3,338 research outputs found

    Recommending frequently encountered bugs

    Get PDF

    An Empirical Study of Security Issues Posted in Open Source Projects

    Get PDF
    When developers gain thorough understanding and knowledge of software security, they can produce more secure software. This study aims at empirically identifying and understanding the security issues posted on a random sample of GitHub repositories. We tried to understand the presence of security issues and their key themes and topics. We applied a mixed-methods approach, combining topic modeling techniques and qualitative analysis. Our findings have revealed that a) the rate of security-related issues was rather small (approx. 3% of all issues), b) the majority of the security issues were related to identity management and cryptography topics. We present 7 high-level themes of problems that developers face in implementing security features

    User Review-Based Change File Localization for Mobile Applications

    Get PDF
    In the current mobile app development, novel and emerging DevOps practices (e.g., Continuous Delivery, Integration, and user feedback analysis) and tools are becoming more widespread. For instance, the integration of user feedback (provided in the form of user reviews) in the software release cycle represents a valuable asset for the maintenance and evolution of mobile apps. To fully make use of these assets, it is highly desirable for developers to establish semantic links between the user reviews and the software artefacts to be changed (e.g., source code and documentation), and thus to localize the potential files to change for addressing the user feedback. In this paper, we propose RISING (Review Integration via claSsification, clusterIng, and linkiNG), an automated approach to support the continuous integration of user feedback via classification, clustering, and linking of user reviews. RISING leverages domain-specific constraint information and semi-supervised learning to group user reviews into multiple fine-grained clusters concerning similar users' requests. Then, by combining the textual information from both commit messages and source code, it automatically localizes potential change files to accommodate the users' requests. Our empirical studies demonstrate that the proposed approach outperforms the state-of-the-art baseline work in terms of clustering and localization accuracy, and thus produces more reliable results.Comment: 15 pages, 3 figures, 8 table

    SocioEconomicMag Meets a Platform for SES-Diverse College Students: A Case Study

    Full text link
    Emerging research shows that individual differences in how people use technology sometimes cluster by socioeconomic status (SES) and that when technology is not socioeconomically inclusive, low-SES individuals may abandon it. To understand how to improve technology's SES-inclusivity, we present a multi-phase case study on SocioEconomicMag (SESMag), an emerging inspection method for socio+economic inclusivity. In our 16-month case study, a software team developing a learning management platform used SESMag to evaluate and then to improve their platform's SES-inclusivity. The results showed that (1) the practitioners identified SES-inclusivity bugs in 76% of the features they evaluated; (2) these inclusivity bugs actually arise among low-SES college students; and (3) the SESMag process pointed ways towards fixing these bugs. Finally, (4) a user study with SES-diverse college students showed that the platform's SES-inclusivity eradicated 45-54% of the bugs; for some types of bugs, the bug instance eradication rate was 80% or higher.Comment: 26 pages, 7 figure
    corecore