Understanding the threats of upstream vulnerabilities to downstream projects in the maven ecosystem
Y Wu, Z Yu, M Wen, Q Li, D Zou… - 2023 IEEE/ACM 45th …, 2023 - ieeexplore.ieee.org
Modern software systems are increasingly relying on dependencies from the ecosystem. A
recent estimation shows that around 35% of an open-source project's code come from its …
recent estimation shows that around 35% of an open-source project's code come from its …
Ecosystem of large language models for code
The availability of vast amounts of publicly accessible data of source code and the advances
in modern language models, coupled with increasing computational resources, have led to …
in modern language models, coupled with increasing computational resources, have led to …
Toward using package centrality trend to identify packages in decline
Due to their increasing complexity, today's software systems are frequently built by
leveraging reusable code in the form of libraries and packages. Software ecosystems (eg …
leveraging reusable code in the form of libraries and packages. Software ecosystems (eg …
Investigating user feedback from a crowd in requirements management in software ecosystems
P Malcher, D Viana, PO Antonino… - Empirical Software …, 2024 - Springer
Requirements management is a process that aims to ensure that the needs of stakeholders
are met through delivering adequate and quality software products. However, requirements …
are met through delivering adequate and quality software products. However, requirements …
Collaboration in software ecosystems: A study of work groups in open environment
Context: As a particular type of software ecosystem, an open source software ecosystem
(OSSECO) is a collection of interdependent open source software (OSS) projects which are …
(OSSECO) is a collection of interdependent open source software (OSS) projects which are …
A Grounded Theory of Cross-community SECOs: Feedback Diversity vs. Synchronization
A Foundjem, EE Eghan, B Adams - IEEE Transactions on …, 2023 - ieeexplore.ieee.org
Despite their proliferation, growing sustainable software ecosystems (SECOs) remains a
substantial challenge. One approach to mitigate this challenge is by collecting and …
substantial challenge. One approach to mitigate this challenge is by collecting and …
Dgmf: Fast generation of comparable, updatable dependency graphs for software repositories
T Litzenberger, J Düsing… - 2023 IEEE/ACM 20th …, 2023 - ieeexplore.ieee.org
Dependency graphs for software repositories have been utilized in a variety of different
research contexts. However, to this date there is no unified data model for such graphs, often …
research contexts. However, to this date there is no unified data model for such graphs, often …
Automatically resolving dependency-conflict building failures via behavior-consistent loosening of library version constraints
Python projects grow quickly by code reuse and building automation based on third-party
libraries. However, the version constraints associated with these libraries are prone to mal …
libraries. However, the version constraints associated with these libraries are prone to mal …
Upstream bug management in Linux distributions: An empirical study of Debian and Fedora practices
A Linux distribution consists of thousands of packages that are either developed by in-house
developers (in-house packages) or by external projects (upstream packages). Leveraging …
developers (in-house packages) or by external projects (upstream packages). Leveraging …
Effective Vulnerable Function Identification based on CVE Description Empowered by Large Language Models
Y Wu, M Wen, Z Yu, X Guo, H Jin - Proceedings of the 39th IEEE/ACM …, 2024 - dl.acm.org
Open-source software (OSS) has profoundly transformed the software development
paradigm by facilitating effortless code reuse. However, in recent years, there has been an …
paradigm by facilitating effortless code reuse. However, in recent years, there has been an …