Out of sight, out of mind? How vulnerable dependencies affect open-source projects
Context Software developers often use open-source libraries in their project to improve
development speed. However, such libraries may contain security vulnerabilities, and this …
development speed. However, such libraries may contain security vulnerabilities, and this …
On the outdatedness of workflows in the GitHub Actions ecosystem
GitHub Actions was introduced as a way to automate CI/CD workflows in GitHub, the largest
social coding platform. Thanks to its deep integration into GitHub, GitHub Actions can be …
social coding platform. Thanks to its deep integration into GitHub, GitHub Actions can be …
Quantifying security issues in reusable JavaScript actions in GitHub workflows
GitHub's integrated automated workflow mechanism called GitHub Actions promotes the use
of Actions as reusable building blocks in workflows. The majority of those Actions are …
of Actions as reusable building blocks in workflows. The majority of those Actions are …
Mitigating security issues in github actions
HO Delicheh, T Mens - Proceedings of the 2024 ACM/IEEE 4th …, 2024 - dl.acm.org
Collaborative practices have revolutionised the software development process, enabling
distributed teams to seamlessly work together. Social coding platforms have integrated …
distributed teams to seamlessly work together. Social coding platforms have integrated …
[PDF][PDF] A Preliminary Study of GitHub Actions Dependencies.
GitHub Actions was introduced in 2019 as a software development workflow automation
tool, allowing to automate a wide range of social and technical activities in GitHub …
tool, allowing to automate a wide range of social and technical activities in GitHub …
Quantifying Security Issues in Reusable JavaScript Actions in GitHub Workflows
GitHub's integrated automated workflow mechanism called GitHub Actions promotes the use
of Actions as reusable building blocks in workflows. The majority of those Actions are …
of Actions as reusable building blocks in workflows. The majority of those Actions are …
[图书][B] Software Ecosystems: Tooling and Analytics
This book highlights recent research advances in various domains related to software
ecosystems such as library reuse, collaborative development, cloud computing, open …
ecosystems such as library reuse, collaborative development, cloud computing, open …
An introduction to software ecosystems
This chapter defines and presents the kinds of software ecosystems that are targeted in this
book. The focus is on the development, tooling, and analytics aspects of “software …
book. The focus is on the development, tooling, and analytics aspects of “software …
A Comprehensive Study on the Impact of Vulnerable Dependencies on Open-Source Software
SHBI Kumar, LR Sampaio, A Martin… - 2024 IEEE 35th …, 2024 - ieeexplore.ieee.org
Open-source libraries are widely used by software developers to speed up the development
of products, however, they can introduce security vulnerabilities, leading to incidents like …
of products, however, they can introduce security vulnerabilities, leading to incidents like …
Mitigating Security Issues in GitHub Actions
T Mens - 2024 ACM/IEEE 4th International Workshop on …, 2024 - orbi.umons.ac.be
Collaborative practices have revolutionised the software development process, enabling
distributed teams to seamlessly work together. Social coding platforms have integrated …
distributed teams to seamlessly work together. Social coding platforms have integrated …