Zobrazeno 1 - 10
of 413
pro vyhledávání: '"MONPERRUS, MARTIN"'
Client diversity in the Ethereum blockchain refers to the use of multiple independent implementations of the Ethereum protocol. This effectively enhances network resilience by reducing reliance on any single software client implementation. With clien
Externí odkaz:
http://arxiv.org/abs/2411.18401
Smart contracts, primarily written in Solidity, are integral to blockchain software applications, yet precise analysis and maintenance are hindered by the limitations of existing differencing tools. We introduce SoliDiffy, a novel Abstract Syntax Tre
Externí odkaz:
http://arxiv.org/abs/2411.07718
Autor:
Oliveira, Delano, Santos, Reydne, de Oliveira, Benedito, Monperrus, Martin, Castor, Fernando, Madeiral, Fernanda
Publikováno v:
IEEE Transactions on Software Engineering, 2024
Motivation: Code understandability is crucial in software development, as developers spend 58% to 70% of their time reading source code. Improving it can improve productivity and reduce maintenance costs. Problem: Experimental studies often identify
Externí odkaz:
http://arxiv.org/abs/2410.21990
Using open-source dependencies is essential in modern software development. However, this practice implies significant trust in third-party code, while there is little support for developers to assess this trust. As a consequence, attacks have been i
Externí odkaz:
http://arxiv.org/abs/2410.16049
Autor:
Silva, André, Monperrus, Martin
AI-driven program repair uses AI models to repair buggy software by producing patches. Rapid advancements in AI surely impact state-of-the-art performance of program repair. Yet, grasping this progress requires frequent and standardized evaluations.
Externí odkaz:
http://arxiv.org/abs/2409.18952
One of the main challenges of N-Version Programming is development cost: it requires paying multiple teams to develop variants of the same system. To address this issue, we propose the automated generation of variants using large language models. We
Externí odkaz:
http://arxiv.org/abs/2408.09536
We introduce Java-Class-Hijack, a novel software supply chain attack that enables an attacker to inject malicious code by crafting a class that shadows a legitimate class that is in the dependency tree. We describe the attack, provide a proof-of-conc
Externí odkaz:
http://arxiv.org/abs/2407.18760
Publikováno v:
Proceedings of ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2024
In Go, the widespread adoption of open-source software has led to a flourishing ecosystem of third-party dependencies, which are often integrated into critical systems. However, the reuse of dependencies introduces significant supply chain security r
Externí odkaz:
http://arxiv.org/abs/2407.04442
Dependency updates often cause compilation errors when new dependency versions introduce changes that are incompatible with existing client code. Fixing breaking dependency updates is notoriously hard, as their root cause can be hidden deep in the de
Externí odkaz:
http://arxiv.org/abs/2407.03880
Publikováno v:
Proceedings of IEEE Conference on Source Code Analysis and Manipulation, 2024
Typically, a conventional unit test (CUT) verifies the expected behavior of the unit under test through one specific input / output pair. In contrast, a parameterized unit test (PUT) receives a set of inputs as arguments, and contains assertions that
Externí odkaz:
http://arxiv.org/abs/2407.00768