GitHub Actions was introduced in 2019 and constitutes an integrated alternative to CI/CD
services for GitHub repositories. The deep integration with GitHub allows repositories to …

The increasing interest in open source software has led to the emergence of large language-
specific package distributions of reusable software libraries, such as npm and RubyGems …

GitHub Actions was introduced as a way to automate CI/CD workflows in GitHub, the largest
social coding platform. Thanks to its deep integration into GitHub, GitHub Actions can be …

While open-source software has enabled significant levels of reuse to speed up software
development, it has also given rise to the dreadful dependency hell that all software …

Tools that alert developers about library vulnerabilities depend on accurate, up-to-date
vulnerability databases which are maintained by security researchers. These databases …

Vulnerabilities are known reported security threats that affect a large amount of packages in
the npm ecosystem. To mitigate these security threats, the open-source community strongly …

In Mobile Edge Computing (MEC), Internet of Things (IoT) devices offload computationally-
intensive tasks to edge nodes, where they are executed within containers, reducing the …

Open source software ecosystems consist of thousands of interdependent libraries, which
users can combine to great effect. Recent work has pointed out two kinds of risks in these …

Software ecosystems (eg, npm, PyPI) are the backbone of modern software developments.
Developers add new packages to ecosystems every day to solve new problems or provide …

As our lives, our businesses, and indeed our world economy become increasingly reliant on
the secure operation of many interconnected software systems, the software engineering …