JavaScript is widely used for writing client-side web applications and is getting increasingly
popular for writing mobile applications. However, unlike C, C++, and Java, there are not that …

JavaScript is dynamically typed and hence lacks the type safety of statically typed
languages, leading to suboptimal IDE support, difficult to understand APIs, and unexpected …

Call graphs play an important role in different contexts, such as profiling and vulnerability
propagation analysis. Generating call graphs in an efficient manner can be a challenging …

JavaScript has been a de facto standard language for client-side web programs, and now it
is expanding its territory to general purpose programs. In this article, we classify the client …

Most of the code in typical Node. js applications comes from third-party libraries that consist
of a large number of interdependent modules. Because of the dynamic features of …

Mini-programs, which are programs running inside mobile super apps such as WeChat,
often have access to privacy-sensitive information, such as location data and phone …

JavaScript is used everywhere from the browser to the server, including desktops and
mobile devices. However, the current state of the art in JavaScript static analysis lags far …

Static analysis for JavaScript can potentially help programmers find errors early during
development. Although much progress has been made on analysis techniques, a major …

JavaScript has become the most popular language used by developers for client and server
side programming. The language, however, still lacks proper support in the form of warnings …

Taint-style vulnerabilities, such as OS command injection and path traversal, are common
and severe software weaknesses. There exists an inherent trade-off between analysis …