback for the "LLM generator":

Thank you for seeking this clarification. It is not enabled for any of the baselines, including the "LLM generator". We will make this distinction more explicit in the paper.

Response to Limitations (Extending to other languages)

This is an excellent point, and we agree that demonstrating generalizability is a critical next step. While we focus on Python due to its prevalence, our framework's design is language-agnostic. It can be adapted to other languages by changing the Docker base image and installation tools, as shown below. The core structure does not need to change. We have already implemented a prototype for TypeScript/JavaScript and plan to expand support for more programming languages.

We will also add a paragraph discussing this challenge in the revised version.

Thank you once again for your strong support and for your detailed feedback, which has been invaluable to us.

We sincerely thank you for your positive feedback on our work's motivation, innovative architecture, and rigorous evaluation. We appreciate the opportunity to address your constructive questions.

Regarding Weakness #1: Limited LLM comparisons

This is an excellent point. To investigate our framework's generalizability, we conduct a new experiment with Claude 3.7 Sonnet. Due to time and computational constraints, we randomly sample 50 repositories from our benchmark and replace the base LLM for all LLM-driven methods (Repo2Run, SWE-agent, and LLM generator) with Claude 3.7 Sonnet. The results for both Environment Building Success Rate (EBSR) and Dockerfile Generation Success Rate (DGSR) are presented below:

Our analysis of these results is as follows:

As expected, the stronger reasoning capabilities of Claude 3.7 Sonnet lead to a performance increase across all methods. Repo2Run's EBSR improved from 80% to 84%, while SWE-agent and LLM generator see more substantial gains, rising from 8% to 32% and 18% to 32%, respectively.

However, a great performance gap between Repo2Run and the baselines remains. The primary reason for this is architectural. The baselines lack a mechanism to guarantee that the generated Dockerfile is runnable. This is illustrated by the Dockerfile Generation Success Rate (DGSR). While Claude 3.7 Sonnet's improved understanding boosts the DGSR for the baselines, many of their generated Dockerfiles still fail to build. In contrast, Repo2Run's build-then-record design ensures a 100% DGSR by definition, as it only synthesizes a Dockerfile from a proven, successful command history.

This confirms that while a more powerful LLM benefits all approaches, the fundamental architectural innovations of Repo2Run are the key drivers of its superior reliability and success.

Regarding Weakness #2: Lack of cost/resource analysis

Thank you for this practical suggestion. We follow the precedent set by prior work, like SWE-agent [1], and set a maximum budget of 4 USD per repository. It is widely accepted by the research community. Across all 420 repositories in our benchmark (including both successful and failed attempts), the average cost per repository is approximately 3.56 USD. We believe this is a reasonable and acceptable cost for fully automating such a complex engineering task, especially when compared to the cost of manual human effort. We will add this analysis to the revised version.

Regarding Weakness #3: Reliance on unit tests

This is an insightful observation. We choose unit tests as the primary feedback signal for two main reasons:

1. Unit tests provide the most direct and reliable signal for verifying whether an environment is correctly configured to run the project's code as the original developers intended.

2. A key application for our work is to enable large-scale training of reinforcement learning models for software engineering (e.g., SWE-RL [2] and SWE-Fixer [3]). In this domain, unit test outcomes are always considered the standard and most trusted form of feedback signal.

While our current focus is on repositories with existing tests, we agree that handling projects without them is also an important future direction. For such cases, one could envision a fallback mechanism where the agent uses static analysis checks as a proxy for success. For example, the agent's goal could be to create an environment where a linter (like pylint) runs without import errors, or where a simple script can successfully import the main application modules. Exploring these alternative feedback signals is an avenue for future work, but it is beyond the scope of our paper.

We hope these clarifications, supported by new data and experiments, have fully addressed your concerns. Thank you again for your time and effort.

[1] Yang J, Jimenez C E, Wettig A, et al. SWE-agent: agent-computer interfaces enable automated software engineering[C]//Proceedings of the 38th International Conference on Neural Information Processing Systems. 2024: 50528-50652.

[2] Wei Y, Duchenne O, Copet J, et al. Swe-rl: Advancing llm reasoning via reinforcement learning on open software evolution[J]. arXiv preprint arXiv:2502.18449, 2025.

[3] Xie C, Li B, Gao C, et al. Swe-fixer: Training open-source llms for effective and efficient github issue resolution[J]. arXiv preprint arXiv:2501.05040, 2025.

We appreciate your detailed review and value the opportunity to clarify our design choices and contributions.

Response to Questions:

Regarding Question #1: Innovation of "rollback" and "dual environment"

Our work does not simply rename existing technologies. Our contribution is a novel, specialized architecture for the complex, stateful problem of automated executable environment building, a task for which general-purpose agent models are ill-equipped. Our framework is specifically designed for this task, and its core 'build-then-record' paradigm sets it apart from general agent-host models.

