Do developers update their library dependencies? An empirical study on the impact of security advisories on library migration
Third-party library reuse has become common practice in contemporary software
development, as it includes several benefits for developers. Library dependencies are …
development, as it includes several benefits for developers. Library dependencies are …
Can automated pull requests encourage software developers to upgrade out-of-date dependencies?
S Mirhosseini, C Parnin - 2017 32nd IEEE/ACM international …, 2017 - ieeexplore.ieee.org
Developers neglect to update legacy software dependencies, resulting in buggy and
insecure software. One explanation for this neglect is the difficulty of constantly checking for …
insecure software. One explanation for this neglect is the difficulty of constantly checking for …
Toxic code snippets on stack overflow
Online code clones are code fragments that are copied from software projects or online
sources to Stack Overflow as examples. Due to an absence of a checking mechanism after …
sources to Stack Overflow as examples. Due to an absence of a checking mechanism after …
An empirical study of c++ vulnerabilities in crowd-sourced code examples
Software developers share programming solutions in Q&A sites like Stack Overflow, Stack
Exchange, Android forum, and so on. The reuse of crowd-sourced code snippets can …
Exchange, Android forum, and so on. The reuse of crowd-sourced code snippets can …
The extent of orphan vulnerabilities from code reuse in open source software
D Reid, M Jahanshahi, A Mockus - Proceedings of the 44th International …, 2022 - dl.acm.org
Motivation: A key premise of open source software is the ability to copy code to other open
source projects (white-box reuse). Such copying accelerates development of new projects …
source projects (white-box reuse). Such copying accelerates development of new projects …
Identifying source code reuse across repositories using lcs-based source code similarity
Developers often reuse source files developed for another project. In order to update a
reused file to a newer version released by the original project, developers have to track …
reused file to a newer version released by the original project, developers have to track …
On the impact of micro-packages: An empirical study of the npm javascript ecosystem
The rise of user-contributed Open Source Software (OSS) ecosystems demonstrate their
prevalence in the software engineering discipline. Libraries work together by depending on …
prevalence in the software engineering discipline. Libraries work together by depending on …
Source file set search for clone-and-own reuse analysis
T Ishio, Y Sakaguchi, K Ito… - 2017 IEEE/ACM 14th …, 2017 - ieeexplore.ieee.org
Clone-and-own approach is a natural way of source code reuse for software developers. To
assess how known bugs and security vulnerabilities of a cloned component affect an …
assess how known bugs and security vulnerabilities of a cloned component affect an …
Perceptions on the utility of community question and answer websites like Stack Overflow to software developers
IG Ndukwe, SA Licorish… - IEEE Transactions on …, 2022 - ieeexplore.ieee.org
Software developers make use of on crowdsourcing during development. Beyond learning
from others, developers use online portals such as Stack Overflow as a vehicle for …
from others, developers use online portals such as Stack Overflow as a vehicle for …
Automating code review
R Tufano - 2023 IEEE/ACM 45th International Conference on …, 2023 - ieeexplore.ieee.org
Code reviews are popular in both industrial and open source projects. The benefits of code
reviews are widely recognized and include better code quality and lower likelihood of …
reviews are widely recognized and include better code quality and lower likelihood of …