Stack Overflow in Github: Any Snippets There?

When programmers look for how to achieve certain programming tasks, Stack Overflow is a popular destination in search engine results. Over the years, Stack Overflow has accumulated an impressive knowledge base of snippets of code that are amply documented. We are interested in studying how programmers use these snippets of code in their projects. Can we find Stack Overflow snippets in real projects? When snippets are used, is this copy literal or does it suffer adaptations? And are these adaptations specializations required by the idiosyncrasies of the target artifact, or are they motivated by specific requirements of the programmer? The large-scale study presented on this paper analyzes 909k non-fork Python projects hosted on Github, which contain 290M function definitions, and 1.9M Python snippets captured in Stack Overflow. Results are presented as quantitative analysis of block-level code cloning intra and inter Stack Overflow and GitHub, and as an analysis of programming behaviors through the qualitative analysis of our findings.Comment: 14th International Conference on Mining Software Repositories, 11 page

Intangible Investment in Japan: New Estimates and Contribution to Economic Growth

The purpose of this paper is to measure intangible assets, to construct the capital stock of intangible assets, and to examine the contribution of intangible capital to economic growth in Japan. We follow the approach of Corrado, Hulten, and Sichel (2005, 2006) to measure intangible investment using the 2008 version of the Japan Industrial Productivity (JIP) Database. We find that the ratio of intangible investment to GDP in Japan has risen during the past 20 years and now stands at 11.6%, which is lower than the ratio estimated for the United States in the early 2000s. The ratio of intangible to tangible investment in Japan is also lower than equivalent values estimated for the United States. In addition, we find that, in stark contrast with the United States, where intangible capital grew rapidly in the late 1990s, the growth rate of intangible capital in Japan declined from the late 1980s to the early 2000s. In order to examine the robustness of our results, we also conducted a sensitivity analysis and found that the slowdown of the contribution of intangible capital deepening to economic growth and the recovery in Multi-Factor Productivity (MFP) growth from the second half of the 1990s observed in our base case remain unchanged even if we take on-the-job training and Japanese data with respect to investment in firm-specific resources into account.intangible investment, labor productivity, growth accounting

Untangling Fine-Grained Code Changes

After working for some time, developers commit their code changes to a version control system. When doing so, they often bundle unrelated changes (e.g., bug fix and refactoring) in a single commit, thus creating a so-called tangled commit. Sharing tangled commits is problematic because it makes review, reversion, and integration of these commits harder and historical analyses of the project less reliable. Researchers have worked at untangling existing commits, i.e., finding which part of a commit relates to which task. In this paper, we contribute to this line of work in two ways: (1) A publicly available dataset of untangled code changes, created with the help of two developers who accurately split their code changes into self contained tasks over a period of four months; (2) a novel approach, EpiceaUntangler, to help developers share untangled commits (aka. atomic commits) by using fine-grained code change information. EpiceaUntangler is based and tested on the publicly available dataset, and further evaluated by deploying it to 7 developers, who used it for 2 weeks. We recorded a median success rate of 91% and average one of 75%, in automatically creating clusters of untangled fine-grained code changes

Offshoring (a.k.a. Offshore Outsourcing) and Job Insecurity Among U.S. Workers

CRS_May_2005_Offshoring.pdf: 2514 downloads, before Oct. 1, 2020

Mining Threat Intelligence about Open-Source Projects and Libraries from Code Repository Issues and Bug Reports

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An intelligent attacker can attack a product by exploiting one of the vulnerabilities present in linked projects and libraries. In this paper, we mine threat intelligence about open source projects and libraries from bugs and issues reported on public code repositories. We also track library and project dependencies for installed software on a client machine. We represent and store this threat intelligence, along with the software dependencies in a security knowledge graph. Security analysts and developers can then query and receive alerts from the knowledge graph if any threat intelligence is found about linked libraries and projects, utilized in their products