English
Related papers

Related papers: Technical Leverage in a Software Ecosystem: Develo…

200 papers

Context: Software of different functional categories, such as text processing vs. networking, has different profiles in terms of metrics like security and updates. Using popularity to compare e.g. Java vs. Python libraries might give a…

Software Engineering · Computer Science 2024-03-12 Ranindya Paramitha , Yuan Feng , Fabio Massacci , Carlos E. Budde

Despite its obvious benefits, the increased adoption of package managers to automate the reuse of libraries has opened the door to a new class of hazards: supply chain attacks. By injecting malicious code in one library, an attacker may…

Software Engineering · Computer Science 2021-11-08 Nicolas Harrand , Thomas Durieux , David Broman , Benoit Baudry

Context: Open-source ecosystems rely on sustained package maintenance. When maintenance slows or stops, Technical Lag (TL), the gap between installed and latest dependency versions accumulates, creating security and sustainability risks.…

Software Engineering · Computer Science 2026-03-12 Shane K. Panter , Nasir U. Eisty

The recent advancements in machine learning (ML) have demonstrated the potential for providing a powerful solution to build complex prediction systems in a short time. However, in highly regulated industries, such as the financial…

Machine Learning · Computer Science 2021-03-23 Chong Huang , Arash Nourian , Kevin Griest

Large language models (LLMs) are now an integral part of software development workflows and are reshaping the whole process. Traditional technology stack selection has not caught up. Most of the existing selection methods focus solely on…

Software Engineering · Computer Science 2025-09-16 Xiaoyu Zhang , Weipeng Jiang , Juan Zhai , Shiqing Ma , Qingshuang Bao , Chenhao Lin , Chao Shen , Tianlin Li , Yang Liu

The use of third-party packages is becoming increasingly popular and has led to the emergence of large software package ecosystems with a maze of inter-dependencies. Since the reliance on these ecosystems enables developers to reduce…

Software Engineering · Computer Science 2023-06-21 Raula Gaikovina Kula , Katsuro Inoue , Christoph Treude

Performance is a critical quality attribute in software development, yet the impact of method-level code changes on performance evolution remains poorly understood. While developers often make intuitive assumptions about which types of…

Software Engineering · Computer Science 2025-08-12 Kaveh Shahedi , Nana Gyambrah , Heng Li , Maxime Lamothe , Foutse Khomh

With an ever-increasing amount of open source software, the popularity of services like GitHub that facilitate code reuse, and common misconceptions about the licensing of open source software, the problem of license violations in the code…

Software Engineering · Computer Science 2020-07-07 Yaroslav Golubev , Maria Eliseeva , Nikita Povarov , Timofey Bryksin

Open-source software supply chain security relies heavily on assessing affected versions of library vulnerabilities. While prior studies have leveraged exploits for verifying vulnerability affected versions, they point out a key limitation…

Software Engineering · Computer Science 2026-03-30 Zirui Chen , Qi Zhan , Jiayuan Zhou , Xing Hu , Xin Xia , Xiaohu Yang

Large Language Models (LLMs) have become a focal point of research across various domains, including software engineering, where their capabilities are increasingly leveraged. Recent studies have explored the integration of LLMs into…

Software Engineering · Computer Science 2024-10-14 Yi Wen Heng , Zeyang Ma , Zhenhao Li , Dong Jae Kim , Tse-Hsun , Chen

Software Engineering is a constantly evolving subject area that faces new challenges every day as it tries to automate newer business processes. One of the key challenges to the success of a software solution is attaining sustainability.…

Software Engineering · Computer Science 2019-10-15 Asif Imran , Tevfik Kosar

Security is a requirement of utmost importance to produce high-quality software. However, there is still a considerable amount of vulnerabilities being discovered and fixed almost weekly. We hypothesize that developers affect the…

Software Engineering · Computer Science 2021-09-14 Sofia Reis , Rui Abreu , Luis Cruz

Technical debt refers to the trade-offs between code quality and faster delivery, impacting future development with increased complexity, bugs, and costs. This study empirically analyzes the additional work effort caused by technical debt…

Software Engineering · Computer Science 2025-02-25 Kartik Gupta

Throughout computer history, it has been repeatedly demonstrated that critical software vulnerabilities can significantly affect the components involved. In the Free/Libre and Open Source Software (FLOSS) ecosystem, most software is…

Software Engineering · Computer Science 2025-02-13 Stefan Tatschner , Michael P. Heinl , Nicole Pappler , Tobias Specht , Sven Plaga , Thomas Newe

Vulnerability detection plays a key role in secure software development. There are many different vulnerability detection tools and techniques to choose from, and insufficient information on which vulnerability detection techniques to use…

Software Engineering · Computer Science 2021-03-10 Sarah Elder

Large language models (LLMs) have achieved state-of-the-art performance in various software engineering tasks, including error detection, clone detection, and code translation, primarily leveraging high-resource programming languages like…

Computation and Language · Computer Science 2025-06-11 Razan Baltaji , Saurabh Pujar , Louis Mandel , Martin Hirzel , Luca Buratti , Lav Varshney

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

A fundamental problem in cybersecurity and computer science is determining whether a program is free of bugs and vulnerabilities. Fuzzing, a popular approach to discovering vulnerabilities in programs, has several advantages over…

Cryptography and Security · Computer Science 2026-01-27 Ian Hardgrove , John D. Hastings

Code readability and software complexity are important software quality metrics that impact other software metrics such as maintainability, reusability, portability and reliability. This paper presents an empirical study of the…

Software Engineering · Computer Science 2019-09-05 Duaa Alawad , Manisha Panta , Minhaz Zibran , Md Rakibul Islam