English
Related papers

Related papers: What makes a good Node.js package? Investigating U…

200 papers

The increasing interest in open source software has led to the emergence of large language-specific package distributions of reusable software libraries, such as npm and RubyGems. These software packages can be subject to vulnerabilities…

Software Engineering · Computer Science 2022-03-29 Ahmed Zerouali , Tom Mens , Alexandre Decan , Coen De Roover

Modern software development frequently uses third-party packages, raising the concern of supply chain security attacks. Many attackers target popular package managers, like npm, and their users with supply chain attacks. In 2021 there was a…

Cryptography and Security · Computer Science 2022-02-15 Nusrat Zahan , Thomas Zimmermann , Patrice Godefroid , Brendan Murphy , Chandra Maddila , Laurie Williams

Reusable software components, typically distributed as packages, are a central paradigm of modern software development. The JavaScript ecosystem serves as a prime example, offering millions of packages with their use being promoted as…

Software Engineering · Computer Science 2026-01-26 Ben Swierzy , Marc Ohm , Michael Meier

The fact that the number of users of open source software (OSS) is practically un-limited and that ultimately the software quality is determined by end users experience, makes the usability an even more critical quality attribute than it is…

Software Engineering · Computer Science 2015-07-27 Arif Raza , Luiz Fernando Capretz

Developers use and contribute to repositories on GitHub. Documentation present in the repositories serves as an important source by helping developers to understand, maintain and contribute to the project. Currently, documentation in a…

Software Engineering · Computer Science 2021-03-02 Akhila Sri Manasa Venigalla , Sridhar Chimalakonda

Background: Open source requires participation of volunteer and commercial developers (users) in order to deliver functional high-quality components. Developers both contribute effort in the form of patches and demand effort from the…

Software Engineering · Computer Science 2019-07-16 Tapajit Dey , Yuxing Ma , Audris Mockus

The open-source Linux operating system is available through a wide variety of distributions, each containing a collection of installable software packages. It can be important to keep these packages as fresh as possible to benefit from new…

Software Engineering · Computer Science 2020-08-03 Damien Legay , Alexandre Decan , Tom Mens

Readme in GitHub repositories serves as a preliminary source of information, and thus helps developers in understanding about the projects, for reuse or extension. Different types of contextual and structural content, which we refer to as…

Software Engineering · Computer Science 2022-06-23 Akhila Sri Manasa Venigalla , Sridhar Chimalakonda

While large language models (LLMs) have shown considerable promise in code generation, real-world software development demands advanced repository-level reasoning. This includes understanding dependencies, project structures, and managing…

Software Engineering · Computer Science 2025-03-11 Junjia Du , Yadi Liu , Hongcheng Guo , Jiawei Wang , Haojian Huang , Yunyi Ni , Zhoujun Li

Motivation: Code understandability is crucial in software development, as developers spend 58% to 70% of their time reading source code. Improving it can improve productivity and reduce maintenance costs. Problem: Experimental studies often…

Software Engineering · Computer Science 2024-11-13 Delano Oliveira , Reydne Santos , Benedito de Oliveira , Martin Monperrus , Fernando Castor , Fernanda Madeiral

Software popularity is a valuable information to modern open source developers, who constantly want to know if their systems are attracting new users, if new releases are gaining acceptance, or if they are meeting user's expectations. In…

Software Engineering · Computer Science 2018-07-31 Hudson Borges , Andre Hora , Marco Tulio Valente

Security vulnerabilities introduced by applications using third-party dependencies are on the increase, caused by the emergence of large ecosystems of libraries such as the NPM packages for JavaScript. Nowadays, libraries depend on each…

The use of third-party packages is becoming increasingly popular and has led to the emergence of large software package ecosystems with a maze of inter-dependencies. Since the reliance on these ecosystems enables developers to reduce…

Software Engineering · Computer Science 2023-06-21 Raula Gaikovina Kula , Katsuro Inoue , Christoph Treude

Software engineers regularly use JavaScript and Python for both front-end and back-end automation tasks. On top of JavaScript and Python, there are several frameworks to facilitate automation tasks further. Some of these frameworks are Node…

Cryptography and Security · Computer Science 2021-08-24 Berkay Kaplan , Jingyu Qian

Web developers routinely rely on third-party Java-Script libraries such as jQuery to enhance the functionality of their sites. However, if not properly maintained, such dependencies can create attack vectors allowing a site to be…

Cryptography and Security · Computer Science 2020-02-17 Tobias Lauinger , Abdelberi Chaabane , Sajjad Arshad , William Robertson , Christo Wilson , Engin Kirda

Maliciously prepared software packages are an extensively leveraged weapon for software supply chain attacks. The detection of malicious packages is undoubtedly of high priority and many academic and commercial approaches have been…

Cryptography and Security · Computer Science 2025-05-13 Marc Ohm , Timo Pohl , Felix Boes

Software development increasingly depends on libraries and frameworks to increase productivity and reduce time-to-market. Despite this fact, we still lack techniques to assess developers expertise in widely popular libraries and frameworks.…

Software Engineering · Computer Science 2019-03-20 Joao Eduardo Montandon , Luciana Lourdes Silva , Marco Tulio Valente

Software ecosystems have had a tremendous impact on computing and society, capturing the attention of businesses, researchers, and policy makers alike. Massive ecosystems like the JavaScript node package manager (npm) is evidence of how…

Nearly every popular programming language comes with one or more package managers. The software packages distributed by such package managers form large software ecosystems. These packaging ecosystems contain a large number of package…

Software Engineering · Computer Science 2017-10-16 Alexandre Decan , Tom Mens , Philippe Grosjean

Software development is a collaborative process that involves various interactions among individuals and teams. TODO comments in source code play a critical role in managing and coordinating diverse tasks during this process. However, this…

Software Engineering · Computer Science 2025-03-20 Haoye Wang , Zhipeng Gao , Tingting Bi , John Grundy , Xinyu Wang , Minghui Wu , Xiaohu Yang