English
Related papers

Related papers: GitHub Considered Harmful? Analyzing Open-Source P…

200 papers

Artificial Intelligence systems, which benefit from the availability of large-scale datasets and increasing computational power, have become effective solutions to various critical tasks, such as natural language understanding, speech…

Software Engineering · Computer Science 2023-03-20 Zhou Yang , Chenyu Wang , Jieke Shi , Thong Hoang , Pavneet Kochhar , Qinghua Lu , Zhenchang Xing , David Lo

[Background] Previous research has shown that developers commonly misuse cryptography APIs. [Aim] We have conducted an exploratory study to find out how crypto APIs are used in open-source Java projects, what types of misuses exist, and why…

Cryptography and Security · Computer Science 2020-09-03 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

Developers rely on third-party library Application Programming Interfaces (APIs) when developing software. However, libraries typically come with assumptions and API usage constraints, whose violation results in API misuse. API misuses may…

Software Engineering · Computer Science 2026-04-17 Akalanka Galappaththi , Sarah Nadi , Christoph Treude

Research has shown that cryptographic APIs are hard to use. Consequently, developers resort to using code examples available in online information sources that are often not secure. We have developed a web platform, named CryptoExplorer,…

Software Engineering · Computer Science 2020-01-06 Mohammadreza Hazhirpasand , Mohammad Ghafari , Oscar Nierstrasz

AI-powered code generation models have been developing rapidly, allowing developers to expedite code generation and thus improve their productivity. These models are trained on large corpora of code (primarily sourced from public…

Software Engineering · Computer Science 2023-11-21 Vahid Majdinasab , Michael Joshua Bishop , Shawn Rasheed , Arghavan Moradidakhel , Amjed Tahir , Foutse Khomh

Are malicious repositories hiding under the educational label in GitHub? Recent studies have identified collections of GitHub repositories hosting malware source code with notable collaboration among the developers. Thus, analyzing GitHub…

Software Engineering · Computer Science 2024-03-08 Md Rayhanul Masud , Michalis Faloutsos

GitHub plays a critical role in modern software supply chains, making its security an important research concern. Existing studies have primarily focused on CI/CD automation, collaboration patterns, and community management, while abuse…

Software Engineering · Computer Science 2026-04-21 Yuli Cheng , Xiaoyu Zhang , Jiongchi Yu , Shiqing Ma , Chao Shen , Yang Liu

With the rapid development of AI technologies, thousands of AI papers are being published each year. Many of these papers have released sample code to facilitate follow-up researchers. This paper presents an explorative study of over 1700…

Digital Libraries · Computer Science 2019-03-06 Boyang Zhang

Lack of experience, inadequate documentation, and sub-optimal API design frequently cause developers to make mistakes when re-using third-party implementations. Such API misuses can result in unintended behavior, performance losses, or…

Software Engineering · Computer Science 2021-07-13 Sebastian Nielebock , Robert Heumüller , Kevin Michael Schott , Frank Ortmeier

Context: Cryptographic APIs are said to be not usable and researchers suggest to add example code to the documentation. Aim: We wanted to create a free platform for cryptographic code examples that improves the usability and security of…

Cryptography and Security · Computer Science 2018-07-04 Kai Mindermann , Stefan Wagner

There is burgeoning interest in designing AI-based systems to assist humans in designing computing systems, including tools that automatically generate computer code. The most notable of these comes in the form of the first self-described…

Cryptography and Security · Computer Science 2021-12-17 Hammond Pearce , Baleegh Ahmad , Benjamin Tan , Brendan Dolan-Gavitt , Ramesh Karri

The availability of generative Artificial Intelligence (AI) tools such as ChatGPT or GitHub Copilot is reshaping the way in which software is developed, evolved, and maintained. Oftentimes, developers leave traces of such an usage in…

Background: Previous studies have shown that up to 99.59 % of the Java apps using crypto APIs misuse the API at least once. However, these studies have been conducted on Java and C, while empirical studies for other languages are missing.…

Software Engineering · Computer Science 2021-09-03 Anna-Katharina Wickert , Lars Baumgärtner , Florian Breitfelder , Mira Mezini

The demand for quick and reliable DevOps operations pushed distributors of repository platforms to implement workflows. Workflows allow automating code management operations directly on the repository hosting the software. However, this…

Cryptography and Security · Computer Science 2022-11-11 Giacomo Benedetti , Luca Verderame , Alessio Merlo

The correct adoption of cryptography APIs is challenging for mainstream developers, often resulting in widespread API misuse. Meanwhile, cryptography misuse detectors have demonstrated inconsistent performance and remain largely…

Cryptography and Security · Computer Science 2024-09-11 Ehsan Firouzi , Mohammad Ghafari , Mike Ebrahimi

This paper presents a comprehensive empirical analysis of security vulnerabilities in AI-generated code across public GitHub repositories. We collected and analyzed 7,703 files explicitly attributed to four major AI tools: ChatGPT…

Cryptography and Security · Computer Science 2025-10-31 Maximilian Schreiber , Pascal Tippe

Version control systems for source code, such as Git, are key tools in modern software development environments. Many developers use online services, such as GitHub or GitLab, for collaborative software development. While software projects…

Cryptography and Security · Computer Science 2022-11-15 Alexander Krause , Jan H. Klemmer , Nicolas Huaman , Dominik Wermke , Yasemin Acar , Sascha Fahl

GitHub is the most widely used platform for software maintenance in the open-source community. Developers report issues on GitHub from time to time while facing difficulties. Having labels on those issues can help developers easily address…

Software Engineering · Computer Science 2025-07-28 Amir Hossain Raaj , Fairuz Nawer Meem , Sadia Afrin Mim

GitHub provides developers with a practical way to distribute source code and collaboratively work on common projects. To enhance account security and privacy, GitHub allows its users to manage access permissions, review audit logs, and…

Cryptography and Security · Computer Science 2024-09-11 Costanza Alfieri , Juri Di Rocco , Paola Inverardi , Phuong T. Nguyen

Cryptographic API misuse represents a critical vulnerability class that undermines the security foundations of modern software. Yet, it remains largely unexplored in Go despite its dominance in security-critical infrastructure. This paper…

Cryptography and Security · Computer Science 2026-04-28 Vivi Andersson , Martin Monperrus
‹ Prev 1 2 3 10 Next ›