English
Related papers

Related papers: PVAC: Package Version Activity Categorizer, Levera…

200 papers

Modern software systems rely on dependency networks of reusable libraries, where breaking changes propagate and cause downstream consumers to fail. Despite growing research across ecosystems, no comprehensive synthesis exists. We conduct a…

Software Engineering · Computer Science 2026-05-26 Juntao Chen , Tingting Bi , Yanlin Wang , Patanamon Thongtanunam

Package managers are legion. Every programming language and operating system has its own solution, each with subtly different semantics for dependency resolution. This fragmentation prevents multilingual projects from expressing precise…

Programming Languages · Computer Science 2026-02-24 Ryan Gibb , Patrick Ferris , David Allsopp , Thomas Gazagnaire , Anil Madhavapeddy

\textbf{Context:} Policy-as-Code (PaC) has become a foundational approach for embedding governance, compliance, and security requirements directly into software systems. While organizations increasingly adopt PaC tools, the software…

Software Engineering · Computer Science 2026-01-12 Patrick Loic Foalem , Foutse Khomh , Leuson Da Silva , Ettore Merlo

Existing innovation metrics inadequately capture software innovation, creating blind spots for researchers and policymakers seeking to understand and foster technological innovation in an increasingly software-defined economy. This paper…

Software Engineering · Computer Science 2025-07-01 Eva Maxfield Brown , Cailean Osborne , Peter Cihon , Moritz Böhmecke-Schwafert , Kevin Xu , Mirko Boehm , Knut Blind

Checking the semantic equivalence of operations is an important task in software development. For instance, regression testing is a routine task performed when software systems are developed and improved, and software package managers…

Programming Languages · Computer Science 2019-09-23 Sergio Antoy , Michael Hanus

A software analysis is a computer program that takes some representation of a software product as input and produces some useful information about that product as output. A software product line encompasses \emph{many} software product…

Programming Languages · Computer Science 2020-10-05 Ramy Shahin , Marsha Chechik

Detecting vulnerabilities in source code remains critical yet challenging, as conventional static analysis tools construct inaccurate program representations, while existing LLM-based approaches often miss essential vulnerability context…

Software Engineering · Computer Science 2026-04-14 Yiheng Cao , Yihao Chen , Xin Hu , Bihuan Chen , Jiayi Deng , Zhuotong Zhou , Susheng Wu , Yiheng Huang , Xueying Du , Xingman Chen , Miaohua Li , Xin Peng

Managing project dependencies is a key maintenance issue in software development. Developers need to choose an update strategy that allows them to receive important updates and fixes while protecting them from breaking changes. Semantic…

Software Engineering · Computer Science 2023-05-26 Abbas Javan Jafari , Diego Elias Costa , Emad Shihab , Rabe Abdalkareem

Third-party libraries (TPLs) have become an essential component of software, accelerating development and reducing maintenance costs. However, breaking changes often occur during the upgrades of TPLs and prevent client programs from moving…

Software Engineering · Computer Science 2023-09-19 Wenke Li , Feng Wu , Cai Fu , Fan Zhou

Version control system tools empower developers to independently work on their development tasks. These tools also facilitate the integration of changes through merging operations, and report textual conflicts. However, when developers…

Software Engineering · Computer Science 2023-10-16 Galileu Santos de Jesus , Paulo Borba , Rodrigo Bonifácio , Matheus Barbosa de Oliveira

Open-source licenses establish the legal foundation for software reuse, yet license variants, including both modified standard licenses and custom-created alternatives, introduce significant compliance complexities. Despite their prevalence…

Software Engineering · Computer Science 2025-11-03 Weiwei Xu , Hengzhi Ye , Kai Gao , Minghui Zhou

Software Vulnerability (SV) assessment is a crucial process of determining different aspects of SVs (e.g., attack vectors and scope) for developers to effectively prioritize efforts in vulnerability mitigation. It presents a challenging and…

Software Engineering · Computer Science 2025-01-28 Xin-Cheng Wen , Jiaxin Ye , Cuiyun Gao , Lianwei Wu , Qing Liao

The integration of open-source third-party library dependencies in Java development introduces significant security risks when these libraries contain known vulnerabilities. Existing Software Composition Analysis (SCA) tools struggle to…

Software Engineering · Computer Science 2025-07-25 Wang Lingxiang , Quanzhi Fu , Wenjia Song , Gelei Deng , Yi Liu , Dan Williams , Ying Zhang

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Recently, the number of malicious open-source packages in package repositories has been increasing dramatically. While major security scanners focus on identifying known Common Vulnerabilities and Exposures (CVEs) in open-source packages,…

Cryptography and Security · Computer Science 2025-11-20 Thanh-Cong Nguyen , Ngoc-Thanh Nguyen , Van-Giau Ung , Duc-Ly Vu

Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries. Vulnerabilities in open source therefore have potentially huge impacts. The goal of this work is to get…

Software Engineering · Computer Science 2023-05-10 Tobias Dam , Sebastian Neumaier

Package managers have become a vital part of the modern software development process. They allow developers to reuse third-party code, share their own code, minimize their codebase, and simplify the build process. However, recent reports…

Cryptography and Security · Computer Science 2020-12-03 Ruian Duan , Omar Alrawi , Ranjita Pai Kasturi , Ryan Elder , Brendan Saltaformaggio , Wenke Lee

Many software development organizations still lack support for obtaining intellectual control over their software development processes and for determining the performance of their processes and the quality of the produced products.…

Software Engineering · Computer Science 2014-01-10 Peter Liggesmeyer , Jens Heidrich , Jürgen Münch , Robert Kalcklösch , Henning Barthel , Dirk Zeckzer

Ecologists and evolutionary biologists are relying on an increasingly sophisticated set of statistical tools to describe complex natural systems. One such tool that has gained increasing traction in the life sciences is structural equation…

Quantitative Methods · Quantitative Biology 2015-09-08 Jonathan S. Lefcheck

Collaborative vocabulary development in the context of data integration is the process of finding consensus between the experts of the different systems and domains. The complexity of this process is increased with the number of involved…

Artificial Intelligence · Computer Science 2016-01-12 Lavdim Halilaj , Irlán Grangel-González , Gökhan Coskun , Sören Auer