English
Related papers

Related papers: Modeling Interconnected Social and Technical Risks…

200 papers

Open-source software (OSS) is widely spread in industry, research, and government. OSS represents an effective development model because it harnesses the decentralized efforts of many developers in a way that scales. As OSS developers work…

Software Engineering · Computer Science 2022-11-24 William Schueller , Johannes Wachs , Vito D. P. Servedio , Stefan Thurner , Vittorio Loreto

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

The Open Source Software movement has been growing exponentially for a number of years with no signs of slowing. Driving this growth is the widespread availability of libraries and frameworks that provide many functionalities. Developers…

Software Engineering · Computer Science 2022-06-22 Stan Zajdel , Diego Elias Costa , Hafedh Mili

Open-source libraries are widely used by software developers to speed up the development of products, however, they can introduce security vulnerabilities, leading to incidents like Log4Shell. With the expanding usage of open-source…

Software libraries are the elementary building blocks of open source software ecosystems, extending the capabilities of programming languages beyond their standard libraries. Although ecosystem health is often quantified using data on…

Software Engineering · Computer Science 2024-11-25 Gábor Mészáros , Johannes Wachs

While open-source software has enabled significant levels of reuse to speed up software development, it has also given rise to the dreadful dependency hell that all software practitioners face on a regular basis. This article provides a…

Software Engineering · Computer Science 2024-11-21 Tom Mens , Alexandre Decan

Using libraries in applications has helped developers reduce the costs of reinventing already existing code. However, an increase in diverse technology stacks and third-party library usage has led developers to inevitably switch…

Software Engineering · Computer Science 2023-03-17 Kanchanok Kannee , Raula Gaikovina Kula , Supatsara Wattanakriengkrai , Kenichi Matsumoto

Third-party libraries are a central building block to develop software systems. However, outdated third-party libraries are commonly used, and developers are usually less aware of the potential risks. Therefore, a quantitative and holistic…

Software Engineering · Computer Science 2020-02-26 Ying Wang , Bihuan Chen , Kaifeng Huang , Bowen Shi , Congying Xu , Xin Peng , Yang Liu , Yijian Wu

With the rise of the library ecosystem (such as NPM for JavaScript and PyPI for Python), a developer has access to a multitude of library packages that they can adopt as dependencies into their application.Prior work has found that these…

Software Engineering · Computer Science 2024-07-02 Supatsara Wattanakriengkrai , Christoph Treude , Raula Gaikovina Kula

This chapter defines and presents different kinds of software ecosystems. The focus is on the development, tooling and analytics aspects of software ecosystems, i.e., communities of software developers and the interconnected software…

Software Engineering · Computer Science 2023-07-31 Tom Mens , Coen De Roover

One of the biggest strength of many modern programming languages is their rich open source package ecosystem. Indeed, modern language-specific package managers have made it much easier to share reusable code and depend on components written…

Software Engineering · Computer Science 2020-04-08 Théo Zimmermann

Modern software development is increasingly dependent on components, libraries and frameworks coming from third-party vendors or open-source suppliers and made available through a number of platforms (or forges). This way of writing…

Software Engineering · Computer Science 2020-12-16 Paolo Boldi , Georgios Gousios

An increase in diverse technology stacks and third-party library usage has led developers to inevitably switch technologies. To assist these developers, maintainers have started to release their libraries to multiple technologies, i.e., a…

In finance, leverage is the ratio between assets borrowed from others and one's own assets. A matching situation is present in software: by using free open-source software (FOSS) libraries a developer leverages on other people's code to…

Software Engineering · Computer Science 2021-03-08 Fabio Massacci , Ivan Pashchenko

This paper is an introductory discussion on the cause of open source software vulnerabilities, their importance in the cybersecurity ecosystem, and a selection of detection methods. A recent application security report showed 44% of…

Cryptography and Security · Computer Science 2022-03-31 Stuart Millar

Software security mainly studies vulnerability detection: is my code vulnerable today? This hinders risk estimation, so new approaches are emerging to forecast the occurrence of future vulnerabilities. While useful, these approaches are…

Software Engineering · Computer Science 2024-11-19 Carlos E. Budde , Ranindya Paramitha , Fabio Massacci

Open source projects play a significant role in software production. Most of the software projects reuse and build upon the existing open source projects and libraries. While reusing is a time and cost-saving strategy, some of the key…

Software Engineering · Computer Science 2022-08-03 Javad Ghofrani , Paria Heravi , Kambiz A. Babaei , Mohammad Soorati

Throughout computer history, it has been repeatedly demonstrated that critical software vulnerabilities can significantly affect the components involved. In the Free/Libre and Open Source Software (FLOSS) ecosystem, most software is…

Software Engineering · Computer Science 2025-02-13 Stefan Tatschner , Michael P. Heinl , Nicole Pappler , Tobias Specht , Sven Plaga , Thomas Newe

The rise of user-contributed Open Source Software (OSS) ecosystems demonstrate their prevalence in the software engineering discipline. Libraries work together by depending on each other across the ecosystem. From these ecosystems emerges a…

Software Engineering · Computer Science 2017-09-15 Raula Gaikovina Kula , Ali Ouni , Daniel M. German , Katsuro Inoue

The use of third-party packages is becoming increasingly popular and has led to the emergence of large software package ecosystems with a maze of inter-dependencies. Since the reliance on these ecosystems enables developers to reduce…

Software Engineering · Computer Science 2023-06-21 Raula Gaikovina Kula , Katsuro Inoue , Christoph Treude
‹ Prev 1 2 3 10 Next ›