English
Related papers

Related papers: Engineering Formality and Software Risk in Debian …

200 papers
Underproduction: An Approach for Measuring Risk in Open Source Software

The widespread adoption of Free/Libre and Open Source Software (FLOSS) means that the ongoing maintenance of many widely used software components relies on the collaborative effort of volunteers who set their own priorities and choose their…

Software Engineering · Computer Science 2024-12-10 Kaylea Champion , Benjamin Mako Hill
Sources of Underproduction in Open Source Software

Because open source software relies on individuals who select their own tasks, it is often underproduced -- a term used by software engineering researchers to describe when a piece of software's relative quality is lower than its relative…

Software Engineering · Computer Science 2024-12-10 Kaylea Champion , Benjamin Mako Hill
Tracking Down Software Cluster Bombs: A Current State Analysis of the Free/Libre and Open Source Software (FLOSS) Ecosystem

Throughout computer history, it has been repeatedly demonstrated that critical software vulnerabilities can significantly affect the components involved. In the Free/Libre and Open Source Software (FLOSS) ecosystem, most software is…

Software Engineering · Computer Science 2025-02-13 Stefan Tatschner , Michael P. Heinl , Nicole Pappler , Tobias Specht , Sven Plaga , Thomas Newe
An Empirical Study on Package-Level Deprecation in Python Ecosystem

Open-source software (OSS) plays a crucial role in modern software development. Utilizing OSS code can greatly accelerate software development, reduce redundancy, and enhance reliability. Python, a widely adopted programming language, is…

Software Engineering · Computer Science 2024-08-21 Zhiqing Zhong , Shilin He , Haoxuan Wang , Boxi Yu , Haowen Yang , Pinjia He
Free and Open-Source Software is not an Emerging Property but Rather the Result of Studied Design

Free and open source software (FOSS) is considered by many, along with Wikipedia, the proof of an ongoing paradigm shift from hierarchically-managed and market-driven production of knowledge to heterarchical, collaborative and commons-based…

Computers and Society · Computer Science 2010-12-30 Paolo Magrassi
The Introduction of README and CONTRIBUTING Files in Open Source Software Development

README and CONTRIBUTING files can serve as the first point of contact for potential contributors to free/libre and open source software (FLOSS) projects. Prominent open source software organizations such as Mozilla, GitHub, and the Linux…

Software Engineering · Computer Science 2025-03-17 Matthew Gaughan , Kaylea Champion , Sohyeon Hwang , Aaron Shaw
Assessing the Threat Level of Software Supply Chains with the Log Model

The use of free and open source software (FOSS) components in all software systems is estimated to be above 90%. With such high usage and because of the heterogeneity of FOSS tools, repositories, developers and ecosystem, the level of…

Cryptography and Security · Computer Science 2023-11-21 Luıs Soeiro , Thomas Robert , Stefano Zacchiroli
Why We Engage in FLOSS: Answers from Core Developers

The maintenance and evolution of Free/Libre Open Source Software (FLOSS) projects demand the constant attraction of core developers. In this paper, we report the results of a survey with 52 developers, who recently became core contributors…

Software Engineering · Computer Science 2018-08-09 Jailton Coelho , Marco Tulio Valente , Luciana L. Silva , Andre Hora
Modeling Interconnected Social and Technical Risks in Open Source Software Ecosystems

Open source software ecosystems consist of thousands of interdependent libraries, which users can combine to great effect. Recent work has pointed out two kinds of risks in these systems: that technical problems like bugs and…

Software Engineering · Computer Science 2022-05-11 William Schueller , Johannes Wachs
Reproducible Builds: Increasing the Integrity of Software Supply Chains

Although it is possible to increase confidence in Free and Open Source Software (FOSS) by reviewing its source code, trusting code is not the same as trusting its executable counterparts. These are typically built and distributed by…

Software Engineering · Computer Science 2021-04-14 Chris Lamb , Stefano Zacchiroli
Opportunities and Security Risks of Technical Leverage: A Replication Study on the NPM Ecosystem

