English
Related papers

Related papers: Has My Release Disobeyed Semantic Versioning? Stat…

200 papers

As a mixed result of intensive dependency on third-party libraries, flexible mechanism to declare dependencies, and increased number of modules in a project, multiple versions of the same third-party library are directly depended in…

Software Engineering · Computer Science 2020-02-26 Kaifeng Huang , Bihuan Chen , Bowen Shi , Ying Wang , Congying Xu , Xin Peng

With over 500,000 commits and more than 700 contributors, the Android platform is undoubtedly one of the largest industrial-scale software projects. This project provides the Android API, and developers heavily rely on this API to develop…

Software Engineering · Computer Science 2022-06-01 Pei Liu , Li Li , Yichun Yan , Mattia Fazzini , John Grundy

Fault localization identifies program locations responsible for observed failures. Existing techniques rank suspicious code using syntactic spectra--signals derived from execution structure such as statement coverage, control-flow…

Software Engineering · Computer Science 2026-04-01 Zhaorui Yang , Haichao Zhu , Qian Zhang , Rajiv Gupta , Ashish Kundu

Detecting vulnerabilities in source code remains critical yet challenging, as conventional static analysis tools construct inaccurate program representations, while existing LLM-based approaches often miss essential vulnerability context…

Software Engineering · Computer Science 2026-04-14 Yiheng Cao , Yihao Chen , Xin Hu , Bihuan Chen , Jiayi Deng , Zhuotong Zhou , Susheng Wu , Yiheng Huang , Xueying Du , Xingman Chen , Miaohua Li , Xin Peng

Large Language Models (LLMs) have shown promising performance in software vulnerability detection, particularly after domain-specific Supervised Fine-Tuning (SFT). However, it remains unclear whether these models genuinely internalize…

Cryptography and Security · Computer Science 2026-05-22 Feiyang Huang , Yuqiang Sun , Fan Zhang , Ziqi Yang , Han Liu , Yang Liu

The long-standing aspiration for software reuse has made astonishing strides in the past few years. Many modern software development ecosystems now come with rich sets of publicly-available components contributed by the community.…

Software Engineering · Computer Science 2022-09-07 Patrick Lam , Jens Dietrich , David J. Pearce

Automated Code Revision (ACR) tools aim to reduce manual effort by automatically generating code revisions based on reviewer feedback. While ACR tools have shown promising performance on historical data, their real-world utility depends on…

Software Engineering · Computer Science 2026-02-17 Shirin Pirouzkhah , Souhaila Serbout , Alberto Bacchelli

Modern software systems rely on dependency networks of reusable libraries, where breaking changes propagate and cause downstream consumers to fail. Despite growing research across ecosystems, no comprehensive synthesis exists. We conduct a…

Software Engineering · Computer Science 2026-05-26 Juntao Chen , Tingting Bi , Yanlin Wang , Patanamon Thongtanunam

Context: Downloading the source code of open-source Java projects and building them on a local computer using Maven, Gradle, or Ant is a common activity performed by researchers and practitioners. Multiple studies so far found that about…

Software Engineering · Computer Science 2024-08-22 Matúš Sulír , Jaroslav Porubän , Sergej Chodarev

Background. Developers use Automated Static Analysis Tools (ASATs) to control for potential quality issues in source code, including defects and technical debt. Tool vendors have devised quite a number of tools, which makes it harder for…

Software Engineering · Computer Science 2021-01-25 Valentina Lenarduzzi , Savanna Lujan , Nyyti Saarimaki , Fabio Palomba

The complexity of software in embedded systems has increased significantly over the last years so that software verification now plays an important role in ensuring the overall product quality. In this context, SAT-based bounded model…

Software Engineering · Computer Science 2009-11-20 Lucas Cordeiro , Bernd Fischer , Joao Marques-Silva

While reusing third-party libraries (TPL) facilitates software development, its chaotic management has brought great threats to software maintenance and the unauthorized use of source code also raises ethical problems such as misconduct on…

Software Engineering · Computer Science 2025-08-05 Lida Zhao , Chaofan Li , Yueming Wu , Lyuye Zhang , Jiahui Wu , Chengwei Liu , Sen Chen , Yutao Hu , Zhengzi Xu , Yi Liu , Jingquan Ge , Jun Sun , Yang Liu

The Log4j-Core vulnerability, known as Log4Shell, exposed significant challenges to dependency management in software ecosystems. When a critical vulnerability is disclosed, it is imperative that dependent packages quickly adopt patched…

Automatic testing is a widely adopted technique for improving software quality. Software developers add, remove and update test methods and test classes as part of the software development process as well as during the evolution phase,…

Software Engineering · Computer Science 2017-09-27 Stanislav Levin , Amiram Yehudai

Software vulnerabilities (SVs) pose a critical threat to safety-critical systems, driving the adoption of AI-based approaches such as machine learning and deep learning for software vulnerability detection. Despite promising results, most…

Cryptography and Security · Computer Science 2025-10-07 Van Nguyen , Surya Nepal , Xingliang Yuan , Tingmin Wu , Fengchao Chen , Carsten Rudolph

While the automated detection of cryptographic API misuses has progressed significantly, its precision diminishes for intricate targets due to the reliance on manually defined patterns. Large Language Models (LLMs) offer a promising…

Cryptography and Security · Computer Science 2026-03-19 Yifan Xia , Zichen Xie , Peiyu Liu , Kangjie Lu , Yan Liu , Wenhai Wang , Shouling Ji

For decades, sampling-based techniques have been the de facto standard for accelerating microarchitecture simulation, with the Basic Block Vector (BBV) serving as the cornerstone program representation. Yet, the BBV's fundamental…

Hardware Architecture · Computer Science 2025-12-12 Zhenguo Liu , Chengao Shi , Chen Ding , Jiang Xu

Android applications (apps) integrate reusable and well-tested third-party libraries (TPLs) to enhance functionality and shorten development cycles. However, recent research reveals that TPLs have become the largest attack surface for…

Cryptography and Security · Computer Science 2025-06-19 Bolin Zhou , Jingzheng Wu , Xiang Ling , Tianyue Luo , Jingkun Zhang

Application Programming Interfaces (APIs) facilitate the integration of third-party dependencies within the code of client applications. However, changes to an API, such as deprecation, modification of parameter names or types, or complete…

Software Engineering · Computer Science 2026-04-14 Frank Reyes , May Mahmoud , Federico Bono , Sarah Nadi , Benoit Baudry , Martin Monperrus

The rapidly evolving Node$.$js ecosystem currently includes millions of packages and is a critical part of modern software supply chains, making vulnerability detection of Node$.$js packages increasingly important. However, traditional…

Cryptography and Security · Computer Science 2026-04-23 Ronghao Ni , Mihai Christodorescu , Limin Jia