Our dual-environment architecture is fundamentally different from a general agent-host model. It provides essential meta-level control, most notably through the base_image_change action, which allows the agent to switch the entire underlying OS and language version (e.g., from Python 3.10 to 3.6). An agent operating purely inside a container cannot perform such a critical recovery action.

The rollback mechanism is more than just docker commit; it is a strategic element of the agent's reasoning loop. The agent receives the full history of the failed attempt, allowing it to learn from the error and attempt a more effective sequence on a safe state, rather than getting stuck trying to patch the "polluted" environment.

Regarding Question #2: EBSR metric

We chose the EBSR metric after careful consideration of the problem's practical realities.

1. For any arbitrary "in-the-wild" repository, it is impossible to know the ground-truth test pass rate beforehand. Many repositories have legitimately failing tests as part of their development cycle. Manually establishing a baseline for all 420 repositories would be an immense and subjective undertaking, contrary to our goal of full automation.

2. A failed test may have three possible root causes: (1) an incorrectly configured environment, (2) a bug in the test code itself, or (3) a bug in the source code that the test is correctly identifying. Simply counting failed tests does not distinguish between these cases and is therefore a noisy signal for environment quality.

3. Given these factors, we chose EBSR as a practical metric, as it directly measures the agent's ability to create an environment where the developer can begin debugging—the primary goal.

4. Due to time constraints, we ran the full test suites for 50 successfully built repositories, which took over 30 hours to execute the tests and check the pass number manually. The analysis shows that in 87.2% (8016/9190) of these tests, the majority of tests passed, and 36 repositories (72%) passed over 60% tests. It confirms that EBSR is a strong proxy for a useful environment.

Regarding Question #3: Prompt engineering for SWE-agent

We ensure a fair comparison by following the standard practices for SWE-agent:

1. We use the official SWE-agent framework, which has an established technical precedent for interacting with Docker environments, and its widely adopted prompt template. We only replace the task description from "code fixing" to "executable environment building", providing a clear workflow and examples. We use the gpt-4o-2024-05-13 model and keep all other settings at default. The exact prompt is available in Appendix H.2 for full transparency.

2. We also ensure that the prompts for Repo2Run and SWE-agent are structurally consistent. The performance difference does not stem from "poor prompts" but from fundamental architectural limitations of the baseline. SWE-agent lacks the crucial two-phase build process and specialized actions (like base image change) that Repo2Run provides, making it incapable of solving many of the complex setup challenges in our benchmark.

Regarding Question #4: Typo

You are correct. This was a typo and should have been EBSR. We apologize for the error and will correct it in the revised manuscript. Thank you for your careful reading.

Response to Weaknesses:

On the contribution being "over-packaged"

We respectfully disagree with this characterization. Our innovation is a complete, specialized framework for a notoriously difficult problem. Simply combining existing technologies would not solve it.

Our framework is purpose-built, with components like the rollback mechanism and Dockerfile synthesizer designed from the ground up for this task. The dual-environment architecture provides essential capabilities, like base image change, that are absent in general-purpose agents.

We are encouraged that this view is shared by other reviewers, who described our work as "novel and clever" (R-r9jR) and featuring an "innovative agent architecture" (R-S6iE).

On the lack of error bars/stability

To quantitatively address this, we conduct a new experiment on stability. We randomly sample 50 repositories (40 built successfully, 80% EBSR) and rerun the build process two additional times. Repo2Run achieves the same success rate in these reruns. This confirms that once a valid environment path is found, our method is reliable and can deterministically reproduce the result.

On the lack of quantitative data for advantages over manual building

Our manual study is detailed in Appendix E.1. In that study, human experts successfully configured 26 of 40 repositories (65%), whereas Repo2Run succeeded on 32 of 40 (80%). Notably, Repo2Run solves all cases that the human experts could, plus six more that they could not. The raw data is also available via the anonymous link in our paper.

On generalizability (LLM and Language)

1. LLM generalizability: To investigate our framework's generalizability, we conduct a new experiment with Claude 3.7 Sonnet. Due to time and computational constraints, we randomly sample 50 repositories from our benchmark and replace the base LLM for all methods (Repo2Run, SWE-agent, and LLM generator) with Claude 3.7 Sonnet. The results for both Environment Building Success Rate (EBSR) and Dockerfile Generation Success Rate (DGSR) are presented below:

Our analysis of these results is as follows: As expected, the stronger reasoning capabilities of Claude 3.7 Sonnet lead to a performance increase across all methods. Repo2Run's EBSR improved from 80% to 84%, while SWE-agent and LLM generator see more substantial gains, rising from 8% to 32% and 18% to 32%, respectively.