To comply with high productivity demands, software developers reuse free open-source software (FOSS) code to avoid reinventing the wheel when incorporating software features. The reliance on FOSS reuse has been shown to improve productivity…

Software Engineering · Computer Science 2025-06-19 Haya Samaana , Diego Elias Costa , Ahmad Abdellatif , Emad Shihab
An LLM-based Quantitative Framework for Evaluating High-Stealthy Backdoor Risks in OSS Supply Chains

In modern software development workflows, the open-source software supply chain contributes significantly to efficient and convenient engineering practices. With increasing system complexity, using open-source software as third-party…

Software Engineering · Computer Science 2025-11-18 Zihe Yan , Kai Luo , Haoyu Yang , Yang Yu , Zhuosheng Zhang , Guancheng Li
DEPTEX: Organization-First, Open Source Dependency Risk Monitoring

Open-source software (OSS) dependencies introduce systemic risks that are difficult to manage at scale. Existing Software Composition Analysis (SCA) and reachability tools generate severe alert fatigue by treating risk as an intrinsic…

Software Engineering · Computer Science 2026-05-04 Henry Ruckman-Utting , Vrushal Nedungadi , Taiga Okuma , LeTian Wang , Stephen Ehebald , Mohammad A. Tayebi
Towards maintainer script modernization in FOSS distributions

Free and Open Source Software (FOSS) distributions are complex software systems, made of thousands packages that evolve rapidly, independently, and without centralized coordination. During packages upgrades, corner case failures can be…

Software Engineering · Computer Science 2009-09-29 Davide Di Ruscio , Patrizio Pelliccione , Alfonso Pierantonio , Stefano Zacchiroli
An Empirical Study of Flaky Tests in Python

Tests that cause spurious failures without any code changes, i.e., flaky tests, hamper regression testing, increase maintenance costs, may shadow real bugs, and decrease trust in tests. While the prevalence and importance of flakiness is…

Software Engineering · Computer Science 2022-02-15 Martin Gruber , Stephan Lukasczyk , Florian Kroiß , Gordon Fraser
Package upgrades in FOSS distributions: details and challenges

The upgrade problems faced by Free and Open Source Software distributions have characteristics not easily found elsewhere. We describe the structure of packages and their role in the upgrade process. We show that state of the art package…

Software Engineering · Computer Science 2009-02-11 Roberto Di Cosmo , Stefano Zacchiroli , Paulo Trezentos
Myths and Realities about Online Forums in Open Source Software Development: An Empirical Study

The use of free and open source software (OSS) is gaining momentum due to the ever increasing availability and use of the Internet. Organizations are also now adopting open source software, despite some reservations, in particular regarding…

Software Engineering · Computer Science 2015-07-27 Faheem Ahmed , Piers Campbell , Ahmad Jaffar , Luiz Fernando Capretz
PyPitfall: Dependency Chaos and Software Supply Chain Vulnerabilities in Python

Python software development heavily relies on third-party packages. Direct and transitive dependencies create a labyrinth of software supply chains. While it is convenient to reuse code, vulnerabilities within these dependency chains can…

Cryptography and Security · Computer Science 2026-03-11 Jacob Mahon , Chenxi Hou , Zhihao Yao
From Logic to Toolchains: An Empirical Study of Bugs in the TypeScript Ecosystem

TypeScript has rapidly become a popular language for modern web development, yet its effect on software faults remains poorly understood. This paper presents the first large-scale empirical study of bugs in real-world TypeScript projects.…

Software Engineering · Computer Science 2026-01-30 TianYi Tang , Saba Alimadadi , Nick Sumner
The Code the World Depends On: A First Look at Technology Makers' Open Source Software Dependencies

Open-source software (OSS) supply chain security has become a topic of concern for organizations. Patching an OSS vulnerability can require updating other dependent software products in addition to the original package. However, the…

Software Engineering · Computer Science 2024-04-19 Cadence Patrick , Kimberly Ruth , Zakir Durumeric
‹ Prev 1 2 3 10 Next ›