English
Related papers

Related papers: Polyglot Code Smell Detection for Infrastructure a…

200 papers

Infrastructure as Code (IaC) is the process of managing IT infrastructure via programmable configuration files (also called IaC scripts). Like other software artifacts, IaC scripts may contain security smells, which are coding patterns that…

Cryptography and Security · Computer Science 2022-09-08 Nuno Saavedra , João F. Ferreira

Context: Security smells are recurring coding patterns that are indicative of security weakness, and require further inspection. As infrastructure as code (IaC) scripts, such as Ansible and Chef scripts, are used to provision cloud-based…

Cryptography and Security · Computer Science 2020-06-23 Akond Rahman , Md. Rayhanur Rahman , Chris Parnin , Laurie Williams

Automated deployment and management of Cloud applications relies on descriptions of their deployment topologies, often referred to as Infrastructure Code. As the complexity of applications and their deployment models increases, developers…

Eradication of code smells is often pointed out as a way to improve readability, extensibility and design in existing software. However, code smell detection in large systems remains time consuming and error-prone, partly due to the…

Software Engineering · Computer Science 2012-05-01 Tiago Pessoa , Fernando Brito e Abreu , Miguel Pessoa Monteiro , Sergio Bryton

Code smells and software vulnerabilities both increase maintenance cost, yet they are often handled by separate tools that miss structural context and produce noisy warnings. This paper presents The Code Whisperer, a hybrid framework that…

Software Engineering · Computer Science 2026-04-16 Mohammad Baqar , Raji Rustamov , Alexander Hughes

Infrastructure as Code (IaC) has become essential for modern software management, yet security flaws in IaC scripts can have severe consequences, as exemplified by the recurring exploits of Cloud Web Services. Prior work has recognized the…

Cryptography and Security · Computer Science 2025-09-24 Aicha War , Serge L. B. Nikiema , Jordan Samhi , Jacques Klein , Tegawende F. Bissyande

Code smells are characteristics of the software that indicates a code or design problem which can make software hard to understand, evolve, and maintain. The code smell detection tools proposed in the literature produce different results,…

Software Engineering · Computer Science 2019-02-11 Thirupathi Guggulothu

Angular is one of the most widely adopted frameworks for developing large-scale, dynamic web applications. As projects increase in scope and complexity, developers face growing challenges in managing architecture and maintaining clean,…

Software Engineering · Computer Science 2026-05-01 Maykon Nunes , Emanuel Coutinho , Carla Bezerra , Ivan Machado

We investigated the capabilities of GPT-4o and Gemini 2.0 Flash for secure Infrastructure as Code (IaC) development. For security smell detection, on the Stack Overflow dataset, which primarily contains small, simplified code snippets, the…

Cryptography and Security · Computer Science 2026-02-04 Ehsan Firouzi , Shardul Bhatt , Mohammad Ghafari

Practitioners use Infrastructure as Code (IaC) scripts to efficiently configure IT infrastructures through machine-readable definition files. However, during the development of these scripts, some code patterns or deployment choices may…

Software Engineering · Computer Science 2025-01-22 Seif Kosbar , Mohammad Hamdaqa

Infrastructure as Code (IaC) enables automated provisioning of large-scale cloud and on-premise environments, reducing the need for repetitive manual setup. However, this automation is a double-edged sword: a single misconfiguration in IaC…

Cryptography and Security · Computer Science 2026-01-22 Qiyue Mei , Michael Fu

Code smells are symptoms of potential code quality problems that may affect software maintainability, thus increasing development costs and impacting software reliability. Large language models (LLMs) have shown remarkable capabilities for…

Software Engineering · Computer Science 2026-01-16 Saymon Souza , Amanda Santana , Eduardo Figueiredo , Igor Muzetti , João Eduardo Montandon , Lionel Briand

Infrastructure as Code (IaC) automates the provisioning and management of IT infrastructure through scripts and tools, streamlining software deployment. Prior studies have shown that IaC scripts often contain recurring security…

Cryptography and Security · Computer Science 2025-09-24 Aicha War , Adnan A. Rawass , Abdoul K. Kabore , Jordan Samhi , Jacques Klein , Tegawende F. Bissyande

The Large Language Models (LLMs) have demonstrated great potential in code-related tasks. However, most research focuses on improving the output quality of LLMs (e.g., correctness), and less attention has been paid to the LLM input (e.g.,…

Software Engineering · Computer Science 2025-08-19 Zhipeng Xue , Xiaoting Zhang , Zhipeng Gao , Xing Hu , Shan Gao , Xin Xia , Shanping Li

Machine learning (ML) codebases face unprecedented challenges in maintaining code quality and sustainability as their complexity grows exponentially. While traditional code smell detection tools exist, they fail to address ML-specific…

Software Engineering · Computer Science 2025-02-27 Karthik Shivashankar , Antonio Martini

Code smells indicate the potential problems of software quality so that developers can identify refactoring opportunities by detecting code smells. State-of-the-art approaches leverage heuristics, machine learning, and deep learning to…

Software Engineering · Computer Science 2024-02-19 Haiyang Liu , Yang Zhang , Vidya Saikrishna , Quanquan Tian , Kun Zheng

The low cost and rapid provisioning capabilities have made open-source cloud a desirable platform to launch industrial applications. However, as open-source cloud moves towards maturity, it still suffers from quality issues like code…

Software Engineering · Computer Science 2023-07-25 Raj Narendra Shah , Sameer Ahmed Mohamed , Asif Imran , Tevfik Kosar

A smell in software source code denotes an indication of suboptimal design and implementation decisions, potentially hindering the code understanding and, in turn, raising the likelihood of being prone to changes and faults. Identifying…

Software Engineering · Computer Science 2025-02-10 Anh Ho , Anh M. T. Bui , Phuong T. Nguyen , Amleto Di Salle , Bach Le

Build scripts automate the process of compiling source code, managing dependencies, running tests, and packaging software into deployable artifacts. These scripts are ubiquitous in modern software development pipelines for streamlining…

Software Engineering · Computer Science 2026-04-27 Mahzabin Tamanna , Yash Chandrani , Matthew Burrows , Brandon Wroblewski , Laurie Williams , Dominik Wermke

Android Inter-Component Communication (ICC) is complex, largely unconstrained, and hard for developers to understand. As a consequence, ICC is a common source of security vulnerability in Android apps. To promote secure programming…

Cryptography and Security · Computer Science 2018-12-11 Pascal Gadient , Mohammad Ghafari , Patrick Frischknecht , Oscar Nierstrasz
‹ Prev 1 2 3 10 Next ›