English
Related papers

Related papers: DepOwl: Detecting Dependency Bugs to Prevent Compa…

200 papers

Java projects are often built on top of various third-party libraries. If multiple versions of a library exist on the classpath, JVM will only load one version and shadow the others, which we refer to as dependency conflicts. This would…

Software Engineering · Computer Science 2020-06-16 Ying Wang , Rongxin Wu , Chao Wang , Ming Wen , Yepang Liu , Shing-Chi Cheung , Hai Yu , Chang Xu , Zhiliang Zhu

Android applications (apps) integrate reusable and well-tested third-party libraries (TPLs) to enhance functionality and shorten development cycles. However, recent research reveals that TPLs have become the largest attack surface for…

Cryptography and Security · Computer Science 2025-06-19 Bolin Zhou , Jingzheng Wu , Xiang Ling , Tianyue Luo , Jingkun Zhang

Managing project dependencies is a key maintenance issue in software development. Developers need to choose an update strategy that allows them to receive important updates and fixes while protecting them from breaking changes. Semantic…

Software Engineering · Computer Science 2023-05-26 Abbas Javan Jafari , Diego Elias Costa , Emad Shihab , Rabe Abdalkareem

Static bug finders have been widely-adopted by developers to find bugs in real world software projects. They leverage predefined heuristic static analysis rules to scan source code or binary code of a software project, and report violations…

Software Engineering · Computer Science 2021-12-24 Junjie Wang , Yuchao Huang , Song Wang , Qing Wang

Failure studies are important in revealing the root causes, behaviors, and life cycle of defects in software systems. These studies either focus on understanding the characteristics of defects in specific classes of systems or the…

Software Engineering · Computer Science 2022-09-23 Paschal C. Amusuo , Aishwarya Sharma , Siddharth R. Rao , Abbey Vincent , James C. Davis

Dependency cycles pose a significant challenge to software quality and maintainability. However, there is limited understanding of how practitioners resolve dependency cycles in real-world scenarios. This paper presents an empirical study…

Software Engineering · Computer Science 2023-12-19 Qiong Feng , Shuwen Liu , Huan Ji , Xiaotian Ma , Peng Liang

Despite the advancements in software testing, bugs still plague deployed software and result in crashes in production. When debugging issues -- sometimes caused by "heisenbugs" -- there is the need to interpret core dumps and reproduce the…

Python software development heavily relies on third-party packages. Direct and transitive dependencies create a labyrinth of software supply chains. While it is convenient to reuse code, vulnerabilities within these dependency chains can…

Cryptography and Security · Computer Science 2026-03-11 Jacob Mahon , Chenxi Hou , Zhihao Yao

Large organizations have diverse product offerings to meet various business needs. To increase revenue, its common these days to offer software products as integrated product suite(s) rather than individual products. Creating and…

Software Engineering · Computer Science 2017-10-03 Sai Anirudh Karre , Y. Raghu Reddy

Open-source software (OSS) greatly facilitates program development for developers. However, the high number of vulnerabilities in open-source software is a major concern, including in Golang, a relatively new programming language. In…

Software Engineering · Computer Science 2024-01-18 Jinchang Hu , Lyuye Zhang , Chengwei Liu , Sen Yang , Song Huang , Yang Liu

Third-Party Library (TPL) detection, which identifies reused libraries in binary code, is critical for software security analysis. At its core, TPL detection depends on binary decomposition-the process of partitioning a monolithic binary…

Software Engineering · Computer Science 2025-12-10 Ang Jia , He Jiang , Zhilei Ren , Xiaochen Li , Zhipeng Yang , Yaxin Duan , Ming Fan , Ting Liu

The 2019 edition of Stack Overflow developer survey highlights that, for the first time, Python outperformed Java in terms of popularity. The gap between Python and Java further widened in the 2020 edition of the survey. Unfortunately,…

This paper is the result of a two month research internship on the topic of library version identification. In this paper, ideas and techniques from literature in the area of binary comparison and fingerprinting are outlined and applied to…

Cryptography and Security · Computer Science 2017-03-02 Thomas Rinsma

The ability to conduct reproducible research in Stata is often limited by the lack of version control for community-contributed packages. This article introduces the require command, a tool designed to ensure Stata package dependencies are…

Econometrics · Economics 2024-04-12 Sergio Correia , Matthew P. Seay

While CUDA has become a major parallel computing platform and programming model for general-purpose GPU computing, CUDA-induced bug patterns have not yet been well explored. In this paper, we conduct the first empirical study to reveal…

Software Engineering · Computer Science 2019-05-30 Mingyuan Wu , Husheng Zhou , Lingming Zhang , Cong Liu , Yuqun Zhang

During the development of a software project, developers often need to upgrade third-party libraries (TPLs), aiming to keep their code up-to-date with the newest functionalities offered by the used libraries. In most cases, upgrading used…

Software Engineering · Computer Science 2022-01-21 Riccardo Rubei , Davide Di Ruscio , Claudio Di Sipio , Juri Di Rocco , Phuong T. Nguyen

Packaging software into containers is becoming a common practice when deploying services in cloud and other environments. Docker images are one of the most popular container technologies for building and deploying containers. A container…

Software Engineering · Computer Science 2019-02-27 Ahmed Zerouali , Tom Mens , Gregorio Robles , Jesus Gonzalez-Barahona

Popular adoption of third-party libraries for contemporary software development has led to the creation of large inter-dependency networks, where sustainability issues of a single library can have widespread network effects. Maintainers of…

Recent studies have shown that developers have difficulties in using cryptographic APIs, which often led to security flaws. We are interested to tackle this matter by looking into what types of problems exist in various crypto libraries. We…

Cryptography and Security · Computer Science 2021-11-03 Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammad Ghafari

Security vulnerabilities introduced by applications using third-party dependencies are on the increase, caused by the emergence of large ecosystems of libraries such as the NPM packages for JavaScript. Nowadays, libraries depend on each…

‹ Prev 1 4 5 6 7 8 10 Next ›