English
Related papers

Related papers: Technical Leverage in a Software Ecosystem: Develo…

200 papers

Vulnerabilities from third-party libraries (TPLs) have been unveiled to threaten the Maven ecosystem. Despite patches being released promptly after vulnerabilities are disclosed, the libraries and applications in the community still use the…

Software Engineering · Computer Science 2023-08-08 Lyuye Zhang , Chengwei Liu , Sen Chen , Zhengzi Xu , Lingling Fan , Lida Zhao , Yiran Zhang , Yang Liu

While code review is central to the software development process, it can be tedious and expensive to carry out. In this paper, we investigate whether and how Large Language Models (LLMs) can aid with code reviews. Our investigation focuses…

Software Engineering · Computer Science 2024-03-14 Rasmus Ingemann Tuffveson Jensen , Vali Tawosi , Salwa Alamir

Skill libraries allow LLM agents to load task-specific instructions on demand, letting non-expert users solve domain-specific tasks through natural language without knowing which skills exist or how they work. However, performance degrades…

Software Engineering · Computer Science 2026-05-26 Hongwen Song , Song , Wei

Vulnerabilities in software libraries and reusable components cause major security challenges, particularly in dependency-heavy ecosystems such as Maven. This paper presents a large-scale analysis of vulnerabilities in the Maven ecosystem…

Software Engineering · Computer Science 2025-03-31 Md Fazle Rabbi , Rajshakhar Paul , Arifa Islam Champa , Minhaz F. Zibran

Software vulnerabilities have a large negative impact on the software systems that we depend on daily. Reports on software vulnerabilities always paint a grim picture, with some reports showing that 83% of organizations depend on vulnerable…

Software Engineering · Computer Science 2020-09-22 Mahmoud Alfadel , Diego Elias Costa , Mouafak Mokhallalati , Emad Shihab , Bram Adams

Maintenance is a dominant component of software cost, and localizing reported defects is a significant component of maintenance. We propose a scalable approach that leverages the natural language present in both defect reports and source…

Software Engineering · Computer Science 2012-11-14 Zachary P. Fry , Westley Weimer

In the last decade, researchers have studied fairness as a software property. In particular, how to engineer fair software systems? This includes specifying, designing, and validating fairness properties. However, the landscape of works…

Software Engineering · Computer Science 2026-04-22 Ezekiel Soremekun , Mike Papadakis , Maxime Cordy , Yves Le Traon

Clone-and-own is a typical code reuse approach because of its simplicity and efficiency. Cloned software components are maintained independently by a new owner. These clone-and-own operations can be occurred sequentially, that is, cloned…

Software Engineering · Computer Science 2022-04-14 Hideaki Hata , Takashi Ishio

Large-language-model coding tools are now mainstream in software engineering. But as these same tools move human effort up the development stack, they present fresh dangers: 10% of real prompts leak private data, 42% of generated snippets…

Software Engineering · Computer Science 2025-06-23 Vladislav Belozerov , Peter J Barclay , Askhan Sami

Bug prediction is the process of training a machine learning model on software metrics and fault information to predict bugs in software entities. While feature selection is an important step in building a robust prediction model, there is…

Software Engineering · Computer Science 2018-07-13 Haidar Osman , Mohammad Ghafari , Oscar Nierstrasz

Governments are increasingly employing funding for open source software (OSS) development as a policy lever to support the security of software supply chains, digital sovereignty, economic growth, and national competitiveness in science and…

Computers and Society · Computer Science 2024-11-12 Cailean Osborne , Paul Sharratt , Dawn Foster , Mirko Boehm

Modern software systems are developed in diverse programming languages and often harbor critical vulnerabilities that attackers can exploit to compromise security. These vulnerabilities have been actively targeted in real-world attacks,…

Cryptography and Security · Computer Science 2025-03-27 Zhuoyun Qian , Fangtian Zhong , Qin Hu , Yili Jiang , Jiaqi Huang , Mengfei Ren , Jiguo Yu

Open source licenses create a legal framework that plays a crucial role in the widespread adoption of open source projects. Without a license, any source code available on the internet could not be openly (re)distributed. Although recent…

Software Engineering · Computer Science 2020-12-10 João Pedro Moraes , Ivanilton Polato , Igor Wiese , Filipe Saraiva , Gustavo Pinto

Modern LLM agents increasingly create their own tools at runtime -- from Python functions to API clients -- yet existing benchmarks evaluate them almost exclusively by downstream task completion. This is analogous to judging a software…

Software Engineering · Computer Science 2026-04-02 Alibek T. Kaliyev , Artem Maryanskyy

Secure software engineering is a fundamental activity in modern software development. However, while the field of security research has been advancing quite fast, in practice, there is still a vast knowledge gap between the security experts…

Software Engineering · Computer Science 2021-04-09 Vivek Arora , Enrique Larios Vargas , Maurício Aniche , Arie van Deursen

Unlike most other software quality attributes, testability cannot be evaluated solely based on the characteristics of the source code. The effectiveness of the test suite and the budget assigned to the test highly impact the testability of…

Software Engineering · Computer Science 2022-08-25 Morteza Zakeri-Nasrabadi , Saeed Parsa

In software development, developers extensively utilize third-party libraries to avoid implementing existing functionalities. When a new third-party library vulnerability is disclosed, project maintainers need to determine whether their…

Software Engineering · Computer Science 2023-12-18 Zirui Chen , Xing Hu , Xin Xia , Yi Gao , Tongtong Xu , David Lo , Xiaohu Yang

Understanding the structural characteristics and connectivity patterns of large-scale software ecosystems is critical for enhancing software reuse, improving ecosystem resilience, and mitigating security risks. In this paper, we investigate…

Software Engineering · Computer Science 2025-08-20 Daniel Ogenrwot , John Businge , Shaikh Arifuzzaman

Open-source software (OSS) dependencies are a dominant component of modern software code bases. Using proven and well-tested OSS components lets developers reduce development time and cost while improving quality. However, heavy reliance on…

Software Engineering · Computer Science 2026-02-02 Stefan Schott , Serena Elisa Ponta , Wolfram Fischer , Jonas Klauke , Eric Bodden

Software engineering (SE) organizations operate in a knowledge-intensive domain where critical assets -- architectural expertise, design rationale, and system intuition -- are overwhelmingly tacit and volatile. The departure of key…

Software Engineering · Computer Science 2026-04-28 Mark Chua , Samuel Ajila