On the use of github actions in software development repositories
GitHub Actions was introduced in 2019 and constitutes an integrated alternative to CI/CD
services for GitHub repositories. The deep integration with GitHub allows repositories to …
services for GitHub repositories. The deep integration with GitHub allows repositories to …
On the impact of security vulnerabilities in the npm and RubyGems dependency networks
The increasing interest in open source software has led to the emergence of large language-
specific package distributions of reusable software libraries, such as npm and RubyGems …
specific package distributions of reusable software libraries, such as npm and RubyGems …
On the outdatedness of workflows in the GitHub Actions ecosystem
GitHub Actions was introduced as a way to automate CI/CD workflows in GitHub, the largest
social coding platform. Thanks to its deep integration into GitHub, GitHub Actions can be …
social coding platform. Thanks to its deep integration into GitHub, GitHub Actions can be …
Chronos: Time-aware zero-shot identification of libraries from vulnerability reports
Tools that alert developers about library vulnerabilities depend on accurate, up-to-date
vulnerability databases which are maintained by security researchers. These databases …
vulnerability databases which are maintained by security researchers. These databases …
Modeling interconnected social and technical risks in open source software ecosystems
W Schueller, J Wachs - Collective Intelligence, 2024 - journals.sagepub.com
Open source software ecosystems consist of thousands of interdependent libraries, which
users can combine to great effect. Recent work has pointed out two kinds of risks in these …
users can combine to great effect. Recent work has pointed out two kinds of risks in these …
Latency-Aware Container Scheduling in Edge Cluster Upgrades: A Deep Reinforcement Learning Approach
In Mobile Edge Computing (MEC), Internet of Things (IoT) devices offload computationally-
intensive tasks to edge nodes, where they are executed within containers, reducing the …
intensive tasks to edge nodes, where they are executed within containers, reducing the …
[PDF][PDF] A Preliminary Study of GitHub Actions Dependencies.
GitHub Actions was introduced in 2019 as a software development workflow automation
tool, allowing to automate a wide range of social and technical activities in GitHub …
tool, allowing to automate a wide range of social and technical activities in GitHub …
Where to Go Now? Finding Alternatives for Declining Packages in the npm Ecosystem
Software ecosystems (eg, npm, PyPI) are the backbone of modern software developments.
Developers add new packages to ecosystems every day to solve new problems or provide …
Developers add new packages to ecosystems every day to solve new problems or provide …
Backports: Change types, challenges and strategies
Source code repositories allow developers to manage multiple versions (or branches) of a
software system. Pull-requests are used to modify a branch, and backporting is a regular …
software system. Pull-requests are used to modify a branch, and backporting is a regular …
Online container scheduling for low-latency iot services in edge cluster upgrade: A reinforcement learning approach
In Mobile Edge Computing (MEC), Internet of Things (IoT) devices offload computationally-
intensive tasks to edge nodes, where they are executed within containers, reducing the …
intensive tasks to edge nodes, where they are executed within containers, reducing the …