This work addresses the risk of unauthorized use of source code datasets in large language model training, where existing watermarking methods are limited to source code tasks and vulnerable to detection or removal. The authors propose the first universal watermarking mechanism supporting both source code and decompiled code tasks. By leveraging abstract syntax tree (AST) parsing and programming language style transformation, the method constructs stealthy trigger pairs and injects conditionally activated, suppressible poisoning features to enhance robustness. Experimental results across 72 configurations demonstrate statistically significant watermark verifiability (p<0.05), with a suspiciousness rate no higher than 0.36 and an attack-resilient recall of at most 0.57. Moreover, removing the watermark causes a 28.6% drop in model Pass@1 performance, effectively balancing concealment and resistance to removal.

The proliferation of large language models for code (CodeLMs) and open-source contributions has heightened concerns over unauthorized use of source code datasets. While watermarking provides a viable protection mechanism by embedding ownership signals, existing methods rely on detectable trigger-target patterns and are limited to source-code tasks, overlooking other scenarios such as decompilation tasks. In this paper, we propose DuCodeMark, a stealthy and robust dual-purpose watermarking method for code datasets that generalizes across both source-code tasks and decompilation tasks. DuCodeMark parses each code sample into an abstract syntax tree (AST), applies language-specific style transformations to construct stealthy trigger-target pairs, and injects repressible poisoned features into a subset of return-typed samples to enhance robustness against watermark removal or evasion. These features remain inactive during normal training but are activated upon watermark removal, degrading model performance. For verification, DuCodeMark employs a black-box method based on the independent-samples $t$-test. We conduct a comprehensive evaluation of DuCodeMark across 72 settings spanning two code tasks, two programming languages, three CodeLMs, and six decoding temperatures. The results demonstrate that it consistently achieves strong verifiability ($p < 0.05$), high stealthiness (suspicious rate $\leq$ 0.36), robustness against both watermark and poisoning attacks (recall $\leq$ 0.57), and a substantial drop in model performance upon watermark removal (Pass@1 drops by 28.6%), underscoring its practicality and resilience.