English
Related papers

Related papers: Possible Directions for Improving Dependency Versi…

200 papers

Python applications depend on third-party native libraries that may be vendored within package distributions or installed on the host system. When vulnerabilities are discovered in these native libraries, determining which Python packages…

Source code repositories allow developers to manage multiple versions (or branches) of a software system. Pull-requests are used to modify a branch, and backporting is a regular activity used to port changes from a current development…

Software Engineering · Computer Science 2022-04-11 Debasish Chakroborti , Kevin A. Schneider , Chanchal K. Roy

Modern software systems are expected to be secure and contain all the latest features, even when new versions of software are released multiple times an hour. Each system may include many interacting packages. The problem of installing…

Software Engineering · Computer Science 2018-11-15 Ran Ben Basat , Maayan Goldstein , Itai Segall

For teams using distributed version control systems, the right collaborative development workflows can help maintaining the long-term quality of project repositories and improving work efficiency. Despite the fact that the workflows are…

Software Engineering · Computer Science 2020-04-28 Panuchart Bunyakiati , Usa Sammapun

Software ecosystems (e.g., npm, PyPI) are the backbone of modern software developments. Developers add new packages to ecosystems every day to solve new problems or provide alternative solutions, causing obsolete packages to decline in…

Software Engineering · Computer Science 2023-08-21 Suhaib Mujahid , Diego Elias Costa , Rabe Abdalkareem , Emad Shihab

An Operating System (OS) combines multiple interdependent software packages, which usually have their own independently developed architectures. When a multitude of independent packages are placed together in an OS, an implicit…

Software Engineering · Computer Science 2023-07-11 Victor Prokhorenko , Chadni Islam , Muhammad Ali Babar

Dependabot, a popular dependency management tool, includes a compatibility score feature that helps client packages assess the risk of accepting a dependency update by leveraging knowledge from "the crowd". For each dependency update,…

Software Engineering · Computer Science 2024-03-15 Benjamin Rombaut , Filipe R. Cogo , Ahmed E. Hassan

The increasing interest in open source software has led to the emergence of large language-specific package distributions of reusable software libraries, such as npm and RubyGems. These software packages can be subject to vulnerabilities…

Software Engineering · Computer Science 2022-03-29 Ahmed Zerouali , Tom Mens , Alexandre Decan , Coen De Roover

The increasing popularity of certain programming languages has spurred the creation of ecosystem-specific package repositories and package managers. Such repositories (e.g., npm, PyPI) serve as public databases that users can query to…

Cryptography and Security · Computer Science 2023-10-09 Piergiorgio Ladisa , Merve Sahin , Serena Elisa Ponta , Marco Rosa , Matias Martinez , Olivier Barais

R and Python are among the most popular languages used in many critical data analytics tasks. However, we still do not fully understand the capabilities of these two languages w.r.t. bugs encountered in data analytics tasks. What type of…

Software Engineering · Computer Science 2023-06-16 Shibbir Ahmed , Mohammad Wardat , Hamid Bagheri , Breno Dantas Cruz , Hridesh Rajan

Contemporary development projects benefit from code review as it improves the quality of a project. Large ecosystems of inter-dependent projects like OpenStack generate a large number of reviews, which poses new challenges for collaboration…

Software Engineering · Computer Science 2023-02-15 Dong Wang , Patanamon Thongtanunam , Raula Gaikovina Kula , Kenichi Matsumoto

Software Release Planning (SRP) is to find, for the software, a subset of the requirements with the highest value while respecting the budget. The value of a requirement however may, to various degrees, depend on selecting or ignoring other…

Software Engineering · Computer Science 2020-03-05 Davoud Mougouei , David M W Powers

Although using third-party libraries is common practice when writing software, vulnerabilities may be found even in well-known libraries. Detected vulnerabilities are often fixed quickly in the library code. The easiest way to include these…

Software Engineering · Computer Science 2023-05-23 Kristiina Rahkema , Dietmar Pfahl

Software libraries are central to the functionality, security, and maintainability of modern code. As developers increasingly turn to Large Language Models (LLMs) to assist with programming tasks, understanding how these models recommend…

Software Engineering · Computer Science 2025-08-08 Jasmine Latendresse , SayedHassan Khatoonabadi , Emad Shihab

Popular adoption of third-party libraries for contemporary software development has led to the creation of large inter-dependency networks, where sustainability issues of a single library can have widespread network effects. Maintainers of…

Library migration happens when a library can not meet the project's requirements and is non-trivial to accomplish. To mitigate the problem, substantial efforts have been devoted to understanding its characteristics and recommending…

Software Engineering · Computer Science 2025-07-08 Haiqiao Gu , Yiliang Zhao , Kai Gao , Minghui Zhou

Two large, open source software systems are analyzed from the vantage point of complex adaptive systems theory. For both systems, the full dependency graphs are constructed and their properties are shown to be consistent with the assumption…

Adaptation and Self-Organizing Systems · Physics 2010-01-19 G. A. Kohring

Open digital public infrastructure needs community management to ensure accountability, sustainability, and robustness. Yet open-source projects often rely on centralized decision-making, and the determinants of successful community…

Computers and Society · Computer Science 2026-02-06 Mobina Noori , Mahasweta Chakraborti , Amy X Zhang , Seth Frey

This paper reviews some programming techniques in R that have proved useful, particularly for substantial projects. These include several versions of object-oriented programming, used in a large number of R packages. The review tries to…

Methodology · Statistics 2014-09-12 John M. Chambers

This study investigates vulnerabilities in dependencies of sampled open-source software (OSS) projects, the relationship between these and overall project security, and how developers' behaviors and practices influence their mitigation.…

Cryptography and Security · Computer Science 2024-08-27 Janislley Oliveira de Sousa , Bruno Carvalho de Farias , Eddie Batista de Lima Filho , Lucas Carvalho Cordeiro
‹ Prev 1 3 4 5 6 7 10 Next ›