Stateful protocols, such as FTP, SIP, and RTSP, play a significant role in computer systems. However, their implementation is prone to security vulnerabilities, which have drawn attention from both industry and academia. Various fuzzing techniques,...

Software clustering is often used as a remodularization and architecture recovery technique to help developers simplify software maintenance tasks and ease the burden of software comprehension. While the choice of clustering technique can significantly ...

A long continuous integration (CI) build forces developers to wait for CI feedback before starting subsequent development activities, leading to time wasted. In addition to a variety of build scheduling and test selection heuristics studied in the ...

Debugging is an important task to identify the defects in the software. Especially, logging is an important feature of a software system to record runtime information. Detailed logging allows developers to collect run-time information when they ...

• Effectiveness evaluation of near-omniscient debugging with 831 actual bugs.
• Keeping the majority of infected states.
• Predictable trace size from the number of methods.
• Reducing execution time significantly when all tests are ...

Code Smell Severity Prioritization (CSSP) is crucial in helping software developers minimize software maintenance costs and enhance software quality, particularly when faced with limited refactoring resources. Traditional code smell ...

In recent years, the importance of smart contract security has been heightened by the increasing number of attacks against them. To address this issue, a multitude of static application security testing (SAST) tools have been proposed for detecting ...

• Software organizations follow unique paths to Continuous Software Engineering (CSE).
• The CSE infrastructure is not stable but continuously evolves.
• Infrastructure and infrastructuring helps understand and address CSE dynamics.
• ...

– There is increasing interest in Continuous Software Engineering (CSE) among practitioners and researchers. CSE addresses the need to increase flexibility and short release cycles, especially when augmenting software as a ...

The Software Engineering (SE) community has been embracing the open science policy and encouraging researchers to disclose artifacts in their publications. However, the status and trends of artifact practice and quality remain unclear, lacking ...

• An empirical study on artifacts for software engineering publications.
• Uncover the status of 1,487 artifacts across 2,196 top-tier SE publications.
• Provide practical suggestions to different stakeholders based on findings.
• Open-...

The COVID-19 pandemic has drastically changed daily life and required fast responses to new situations, such as restricted public life. A major means to limit infections have been contact-tracing apps that inform an individual about a potential ...

• We report a case study on the development of the German COVID-19 contact-tracing app.
• We describe how the pandemic and public interest impacted the app’s development.
• We elicit insights on good practices the developers employed to ...

Just-in-time software defect prediction (JIT-SDP) is a fine-grained, easy-to-trace, and practical method. Unfortunately, JIT-SDP usually suffers from the class imbalance problem, which affects the performance of the models. Data sampling is one of ...${}_{\mathit{}}$

Release notes (RNs) refer to the technical documentation that offers users, developers, and other stakeholders comprehensive information about the changes and updates of a new software version. Producing high-quality RNs can be challenging, and it ...

Background: Software Vulnerability (SV) prediction in emerging languages is increasingly important to ensure software security in modern systems. However, these languages usually have limited SV data for developing high-performing prediction models. Aims:...

GitHub’s dependency graph shows dependency relationships between repositories. This feature is leveraged by tools such as Dependabot, or GitHub’s feature to export SBOM (Software Bill of Materials) files. Also, it has been used in empirical studies. ...

Machine Learning (ML) is increasingly being adopted in different industries. Deep Reinforcement Learning (DRL) is a subdomain of ML used to produce intelligent agents. Despite recent developments in DRL technology, the main challenges that ...$\mathrm{}$

Despite its massive popularity as a programming language, especially in novel domains like data science programs, there is comparatively little research about fault localization that targets Python. Even though it is plausible that several ...

Readiness for the adoption of Automated Software Engineering (ASE) tools and techniques can vary according to the size and maturity of software companies. ASE tools and techniques have been adopted by large or ultra-large software companies. ...

Code review is widely known as one of the best practices for software quality assurance in software development. In a typical code review process, reviewers check the code committed by developers to ensure the quality of the code, during which ...

In issue tracking systems, each bug is assigned a priority level (e.g., Blocker, Critical, Major, Minor, or Trivial in JIRA from highest to lowest), which indicates the urgency level of the bug. In this sense, understanding bug priority changes ...

• An empirical study to explore the phenomenon of bug priority changes.
• Priority changes mostly occur before the bug begins to be processed.
• Twenty-four patterns of bug priority changes are identified.
• Relatively complex bugs are ...

Almost no modern software system is written from scratch, and developers are required to effectively learn to use third-party libraries and software services. Thus, many practitioners and researchers have looked for ways to create effective documentation ...

People are increasingly able to receive customized options. Despite this abundance of options, people may not view products as customized to their wants and needs. Across five experiments, we provide evidence for a possible solution. We find evidence for ...