Exploring Technical Debt in Security Questions on Stack Overflow

Background: Software security is crucial to ensure that the users are protected from undesirable consequences such as malware attacks which can result in loss of data and, subsequently, financial loss. Technical Debt (TD) is a metaphor incurred by suboptimal decisions resulting in long-term consequences such as increased defects and vulnerabilities if not managed. Although previous studies have studied the relationship between security and TD, examining their intersection in developers' discussion on Stack Overflow (SO) is still unexplored. Aims: This study investigates the characteristics of security-related TD questions on SO. More specifically, we explore the prevalence of TD in security-related queries, identify the security tags most prone to TD, and investigate which user groups are more aware of TD. Method: We mined 117,233 security-related questions on SO and used a deep-learning approach to identify 45,078 security-related TD questions. Subsequently, we conducted quantitative and qualitative analyses of the collected security-related TD questions, including sentiment analysis. Results: Our analysis revealed that 38% of the security questions on SO are security-related TD questions. The most recurrent tags among the security-related TD questions emerged as "security" and "encryption." The latter typically have a neutral sentiment, are lengthier, and are posed by users with higher reputation scores. Conclusions: Our findings reveal that developers implicitly discuss TD, suggesting developers have a potential knowledge gap regarding the TD metaphor in the security domain. Moreover, we identified the most common security topics mentioned in TD-related posts, providing valuable insights for developers and researchers to assist developers in prioritizing security concerns in order to minimize TD and enhance software security.Comment: The 17th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 202

Assessing the Impact of Pull Request Reviews on Software Quality

The abstract of this item is unavailable due to an embargo

Assessing the Impact of Pull Request Reviews on Software Quality

The abstract of this item is unavailable due to an embargo

The Effect of Content Dissimilarity on Review Helpfulness

Online reviews have become a vital source of information for consumers when making purchasing decisions. Despite numerous research on online review helpfulness, the impact of content dissimilarity between product descriptions and online reviews remains largely unexplored. This research studies the effect of content dissimilarity on review helpfulness, as well as the moderating effects of product price, product description length, and review number on this relationship. The empirical analysis of a dataset consisting of 1,709,367 product reviews confirms the positive relationship between content dissimilarity and review helpfulness, and the moderating roles of product price, description length and review number. Our findings provide valuable insights for businesses and platforms seeking to improve the quality of product descriptions and online reviews by analyzing online review helpfulness from the perspective of content dissimilarity