Owhadi, Houman. Computational Information Games. California Institute of Technology Pasadena United States, 2019. (www / PDF)
Strečanský, Peter. "Dealing with Software Development Technical Debt.", Master Thesis. Masaryk University, 2019. (PDF)
2020 papers
Allamanis, Miltiadis, Earl T. Barr, Soline Ducousso, and Zheng Gao. "Typilus: Neural type hints." In Proceedings of the 41st acm sigplan conference on programming language design and implementation, pp. 91-105. 2020. (www / PDF)
Vu, Duc Ly, Ivan Pashchenko, Fabio Massacci, Henrik Plate, and Antonino Sabetta. "Towards using source code repositories to identify software supply chain attacks." In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 2093-2095. 2020. (www / PDF)
Successful funding proposal
Caswell, Thomas A. "Revamping Matplotlib for Modern Data Structures." 2020 NASA ROSES E7 solicitation (PDF)
2021 papers
Allamanis, Miltiadis, Henry Jackson-Flux, and Marc Brockschmidt. "Self-Supervised Bug Detection and Repair." Advances in Neural Information Processing Systems 34 (2021).
(www / PDF)
Dejmal, David, and Kamil Malinka. "Server pro správu klíčů v prostředí vSphere 7.0." (PDF)
Han, Xueyuan, Xiao Yu, Thomas Pasquier, Ding Li, Junghwan Rhee, James Mickens, Margo Seltzer, and Haifeng Chen. "{SIGL}: Securing Software Installations Through Deep Graph Learning." In 30th USENIX Security Symposium (USENIX Security 21), pp. 2345-2362. 2021. (www / PDF)
Slater, Ignacio, and Alexandre Bergel. "Beacon: Automated Test Generation for Stack-Trace Reproduction using Genetic Algorithms." (www / PDF)
Taskaya, Batuhan. "Reiz: Structural Source Code Search." Journal of Open Source Software 6, no. 62 (2021): 3296. (www / PDF)
Vu, Duc-Ly. "py2src: Towards the Automatic (and Reliable) Identification of Sources for PyPI Package." In 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 1394-1396. IEEE, 2021. (www / PDF)
Vu, Duc-Ly, Fabio Massacci, Ivan Pashchenko, Henrik Plate, and Antonino Sabetta. "Lastpymile: identifying the discrepancy between sources and packages." In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 780-792. 2021. (www / PDF)
2022 papers
Duc, Ly Vu. "Towards Understanding and Securing the OSS Supply Chain." PhD diss., University of Trento, Italy, 2022. (PDF)
Duc, Ly Vu, Zachary Newman, and John Speed Meyers. "Bad Snakes: Understanding and Improving Python Package Index Malware Scanning." Proc. International Conference on Software Engineering (ICSE) (2022) (www / PDF)
Duc, Ly Vu, Zachary Newman, and John Speed Meyers. "A Benchmark Comparison of Python Malware Detection Approaches." arXiv preprint arXiv:2209.13288 (2022). (www / PDF)
Han, Xueyuan. "Detecting System Anomalies Using Kernel-level Data Provenance." PhD diss., 2022. (www, PDF)
Imtiaz, Nasif, and Laurie Williams. "Are your dependencies code reviewed?: Measuring code review coverage in dependency updates." arXiv preprint arXiv:2206.09422 (2022). (www / PDF)
Miah, Md Saef Ullah, Junaida Sulaiman, Talha Bin Sarwar, Ateeqa Naseer, Fasiha Ashraf, Kamal Zuhairi Zamli, and Rajan Jose. "Sentence Boundary Extraction from Scientific Literature of Electric Double Layer Capacitor Domain: Tools and Techniques." Applied Sciences 12, no. 3 (2022): 1352. (www / PDF)
Wei, Moshi, Yuchao Huang, Junjie Wang, Jiho Shin, Nima Shiri Harzevili, and Song Wang. "API recommendation for machine learning libraries: how far are we?." In Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 370-381. 2022. (www / PDF)
