We study the evolution and impact of bloated dependencies in a single software ecosystem:
Java/Maven. Bloated dependencies are third-party libraries that are packaged in the …

Static analyses have problems modelling dynamic language features soundly while
retaining acceptable precision. The problem is well-understood in theory, but there is little …

Call graphs are widely used; in particular for advanced control-and data-flow analyses. Even
though many call graph algorithms with different precision and scalability properties have …

Application Programming Interfaces (APIs) typically come with (implicit) usage constraints.
The violations of these constraints (API misuses) can lead to software crashes. Even though …

Call graphs have many applications in software engineering, including bug-finding, security
analysis, and code navigation in IDEs. However, the construction of call graphs requires …

Static program analysis is widely used to detect bugs and vulnerabilities early in the life
cycle of software. It models possible program executions without executing a program, and …

Static call graphs are a fundamental building block of program analysis. However,
differences in call-graph construction and the use of specific language features can yield …

Although call graphs are crucial for inter-procedural analyses, it is challenging to statically
compute them for programs with dynamic features. Prior work focused on supporting certain …

With the continuous rise in the popularity of Android mobile devices, automated testing of
apps has become more important than ever. Android apps are event-driven programs …

In recent years, the extensive application of the Python language has made its analysis work
more and more valuable. Many static analysis algorithms need to rely on the construction of …