English
Related papers

Related papers: ModuleGuard:Understanding and Detecting Module Con…

200 papers

Python is widely used in the open-source community, largely owing to the extensive support from diverse third-party libraries within the PyPI ecosystem. Nevertheless, the utilization of third-party libraries can potentially lead to…

Software Engineering · Computer Science 2024-01-08 Yun Peng , Ruida Hu , Ruoke Wang , Cuiyun Gao , Shuqing Li , Michael R. Lyu

In the rapidly evolving software development landscape, Python stands out for its simplicity, versatility, and extensive ecosystem. Python packages, as units of organization, reusability, and distribution, have become a pressing concern,…

Software Engineering · Computer Science 2025-09-05 Haowei Quan , Junjie Wang , Xinzhe Li , Terry Yue Zhuo , Xiao Chen , Xiaoning Du

The popularity of Python has risen rapidly over the past 15 years. It is a major language in some of the most exciting technologies today. This popularity has led to a large ecosystem of third-party packages available via the pip package…

Cryptography and Security · Computer Science 2021-02-15 Aadesh Bagmar , Josiah Wedgwood , Dave Levin , Jim Purtilo

Many popular Python libraries use C-extensions for performance-critical operations allowing users to combine the best of the two worlds: The simplicity and versatility of Python and the performance of C. A drawback of this approach is that…

Software Engineering · Computer Science 2026-03-09 Lucas Berg , Lukas Krodinger , Stephan Lukasczyk , Annibale Panichella , Gordon Fraser , Wim Vanhoof , Xavier Devroey

It is widely accepted that traditional modular structures suffer from the dominant decomposition problem. Therefore, to improve current modularity views, it is important to investigate the impact of design decisions concerning modularity in…

Software Engineering · Computer Science 2015-06-19 Luciana Silva , Daniel Felix , Marco Tulio Valente , Marcelo Maia

The Python Package Index (PyPI) has become a target for malicious actors, yet existing detection tools generate false positive rates of 15-30%, incorrectly flagging one-third of legitimate packages as malicious. This problem arises because…

Cryptography and Security · Computer Science 2026-01-28 Wenbo Guo , Chengwei Liu , Ming Kang , Yiran Zhang , Jiahui Wu , Zhengzi Xu , Vinay Sachidananda , Yang Liu

Command injection vulnerabilities are a significant security threat in dynamic languages like Python, particularly in widely used open-source projects where security issues can have extensive impact. With the proven effectiveness of Large…

Software Engineering · Computer Science 2025-05-22 Yuxuan Wang , Jingshu Chen , Qingyang Wang

PyPI provides a convenient and accessible package management platform to developers, enabling them to quickly implement specific functions and improve work efficiency. However, the rapid development of the PyPI ecosystem has led to a severe…

Software Engineering · Computer Science 2023-09-21 Wenbo Guo , Zhengzi Xu , Chengwei Liu , Cheng Huang , Yong Fang , Yang Liu

Developers create software branches for tentative feature addition and bug fixing, and periodically merge branches to release software with new features or repairing patches. When the program edits from different branches textually overlap…

Software Engineering · Computer Science 2021-03-04 Bowen Shen , Cihan Xiao , Na Meng , Fei He

Malicious package detection has become a critical task in ensuring the security and stability of the PyPI. Existing detection approaches have focused on advancing model selection, evolving from traditional machine learning (ML) models to…

Cryptography and Security · Computer Science 2025-06-18 Xingan Gao , Xiaobing Sun , Sicong Cao , Kaifeng Huang , Di Wu , Xiaolei Liu , Xingwei Lin , Yang Xiang

Truly multilingual safety moderation efforts for Large Language Models (LLMs) have been hindered by a narrow focus on a small set of languages (e.g., English, Chinese) as well as a limited scope of safety definition, resulting in…

Computation and Language · Computer Science 2025-08-08 Priyanshu Kumar , Devansh Jain , Akhila Yerukola , Liwei Jiang , Himanshu Beniwal , Thomas Hartvigsen , Maarten Sap

The rapid evolution of software libraries poses a considerable hurdle for code generation, necessitating continuous adaptation to frequent version updates while preserving backward compatibility. While existing code evolution benchmarks…

The emerging capabilities of large language models (LLMs) have sparked concerns about their immediate potential for harmful misuse. The core approach to mitigate these concerns is the detection of harmful queries to the model. Current…

Computation and Language · Computer Science 2025-12-10 Sahil Verma , Keegan Hines , Jeff Bilmes , Charlotte Siska , Luke Zettlemoyer , Hila Gonen , Chandan Singh

Malicious Python packages make software supply chains vulnerable by exploiting trust in open-source repositories like Python Package Index (PyPI). Lack of real-time behavioral monitoring makes metadata inspection and static code analysis…

Cryptography and Security · Computer Science 2025-03-04 Sk Tanzir Mehedi , Chadni Islam , Gowri Ramachandran , Raja Jurdak

Different security issues are a common problem for open source packages archived to and delivered through software ecosystems. These often manifest themselves as software weaknesses that may lead to concrete software vulnerabilities. This…

Software Engineering · Computer Science 2021-12-28 Jukka Ruohonen , Kalle Hjerppe , Kalle Rindell

Open-source ecosystems such as NPM and PyPI are increasingly targeted by supply chain attacks, yet existing detection methods either depend on fragile handcrafted rules or data-driven features that fail to capture evolving attack semantics.…

Software Engineering · Computer Science 2026-01-26 Wenbo Guo , Shiwen Song , Jiaxun Guo , Zhengzi Xu , Chengwei Liu , Haoran Ou , Mengmeng Ge , Yang Liu

Current software supply chains heavily rely on open-source packages hosted in public repositories. Given the popularity of ecosystems like npm and PyPI, malicious users started to spread malware by publishing open-source packages containing…

Cryptography and Security · Computer Science 2023-10-17 Piergiorgio Ladisa , Serena Elisa Ponta , Nicola Ronzoni , Matias Martinez , Olivier Barais

Python is one of the fastest-growing programming languages and currently ranks as the top language in many lists, even recently overtaking JavaScript as the top language on GitHub. Given its importance in data science and machine learning,…

Software Engineering · Computer Science 2025-02-10 Idriss Abdelmadjid , Robert Dyer

Performance optimization of AI infrastructure is key to the fast adoption of large language models (LLMs). The PyTorch compiler (torch.compile), a core optimization tool for deep learning (DL) models (including LLMs), has received due…

Software Engineering · Computer Science 2026-04-13 Meiziniu Li , Dongze Li , Jianmeng Liu , Shing-Chi Cheung

In an era shaped by Generative Artificial Intelligence for code generation and the rising adoption of Python-based Machine Learning systems (MLS), software quality has emerged as a major concern. As these systems grow in complexity and…

Software Engineering · Computer Science 2026-04-02 Mohamed Almukhtar , Anwar Ghammam , Marouane Kessentini , Hua Ming
‹ Prev 1 2 3 10 Next ›