Filters








2,077 Hits in 6.7 sec

A security perspective on code review: The case of Chromium

Marco Di Biase, Magiel Bruntink, Alberto Bacchelli
2016 Zenodo  
Within the cases we analyzed, MCR in Chromium addresses security issues at a rate of 1% of reviewers' comments.  ...  We manually analyzed large sets of registered (114 cases) and missed (71 cases) security issues by backtracking in the project's issue, review, and code histories.  ...  This project was funded by the European Union's Horizon 2020 research and innovation programme under the Marie Sklodowska-Curie grant agreement No 642954  ... 
doi:10.5281/zenodo.1685674 fatcat:pmx2utccgbb4zee5stugmpbntu

A Security Perspective on Code Review: The Case of Chromium

Marco di Biase, Magiel Bruntink, Alberto Bacchelli
2016 2016 IEEE 16th International Working Conference on Source Code Analysis and Manipulation (SCAM)  
Within the cases we analyzed, MCR in Chromium addresses security issues at a rate of 1% of reviewers' comments.  ...  We manually analyzed large sets of registered (114 cases) and missed (71 cases) security issues by backtracking in the project's issue, review, and code histories.  ...  A. Summary Our study focused on the security perspective of MCR in the Chromium project. We presented a categorization of issues that are missed and found in code reviews.  ... 
doi:10.1109/scam.2016.30 dblp:conf/scam/BiaseBB16 fatcat:ua233v53xvdolflu6ekgeslr44

A Security Perspective on Code Review: The Case of Chromium

Marco Di Biase, Magiel Bruntink, Alberto Bacchelli
2016
Within the cases we analyzed, MCR in Chromium addresses security issues at a rate of 1% of reviewers' comments.  ...  We manually analyzed large sets of registered (114 cases) and missed (71 cases) security issues by backtracking in the project's issue, review, and code histories.  ...  A. Summary Our study focused on the security perspective of MCR in the Chromium project. We presented a categorization of issues that are missed and found in code reviews.  ... 
doi:10.5167/uzh-197770 fatcat:m7sqyylr6zfdllb6umospmgqxu

Corporate Corruption of Science—The Case of Chromium(VI)

David Egilman
2006 International journal of occupational and environmental health  
In 1996 Paustenbach via ChemRisk advised the Chrome Coalition of the need to create peer-reviewed pro-industry research, including a full review of all epidemiologic research on chromium. 30, 31 Work  ...  $1.5 million for consulting on the Hinkley (Brockovich) case, and Merck Inc. paid over $75,000 to Exponent for work on chromium. 29 In mid-1990s, facing a possible OSHA decision to set a permissible  ... 
doi:10.1179/oeh.2006.12.2.169 pmid:16722197 fatcat:rwdi4vxzq5h27ly6ahsmulbecq

Modern code review

Caitlin Sadowski, Emma Söderberg, Luke Church, Michal Sipko, Alberto Bacchelli
2018 Proceedings of the 40th International Conference on Software Engineering Software Engineering in Practice - ICSE-SEIP '18  
Employing lightweight, tool-based code review of code changes (aka modern code review) has become the norm for a wide variety of open-source and industrial systems.  ...  By means of 12 interviews, a survey with 44 respondents, and the analysis of review logs for 9 million reviewed changes, we investigate motivations behind code review at Google, current practices, and  ...  A. Bacchelli gratefully acknowledges the support of the Swiss National Science Foundation through the SNF Project No. PP00P2_170529.  ... 
doi:10.1145/3183519.3183525 dblp:conf/icse/SadowskiSCSB18 fatcat:atjsziv7zvdabc3vjf26km5n6m

A Systematic Literature Review and Taxonomy of Modern Code Review [article]

Nicole Davila, Ingrid Nunes
2021 arXiv   pre-print
Modern Code Review (MCR) is a widely known practice of software quality assurance. However, the existing body of knowledge of MCR is currently not understood as a whole.  ...  The most common types of proposals are code reviewer recommender and support to code checking.  ...  [70] presented a case study of security aspects of Chromium, analyzing several aspects of code review data.  ... 
arXiv:2103.08777v1 fatcat:fw2pzpj77jc3dkecqsauh7kaum

Software Development Analytics in Practice: A Systematic Literature Review [article]

Joao Caldeira, Fernando Brito e Abreu, Jorge Cardoso, Rachel Simões, Toacy Oliveira, José Reis
2022 arXiv   pre-print
Objective:This systematic literature review aims at providing an aggregate view of the relevant studies on Software Development Analytics in the past decade, with an emphasis on its application in practical  ...  Results:Source code repositories, experimental case studies, and developers are the most common data sources, study types, and stakeholders, respectively.  ...  of messages related to code review.  ... 
arXiv:2007.10213v2 fatcat:v3b4v3zocncu5fux27kdqz63om

Expressions of Sentiments During Code Reviews: Male vs. Female [article]

