English
Related papers

Related papers: Towards Understanding Third-party Library Dependen…

200 papers

Library migration happens when a library can not meet the project's requirements and is non-trivial to accomplish. To mitigate the problem, substantial efforts have been devoted to understanding its characteristics and recommending…

Software Engineering · Computer Science 2025-07-08 Haiqiao Gu , Yiliang Zhao , Kai Gao , Minghui Zhou

Large language models (LLMs) have developed rapidly in recent years, revolutionizing various fields. Despite their widespread success, LLMs heavily rely on external code dependencies from package management systems, creating a complex and…

Cryptography and Security · Computer Science 2025-09-01 Shuhan Liu , Xing Hu , Xin Xia , David Lo , Xiaohu Yang

Third-party libraries (TPLs) have become a significant part of the Android ecosystem. Developers can employ various TPLs to facilitate their app development. Unfortunately, the popularity of TPLs also brings new security issues. For…

Software Engineering · Computer Science 2021-08-05 Xian Zhan , Tianming Liu , Yepang Liu , Yang Liu , Li Li , Haoyu Wang , Xiapu Luo

Third-party libraries (TPLs) have been widely used in mobile apps, which play an essential part in the entire Android ecosystem. However, TPL is a double-edged sword. On the one hand, it can ease the development of mobile apps. On the other…

Software Engineering · Computer Science 2021-08-10 Xian Zhan , Tianming Liu , Lingling Fan , Li Li , Sen Chen , Xiapu Luo , Yang Liu

Third-party library reuse has become common practice in contemporary software development, as it includes several benefits for developers. Library dependencies are constantly evolving, with newly added features and patches that fix bugs in…

Software Engineering · Computer Science 2017-09-15 Raula Gaikovina Kula , Daniel M. German , Ali Ouni , Takashi Ishio , Katsuro Inoue

Software libraries are central to the functionality, security, and maintainability of modern code. As developers increasingly turn to Large Language Models (LLMs) to assist with programming tasks, understanding how these models recommend…

Software Engineering · Computer Science 2025-08-08 Jasmine Latendresse , SayedHassan Khatoonabadi , Emad Shihab

Accurate detection of third-party libraries (TPLs) is fundamental to Android security, supporting vulnerability tracking, malware detection, and supply chain auditing. Despite many proposed tools, their real-world effectiveness remains…

Cryptography and Security · Computer Science 2025-09-08 Jintao Gu , Haolang Lu , Guoshun Nan , Yihan Lin , Kun Wang , Yuchun Guo , Yigui Cao , Yang Liu

With the rise of the library ecosystem (such as NPM for JavaScript and PyPI for Python), a developer has access to a multitude of library packages that they can adopt as dependencies into their application.Prior work has found that these…

Software Engineering · Computer Science 2024-07-02 Supatsara Wattanakriengkrai , Christoph Treude , Raula Gaikovina Kula

Modern software systems are increasingly dependent on third-party libraries. It is widely recognized that using mature and well-tested third-party libraries can improve developers' productivity, reduce time-to-market, and produce more…

Software Engineering · Computer Science 2016-12-07 Mohamed Aymen Saied , Ali Ouni , Houari Sahraoui , Raula Gaikovina Kula , Katsuro Inoue , David Lo

Third-party libraries are a central building block to develop software systems. However, outdated third-party libraries are commonly used, and developers are usually less aware of the potential risks. Therefore, a quantitative and holistic…

Software Engineering · Computer Science 2020-02-26 Ying Wang , Bihuan Chen , Kaifeng Huang , Bowen Shi , Congying Xu , Xin Peng , Yang Liu , Yijian Wu

The prevalent use of third-party libraries (TPLs) in modern software development introduces significant security and compliance risks, necessitating the implementation of Software Composition Analysis (SCA) to manage these threats. However,…

Software Engineering · Computer Science 2025-03-31 Lyuye Zhang , Chengwei Liu , Jiahui Wu , Shiyang Zhang , Chengyue Liu , Zhengzi Xu , Sen Chen , Yang Liu

The management of third-party package dependencies is crucial to most technology stacks, with package managers acting as brokers to ensure that a verified package is correctly installed, configured, or removed from an application. Diversity…

Software Engineering · Computer Science 2021-08-16 Syful Islam , Raula Gaikovina Kula , Christoph Treude , Bodin Chinthanet , Takashi Ishio , Kenichi Matsumoto

Web developers routinely rely on third-party Java-Script libraries such as jQuery to enhance the functionality of their sites. However, if not properly maintained, such dependencies can create attack vectors allowing a site to be…

Cryptography and Security · Computer Science 2020-02-17 Tobias Lauinger , Abdelberi Chaabane , Sajjad Arshad , William Robertson , Christo Wilson , Engin Kirda

The widespread of libraries within modern software ecosystems creates complex networks of dependencies. These dependencies are fragile to breakage, outdated, or redundancy, potentially leading to cascading issues in dependent libraries. One…

Software Engineering · Computer Science 2024-06-18 Pongchai Jaisri , Brittany Reid , Raula Gaikovina Kula

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

Modern software systems are often built by leveraging code written by others in the form of libraries and packages to accelerate their development. While there are many benefits to using third-party packages, software projects often become…

Software Engineering · Computer Science 2022-08-30 Jasmine Latendresse , Suhaib Mujahid , Diego Elias Costa , Emad Shihab

A risk in adopting third-party dependencies into an application is their potential to serve as a doorway for malicious code to be injected (most often unknowingly). While many initiatives from both industry and research communities focus on…

Software Engineering · Computer Science 2023-09-11 Supatsara Wattanakriengkrai , Raula Gaikovina Kula , Christoph Treude , Kenichi Matsumoto

In the current software development environment, third-party libraries play a crucial role. They provide developers with rich functionality and convenient solutions, speeding up the pace and efficiency of software development. However, with…

Software Engineering · Computer Science 2024-04-30 Jia Zeng , Dan Han , Yaling Zhu , Yangzhong Wang , Fangchen Weng

Popular adoption of third-party libraries for contemporary software development has led to the creation of large inter-dependency networks, where sustainability issues of a single library can have widespread network effects. Maintainers of…

While reusing third-party libraries (TPL) facilitates software development, its chaotic management has brought great threats to software maintenance and the unauthorized use of source code also raises ethical problems such as misconduct on…

Software Engineering · Computer Science 2025-08-05 Lida Zhao , Chaofan Li , Yueming Wu , Lyuye Zhang , Jiahui Wu , Chengwei Liu , Sen Chen , Yutao Hu , Zhengzi Xu , Yi Liu , Jingquan Ge , Jun Sun , Yang Liu
‹ Prev 1 2 3 10 Next ›