More Like this

1. Open Data and Open Source GIS

   https://doi.org/10.1016/B978-0-12-409548-9.09592-0  

   Ye, Xinyue (January 2018, Comprehensive Geographic Information Systems)
2. TritonRoute: The Open Source Detailed Router

   https://doi.org/10.1109/TCAD.2020.3003234  

   Kahng, Andrew B.; Wang, Lutong; Xu, Bangqi (January 2020, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems)
3. Open Source Vulnerability Notification

   https://doi.org/10.1007/978-3-030-20883-7_2  

   Carlson, Brandon; Leach, Kevin; Marinov, Darko; Nagappan, Meiyappan; Prakash, Atul (May 2019, Bordeleau F., Sillitti A., Meirelles P., Lenarduzzi V. (eds) Open Source Systems. OSS 2019. IFIP Advances in Information and Communication Technology)

   The use of third-party libraries to manage software complexity can expose open source software projects to vulnerabilities. However, project owners do not currently have a standard way to enable private disclosure of potential security vulnerabilities. This neglect may be caused in part by having no template to follow for disclosing such vulnerabilities. We analyzed 600 GitHub projects to determine how many projects contained a vulnerable dependency and whether the projects had a process in place to privately communicate security issues. We found that 385 out of 600 open source Java projects contained at least one vulnerable dependency, and only 13 of those 385 projects had a security vulnerability reporting process. That is, 96.6% of the projects with a vulnerability did not have a security notification process in place to allow for private disclosure. In determining whether the projects even had contact information publicly available, we found that 19.8% had no contact information publicly available, let alone a security vulnerability reporting process. We suggest two methods to allow for community members to privately disclose potential security vulnerabilities. 

   more » « less
4. Building the Collaboration Graph of Open-Source Software Ecosystem

   https://doi.org/10.1109/MSR52588.2021.00086  

   Lyulina, Elena; Jahanshahi, Mahmoud (May 2021, 2021 IEEE/ACM 18th International Conference on Mining Software Repositories (MSR))

   null (Ed.)

   The Open-Source Software community has become the center of attention for many researchers, who are investigating various aspects of collaboration in this extremely large ecosystem. Due to its size, it is difficult to grasp whether or not it has structure, and if so, what it may be. Our hackathon project aims to facilitate the understanding of the developer collaboration structure and relationships among projects based on the bi-graph of what projects developers contribute to by providing an interactive collaboration graph of this ecosystem, using the data obtained from World of Code [1] infrastructure. Our attempts to visualize the entirety of projects and developers were stymied by the inability of the layout and visualization tools to process the exceedingly large scale of the full graph. We used WoC to filter the nodes (developers and projects) and edges (developer contributions to a project) to reduce the scale of the graph that made it amenable to an interactive visualization and published the resulting visualizations. We plan to apply hierarchical approaches to be able to incorporate the entire data in the interactive visualizations and also to evaluate the utility of such visualizations for several tasks. 

   more » « less
5. Towards Open-Source Maps Metadata

   https://doi.org/10.1145/3589132.3625576  

   Mostafa, Areeg; Mokbel, Mohamed (November 2023, ACM SIGSPATIAL 2023)