Zhang, Qiang, Lei Xu, and Baowen Xu. "RegCPython: A Register-based Python Interpreter for Better Performance." ACM Transactions on Architecture and Code Optimization 20, no. 1 (2022): 1-25. (www / PDF)
2023 papers
Admiraal, C. P. "Calculating the modernity of popular python projects." Bachelor's thesis, University of Twente, 2023. (www / PDF)
Vojnović, Jana. "Mitigating Supply Chain Attacks through Detection of High-Risk Software Dependencies." Master's thesis, Radboud University, 2023. (www / PDF)
W. Xu, H. He, K. Gao and M. Zhou, "Understanding and Remediating Open-Source License Incompatibilities in the PyPI Ecosystem," in 2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE), Luxembourg, Luxembourg, 2023 pp. 178-190. doi: 10.1109/ASE56229.2023.00175 (www / arXiv www / arXiv PDF)
N. Imtiaz and L. Williams, "Are Your Dependencies Code Reviewed?: Measuring Code Review Coverage in Dependency Updates," in IEEE Transactions on Software Engineering, vol. 49, no. 11, pp. 4932-4945, Nov. 2023, doi: 10.1109/TSE.2023.3319509. (www / arXiv www / arXiv PDF)
Carlos E Jimenez, John Yang, Alexander Wettig, Shunyu Yao, Kexin Pei, Ofir Press, Karthik R Narasimhan, "SWE-bench: Can Language Models Resolve Real-world Github Issues?", (www / PDF)
Shakoori Gustafsson, David. "Ensuring the Security of PyPI Packages", Master Thesis. University of Gothenberg, 2023. (www / PDF)
2024 papers
Ranindya Paramitha, Yuan Feng, Fabio Massacci, Carlos E. Budde. "Cross-ecosystem categorization: A manual-curation protocol for the categorization of Java Maven libraries along Python PyPI Topics", Submitted to the journal Information and Software Technology (arXiv www / arXiv PDF)
Articles
John Speed Meyers, Zachary Newman, Ly D. Vu. "Taming Bad Python Packages: Assessing Python Malware Detectors with a Benchmark Dataset." Chainguard, Inc. blog (23 Aug 2022). (www)
Things citing this project.
2019 papers
Owhadi, Houman. Computational Information Games. California Institute of Technology Pasadena United States, 2019. (www / PDF)
Strečanský, Peter. "Dealing with Software Development Technical Debt.", Master Thesis. Masaryk University, 2019. (PDF)
2020 papers
Allamanis, Miltiadis, Earl T. Barr, Soline Ducousso, and Zheng Gao. "Typilus: Neural type hints." In Proceedings of the 41st acm sigplan conference on programming language design and implementation, pp. 91-105. 2020. (www / PDF)
Vu, Duc Ly, Ivan Pashchenko, Fabio Massacci, Henrik Plate, and Antonino Sabetta. "Towards using source code repositories to identify software supply chain attacks." In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 2093-2095. 2020. (www / PDF)
Successful funding proposal
2021 papers
Allamanis, Miltiadis, Henry Jackson-Flux, and Marc Brockschmidt. "Self-Supervised Bug Detection and Repair." Advances in Neural Information Processing Systems 34 (2021). (www / PDF)
Dejmal, David, and Kamil Malinka. "Server pro správu klíčů v prostředí vSphere 7.0." (PDF)
Han, Xueyuan, Xiao Yu, Thomas Pasquier, Ding Li, Junghwan Rhee, James Mickens, Margo Seltzer, and Haifeng Chen. "{SIGL}: Securing Software Installations Through Deep Graph Learning." In 30th USENIX Security Symposium (USENIX Security 21), pp. 2345-2362. 2021. (www / PDF)
Slater, Ignacio, and Alexandre Bergel. "Beacon: Automated Test Generation for Stack-Trace Reproduction using Genetic Algorithms." (www / PDF)
