English
Related papers

Related papers: Analyzing Maintenance Activities of Software Libra…

200 papers

Third-party library reuse has become common practice in contemporary software development, as it includes several benefits for developers. Library dependencies are constantly evolving, with newly added features and patches that fix bugs in…

Software Engineering · Computer Science 2017-09-15 Raula Gaikovina Kula , Daniel M. German , Ali Ouni , Takashi Ishio , Katsuro Inoue

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

Open source software ecosystems consist of thousands of interdependent libraries, which users can combine to great effect. Recent work has pointed out two kinds of risks in these systems: that technical problems like bugs and…

Software Engineering · Computer Science 2022-05-11 William Schueller , Johannes Wachs

Software intensively depends on external libraries whose relevance may change during its life cycle. As a consequence, software developers must periodically reconsider the libraries they depend on, and must think about \textit{library…

Software Engineering · Computer Science 2013-06-27 Cédric Teyton , Jean-Rémy Falleri , Marc Palyart , Xavier Blanc

BACKGROUND: Vulnerable dependencies are a known problem in today's open-source software ecosystems because OSS libraries are highly interconnected and developers do not always update their dependencies. AIMS: In this paper we aim to present…

Software Engineering · Computer Science 2018-08-30 Ivan Pashchenko , Henrik Plate , Serena Elisa Ponta , Antonino Sabetta , Fabio Massacci

Open-source libraries are widely used by software developers to speed up the development of products, however, they can introduce security vulnerabilities, leading to incidents like Log4Shell. With the expanding usage of open-source…

The widespread of libraries within modern software ecosystems creates complex networks of dependencies. These dependencies are fragile to breakage, outdated, or redundancy, potentially leading to cascading issues in dependent libraries. One…

Software Engineering · Computer Science 2024-06-18 Pongchai Jaisri , Brittany Reid , Raula Gaikovina Kula

Modern software development is increasingly dependent on components, libraries and frameworks coming from third-party vendors or open-source suppliers and made available through a number of platforms (or forges). This way of writing…

Software Engineering · Computer Science 2020-12-16 Paolo Boldi , Georgios Gousios

Although using third-party libraries is common practice when writing software, vulnerabilities may be found even in well-known libraries. Detected vulnerabilities are often fixed quickly in the library code. The easiest way to include these…

Software Engineering · Computer Science 2023-05-23 Kristiina Rahkema , Dietmar Pfahl

Open-source software (OSS) is a pillar of modern software development. Its success depends on the dedication of maintainers who work constantly to keep their libraries stable, adapt to changing needs, and support a growing community. Yet,…

Software Engineering · Computer Science 2025-10-20 Rachna Raj , Diego Elias Costa

This paper is an introductory discussion on the cause of open source software vulnerabilities, their importance in the cybersecurity ecosystem, and a selection of detection methods. A recent application security report showed 44% of…

Cryptography and Security · Computer Science 2022-03-31 Stuart Millar

Modern software systems are increasingly dependent on third-party libraries. It is widely recognized that using mature and well-tested third-party libraries can improve developers' productivity, reduce time-to-market, and produce more…

Software Engineering · Computer Science 2016-12-07 Mohamed Aymen Saied , Ali Ouni , Houari Sahraoui , Raula Gaikovina Kula , Katsuro Inoue , David Lo

As modern software development increasingly relies on reusable libraries and components, managing dependencies has become critical for ensuring software stability and security. However, challenges such as outdated dependencies, missed…

Software Engineering · Computer Science 2025-04-01 Barisha Chowdhury , Md Fazle Rabbi , S. M. Mahedy Hasan , Minhaz F. Zibran

In the current software development environment, third-party libraries play a crucial role. They provide developers with rich functionality and convenient solutions, speeding up the pace and efficiency of software development. However, with…

Software Engineering · Computer Science 2024-04-30 Jia Zeng , Dan Han , Yaling Zhu , Yangzhong Wang , Fangchen Weng

Third-party libraries are a central building block to develop software systems. However, outdated third-party libraries are commonly used, and developers are usually less aware of the potential risks. Therefore, a quantitative and holistic…

Software Engineering · Computer Science 2020-02-26 Ying Wang , Bihuan Chen , Kaifeng Huang , Bowen Shi , Congying Xu , Xin Peng , Yang Liu , Yijian Wu

Easy and mostly free access to the internet has resulted in the growing use of open source software (OSS). However, it is a common perception that closed proprietary software is still superior in areas such as software maintenance and…

Software Engineering · Computer Science 2015-12-01 Arif Raza , Luiz Fernando Capretz , Faheem Ahmed

While open-source software has enabled significant levels of reuse to speed up software development, it has also given rise to the dreadful dependency hell that all software practitioners face on a regular basis. This article provides a…

Software Engineering · Computer Science 2024-11-21 Tom Mens , Alexandre Decan

Industrial applications heavily rely on open-source software (OSS) libraries, which provide various benefits. But, they can also present a substantial risk if a vulnerability or attack arises and the community fails to promptly address the…

Software Engineering · Computer Science 2025-04-24 Alexandros Tsakpinis , Alexander Pretschner

Relying on dependency packages accelerates software development, but it also increases the exposure to security vulnerabilities that may be present in dependencies. While developers have full control over which dependency packages (and…

Software Engineering · Computer Science 2023-10-13 Abbas Javan Jafari , Diego Elias Costa , Ahmad Abdellatif , Emad Shihab

Third-party libraries (TPLs) are frequently reused in software to reduce development cost and the time to market. However, external library dependencies may introduce vulnerabilities into host applications. The issue of library dependency…

Software Engineering · Computer Science 2022-09-21 Wei Tang , Zhengzi Xu , Chengwei Liu , Jiahui Wu , Shouguo Yang , Yi Li , Ping Luo , Yang Liu
‹ Prev 1 2 3 10 Next ›