However, a great performance gap between Repo2Run and the baselines remains. The primary reason for this is architectural. The baselines lack a mechanism to guarantee that the generated Dockerfile is runnable. This is illustrated by the Dockerfile Generation Success Rate (DGSR). While Claude 3.7 Sonnet's improved understanding boosts the DGSR for the baselines, many of their generated Dockerfiles still fail to build. In contrast, Repo2Run's build-then-record design ensures a 100% DGSR by definition, as it only synthesizes a Dockerfile from a proven, successful command history.

This confirms that while a more powerful LLM benefits all approaches, the fundamental architectural innovations of Repo2Run are the key drivers of its superior reliability and success.

2. Language generalizability: This is an excellent point, and we agree that demonstrating generalizability is a critical next step. While we focus on Python due to its prevalence, our framework's design is language-agnostic. It can be adapted to other languages by changing the Docker base image and installation tools, as shown below. The core structure does not need to change. We have already implemented a prototype for TypeScript/JavaScript and plan to expand support for more programming languages. | Language | Docker base image | Installation tool | | --- | --- | --- | | Python | python:[version] | pip | | JavaScript/TypeScript | node:[version] | npm | | Java | OpenJDK:[version] | maven | | Rust | rust:[version] | cargo | | Ruby | ruby:[version] | bundler | | R | r-base:[version] | install.packages | | Go | golang:[version] | go get | | PHP | php:[version] | composer |

We will also add a paragraph discussing this challenge in the revised version.

We hope these clarifications, supported by new data and experiments, have fully addressed your concerns. Thank you again for your time and effort.

Thank you for your detailed response, but I still have concerns about the statement "EBSR is a strong proxy for a useful environment.", especially since the experiment you used to prove it does not support the claim at all.

Thank you for your review. We provide the following clarifications in response to the weaknesses identified.

Regarding Weakness #1: Dockerfile generation and security

We would like to begin by correcting a factual misunderstanding. The final Dockerfile is not directly generated by the LLM. Our framework's design prevents this:

1. Our process is two-phased. In the build phase, the LLM's role is to explore and find a valid command sequence within a secure container. In the subsequent record phase, a deterministic Dockerfile synthesizer translates this proven success command sequence into the final Dockerfile. By design, commands that take too much disk space and break the system are not included in the synthesizer. The synthesis rule can be found in Figure 5 and Appendix B in our paper. The LLM does not participate in this final synthesis step.

2. To further validate the quality and safety of our output Dockerfile, we use hadolint, a widely-used linter that checks Dockerfiles for syntax errors, security vulnerabilities, and performance issues. As shown in Table 5 of our paper, Dockerfiles from Repo2Run achieve the lowest warning count, demonstrating they are less prone to common security and performance pitfalls. We are also considering integrating hadolint directly into the Repo2Run framework as a quality gate in future work.

Regarding Weakness #2: The evaluation benchmark and SUPER

We would like to clarify another factual point: our evaluation is not conducted on the SWE-Bench dataset.

1. We construct our benchmark of 420 repositories to ensure scale and relevance. We are encouraged that our methodology was recognized by other reviewers as "rigorous" (Reviewer-S6iE) and "sensible" (Reviewer-q3cZ).

2. Furthermore, the SUPER benchmark addresses a fundamentally different task. SUPER's goal is to reproduce tasks from research papers with curated instructions, whereas our goal is to build executable environments for any arbitrary repository. Our task is designed to solve a more foundational challenge in software engineering and AI for code, and thus involves a more general and complex problem space.

Regarding Weakness #3: Comparison with OpenHands

We choose SWE-agent as our primary agent-based baseline for several well-considered reasons.

1. We choose SWE-agent because it has an established technical precedent for interacting with Docker environments. Through its use in subsequent high-profile work like SWE-smith [1], a clear path for using SWE-agent in Docker-based build and test loops has been demonstrated. This makes it the most direct and scientifically sound baseline to compare against.

2. In contrast, to the best of our knowledge, OpenHands does not have a readily available, established version that is adapted for this specific docker build interaction model. Our contribution is the Repo2Run framework itself, not the separate and significant research effort of adapting a generalist agent to this new domain.

3. Therefore, comparing against SWE-agent allows for a fair evaluation of our specialized framework against the most relevant existing approach. Forcing a comparison with OpenHands would have required us to first design and build an adaptation for it, which is outside the scope of a baseline comparison.

We hope these clarifications, supported by new data and experiments, have fully addressed your concerns. Thank you again for your time and effort.

[1] Yang J, Leret K, Jimenez C E, et al. Swe-smith: Scaling data for software engineering agents[J]. arXiv preprint arXiv:2504.21798, 2025.