Taskaya, Batuhan. "Reiz: Structural Source Code Search." Journal of Open Source Software 6, no. 62 (2021): 3296. (www / PDF)
Vu, Duc-Ly. "py2src: Towards the Automatic (and Reliable) Identification of Sources for PyPI Package." In 2021 36th IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 1394-1396. IEEE, 2021. (www / PDF)
Vu, Duc-Ly, Fabio Massacci, Ivan Pashchenko, Henrik Plate, and Antonino Sabetta. "Lastpymile: identifying the discrepancy between sources and packages." In Proceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 780-792. 2021. (www / PDF)
2022 papers
Duc, Ly Vu. "Towards Understanding and Securing the OSS Supply Chain." PhD diss., University of Trento, Italy, 2022. (PDF)
Duc, Ly Vu, Zachary Newman, and John Speed Meyers. "Bad Snakes: Understanding and Improving Python Package Index Malware Scanning." Proc. International Conference on Software Engineering (ICSE) (2022) (www / PDF)
Duc, Ly Vu, Zachary Newman, and John Speed Meyers. "A Benchmark Comparison of Python Malware Detection Approaches." arXiv preprint arXiv:2209.13288 (2022). (www / PDF)
Han, Xueyuan. "Detecting System Anomalies Using Kernel-level Data Provenance." PhD diss., 2022. (www, PDF)
Imtiaz, Nasif, and Laurie Williams. "Are your dependencies code reviewed?: Measuring code review coverage in dependency updates." arXiv preprint arXiv:2206.09422 (2022). (www / PDF)
Miah, Md Saef Ullah, Junaida Sulaiman, Talha Bin Sarwar, Ateeqa Naseer, Fasiha Ashraf, Kamal Zuhairi Zamli, and Rajan Jose. "Sentence Boundary Extraction from Scientific Literature of Electric Double Layer Capacitor Domain: Tools and Techniques." Applied Sciences 12, no. 3 (2022): 1352. (www / PDF)
Wei, Moshi, Yuchao Huang, Junjie Wang, Jiho Shin, Nima Shiri Harzevili, and Song Wang. "API recommendation for machine learning libraries: how far are we?." In Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 370-381. 2022. (www / PDF)
Zhang, Qiang, Lei Xu, and Baowen Xu. "RegCPython: A Register-based Python Interpreter for Better Performance." ACM Transactions on Architecture and Code Optimization 20, no. 1 (2022): 1-25. (www / PDF)
2023 papers
Admiraal, C. P. "Calculating the modernity of popular python projects." Bachelor's thesis, University of Twente, 2023. (www / PDF)
Vojnović, Jana. "Mitigating Supply Chain Attacks through Detection of High-Risk Software Dependencies." Master's thesis, Radboud University, 2023. (www / PDF)
W. Xu, H. He, K. Gao and M. Zhou, "Understanding and Remediating Open-Source License Incompatibilities in the PyPI Ecosystem," in 2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE), Luxembourg, Luxembourg, 2023 pp. 178-190. doi: 10.1109/ASE56229.2023.00175 (www / arXiv www / arXiv PDF)
N. Imtiaz and L. Williams, "Are Your Dependencies Code Reviewed?: Measuring Code Review Coverage in Dependency Updates," in IEEE Transactions on Software Engineering, vol. 49, no. 11, pp. 4932-4945, Nov. 2023, doi: 10.1109/TSE.2023.3319509. (www / arXiv www / arXiv PDF)
Carlos E Jimenez, John Yang, Alexander Wettig, Shunyu Yao, Kexin Pei, Ofir Press, Karthik R Narasimhan, "SWE-bench: Can Language Models Resolve Real-world Github Issues?", (www / PDF)
Paramitha, R., Massacci, F. Technical leverage analysis in the Python ecosystem. Empir Software Eng 28, 139 (2023). https://doi.org/10.1007/s10664-023-10355-2 (www / PDF)
Shakoori Gustafsson, David. "Ensuring the Security of PyPI Packages", Master Thesis. University of Gothenberg, 2023. (www / PDF)
2024 papers
Articles
Websites
Tools