Demystifying the vulnerability propagation and its evolution via dependency trees in the npm ecosystem
Third-party libraries with rich functionalities facilitate the fast development of JavaScript
software, leading to the explosive growth of the NPM ecosystem. However, it also brings …
software, leading to the explosive growth of the NPM ecosystem. However, it also brings …
Towards better dependency management: A first look at dependency smells in python projects
Managing cross-project dependencies is tricky in modern software development. A primary
way to manage dependencies is using dependency configuration files, which brings …
way to manage dependencies is using dependency configuration files, which brings …
Dependency update strategies and package characteristics
Managing project dependencies is a key maintenance issue in software development.
Developers need to choose an update strategy that allows them to receive important …
Developers need to choose an update strategy that allows them to receive important …
A closer look at the security risks in the rust ecosystem
Rust is an emerging programming language designed for the development of systems
software. To facilitate the reuse of Rust code, crates. io, as a central package registry of the …
software. To facilitate the reuse of Rust code, crates. io, as a central package registry of the …
AROMA: Automatic Reproduction of Maven Artifacts
Modern software engineering establishes software supply chains and relies on tools and
libraries to improve productivity. However, reusing external software in a project presents a …
libraries to improve productivity. However, reusing external software in a project presents a …
Empirical Analysis of Vulnerabilities Life Cycle in Golang Ecosystem
Open-source software (OSS) greatly facilitates program development for developers.
However, the high number of vulnerabilities in open-source software is a major concern …
However, the high number of vulnerabilities in open-source software is a major concern …
[HTML][HTML] Studying users' perception of IoT mobile companion apps
Abstract Internet of Things (IoT) products provide over-the-net capabilities such as remote
activation, monitoring, and notifications. An associated mobile app is often provided for more …
activation, monitoring, and notifications. An associated mobile app is often provided for more …
Is There a Correlation Between Readme Content and Project Meta‐Characteristics?
ASM Venigalla, S Chimalakonda - Software: Practice and …, 2024 - Wiley Online Library
Context Developers often turn to readme files in GitHub repositories when they intend to
contribute, reuse, or extend a project. These files act as a primary source of information …
contribute, reuse, or extend a project. These files act as a primary source of information …
Remote Multi-Person Heart Rate Monitoring with Smart Speakers: Overcoming Separation Constraint
Heart rate is a key vital sign that can be used to understand an individual's health condition.
Recently, remote sensing techniques, especially acoustic-based sensing, have received …
Recently, remote sensing techniques, especially acoustic-based sensing, have received …
Maven Unzipped: Exploring the Impact of Library Packaging on the Ecosystem
M Keshani, G Bot, P Rungta, M Izadi… - 2024 IEEE …, 2024 - ieeexplore.ieee.org
MAVEN is a popular dependency management tool and ecosystem used by millions of
developers. However, the over-whelming amount of available open-source software and the …
developers. However, the over-whelming amount of available open-source software and the …