The popularity of JavaScript has lead to a large ecosystem of third-party packages available
via the npm software package registry. The open nature of npm has boosted its growth …

Third-party libraries with rich functionalities facilitate the fast development of JavaScript
software, leading to the explosive growth of the NPM ecosystem. However, it also brings …

Nearly every popular programming language comes with one or more package managers.
The software packages distributed by such package managers form large software …

Several large scale studies on the Maven, NPM, and Android ecosystems point out that
many developers do not often update their vulnerable software libraries thus exposing the …

Call graphs play an important role in different contexts, such as profiling and vulnerability
propagation analysis. Generating call graphs in an efficient manner can be a challenging …

Enabled by a rich ecosystem of Machine Learning (ML) libraries, programming using
learned models, ie, Software-2.0, has gained substantial adoption. However, we do not …

Open source software projects often rely on package management systems that help
projects discover, incorporate, and maintain dependencies on other packages, maintained …

Most of the code in typical Node. js applications comes from third-party libraries that consist
of a large number of interdependent modules. Because of the dynamic features of …

The increasing interest in open source software has led to the emergence of large language-
specific package distributions of reusable software libraries, such as npm and RubyGems …

Open source components are ubiquitous in companies' setups, processes, and software.
Utilizing these external components as building blocks enables companies to leverage the …