Rajshakhar Paul and Amiangshu Bosu and Kazi Zakia Sultana
2018 arXiv   pre-print
Method: On this goal, we mined the code review repositories of six popular open source projects.  ...  Results: Our results suggest that the likelihood of using sentiment words, emoticons, and expletives during code reviews varies based on the gender of a developer, as females are significantly less likely  ...  RQ5: Does the likelihood of using swear words /expletives during code reviews depend on the gender of a developer? IV.  ... 
arXiv:1812.05560v1 fatcat:v2csicaiwrcxxnpuq633itnzzy

A Study on Practices against Malware in Free Software Projects

I. Colomina, J. Arnedo-Moreno, R. Clariso
2013 2013 27th International Conference on Advanced Information Networking and Applications Workshops  
Many popular applications are developed using a free software model, through the collaborative effort of a community which makes the source code available for free.  ...  This paper studies these procedures in the free source domain and evaluates their application in two widely-used open source projects, Symfony and Chromium.  ...  ACKNOWLEDGEMENTS The author Ignacio Colomina would like to thank to M a Soledad Ferri Sellés for her advice in English grammar and vocabulary.  ... 
doi:10.1109/waina.2013.245 dblp:conf/aina/ColominaAC13 fatcat:aoxz5nlk4zf6ff5grq342uji7i

Review of Multi-platform Mobile Application Development Using WebView: Learning Management System on Mobile Platform

Timothy Yudi Adinugroho, Reina, Josef Bernadi Gautama
2015 Procedia Computer Science  
The purpose of this study is to review the strengths and weaknesses of such combination in mobile application development specifically under android platform.  ...  The advancement of mobile technology and the internet network and their rapid adoption has enabled instant information access without relying on desktop or notebook computers.  ...  However, android 4.4 introduces a new version of WebView which is based on Chromium.  ... 
doi:10.1016/j.procs.2015.07.568 fatcat:5cp4sj5cfjgqbcgm2ukfsmbt7i

Health and Safety Hazards Associated with Subways: A Review

R. R. M. Gershon
2005 Journal of urban health  
To examine this issue more carefully, we conducted a structured review of the literature to identify and characterize potential health and safety hazards associated with subways.  ...  However, to best maximize the positive impact on the urban environment, subway systems need to provide a safe and healthy environment for both passengers and subway transit workers.  ...  METHODS A computerized search of government documents as well as the peer-reviewed literature for relevant articles addressing subway safety from either the mass transit or passenger perspective was conducted  ... 
doi:10.1093/jurban/jti004 pmid:15738339 pmcid:PMC3456630 fatcat:erjnqqtbdjfg5cfkokzcjzeale

Phd-Dissertation Reviews in Ornithology (2016–2017 Academic Year)

Francisco Valera
2018 Ardeola (Madrid)  
This section also includes a link to access the full version of the reviewed thesis when available.  ...  This is also the case for higher concentrations studied in AML12, CE 50 for lead, higher concentrations of selenium and every concentration of chromium.  ...  Based on these findings, the first step of a thermal imaging campaign in combination with moonwatching was set up in March 2015 to verify the origin of the presumed biological signals in the radar data  ... 
doi:10.13157/arla.65.1.2018.ph fatcat:juzuoky5urd43k4kzaqd6idcqu

Can Knowledge of Technical Debt Help Identify Software Vulnerabilities?

Robert L. Nord, Ipek Ozkaya, Edward J. Schwartz, Forrest Shull, Rick Kazman
2016 USENIX Security Symposium  
We present initial findings from a study of the Chromium open source project that motivates the need to examine a combination of evidence: quantitative static analysis of anomalies in code, qualitative  ...  We investigated whether the problematic design decisions themselves might be relatively easier to find, based on the concept of "technical debt," i.e., design or implementation constructs that are expedient  ...  The test case crashes a debug build, but not the production build. I have confirmed that the original source code does crash the production build, so there must be multiple things going on here."  ... 
dblp:conf/uss/NordOSSK16 fatcat:ku7ape4jbbhbfbm2apt75jivea

Do Bugs Foreshadow Vulnerabilities? A Study of the Chromium Project

Felivel Camilo, Andrew Meneely, Meiyappan Nagappan
2015 2015 IEEE/ACM 12th Working Conference on Mining Software Repositories  
In a separate analysis, we found that the files with highest defect density did not intersect with the files of highest vulnerability density.  ...  In this study, we performed an in-depth analysis of the Chromium project to empirically examine the relationship between bugs and vulnerabilities.  ...  Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.  ... 
doi:10.1109/msr.2015.32 dblp:conf/msr/CamiloMN15 fatcat:u5lqcg64qbhzhh2nqs3za4ix6q

Social responsibility and supply chain relationships

Craig R Carter, Marianne M Jennings
2002 Transportation Research Part E: Logistics and Transportation Review  
basing on standards of ethics in business.  ...  In the recent period, one could notice that more and more international companies implementing their strategies based on the concept of sustainable development are evaluating and qualifying their suppliers  ...  Socially and environmentally responsible procurement: A literature review and future research agenda of a managerial issue in the 21st century, Journal of Purchasing and Supply Management, 18 ( 4), 232  ... 
doi:10.1016/s1366-5545(01)00008-4 fatcat:7n2cugchwrc75gj2rmir5t7swa
« Previous Showing results 1 — 15 out of 2,077 results