Towards understanding third-party library dependency in c/c++ ecosystem
Third-party libraries (TPLs) are frequently reused in software to reduce development cost
and the time to market. However, external library dependencies may introduce …
and the time to market. However, external library dependencies may introduce …
Towards better dependency management: A first look at dependency smells in python projects
Managing cross-project dependencies is tricky in modern software development. A primary
way to manage dependencies is using dependency configuration files, which brings …
way to manage dependencies is using dependency configuration files, which brings …
Understanding the threats of upstream vulnerabilities to downstream projects in the maven ecosystem
Y Wu, Z Yu, M Wen, Q Li, D Zou… - 2023 IEEE/ACM 45th …, 2023 - ieeexplore.ieee.org
Modern software systems are increasingly relying on dependencies from the ecosystem. A
recent estimation shows that around 35% of an open-source project's code come from its …
recent estimation shows that around 35% of an open-source project's code come from its …
smartpip: A smart approach to resolving python dependency conflict issues
As one of the representative software ecosystems, PyPI, together with the Python package
management tool pip, greatly facilitates Python developers to automatically manage the …
management tool pip, greatly facilitates Python developers to automatically manage the …
Software composition analysis for vulnerability detection: An empirical study on Java projects
Software composition analysis (SCA) tools are proposed to detect potential vulnerabilities
introduced by open-source software (OSS) imported as third-party libraries (TPL). With the …
introduced by open-source software (OSS) imported as third-party libraries (TPL). With the …
Understanding the Impact of APIs Behavioral Breaking Changes on Client Applications
Libraries play a significant role in software development as they provide reusable
functionality, which helps expedite the development process. As libraries evolve, they …
functionality, which helps expedite the development process. As libraries evolve, they …
Demystifying dependency bugs in deep learning stack
Deep learning (DL) applications, built upon a heterogeneous and complex DL stack (eg,
Nvidia GPU, Linux, CUDA driver, Python runtime, and TensorFlow), are subject to software …
Nvidia GPU, Linux, CUDA driver, Python runtime, and TensorFlow), are subject to software …
Knowledge-based environment dependency inference for Python programs
Besides third-party packages, the Python interpreter and system libraries are also critical
dependencies of a Python program. In our empirical study, 34% programs are only …
dependencies of a Python program. In our empirical study, 34% programs are only …
Automatic specialization of third-party java dependencies
Large-scale code reuse significantly reduces both development costs and time. However,
the massive share of third-party code in software projects poses new challenges, especially …
the massive share of third-party code in software projects poses new challenges, especially …
Client-specific upgrade compatibility checking via knowledge-guided discovery
Modern software systems are complex, and they heavily rely on external libraries developed
by different teams and organizations. Such systems suffer from higher instability due to …
by different teams and organizations. Such systems suffer from higher instability due to …