Empirical Software Engineering, Journal Year: 2024, Volume and Issue: 30(1)
Published: Nov. 16, 2024
Language: Английский
Empirical Software Engineering, Journal Year: 2023, Volume and Issue: 28(4)
Published: May 24, 2023
Software refactoring is a behavior-preserving activity to improve the source code quality without changing its external behavior. Unfortunately, it often manual and error-prone task that may induce regressions in code. Researchers have provided initial compelling evidence of relation between defects, yet little known about how much impact software security. This paper bridges this knowledge gap by presenting large-scale empirical investigation into effects on security profile applications. We conduct three-level mining repository study establish 14 types (i) security-related metrics, (ii) technical debt, (iii) introduction vulnerabilities. The covers 39 projects total amount 7,708 commits. key results show has limited connection However, Inline Method Extract Interface statistically contribute improving some aspects connected encapsulating security-critical components. Superclass Pull Up Attribute are commonly found commits violating specific best practices for writing secure Finally, & Move tend occur more contributing conclude distilling lessons learned recommendations researchers practitioners.
Language: Английский
Citations
5
Published: Oct. 2, 2023
Refactoring is a practice commonly used by developers to restructure the source code without changing its external behavior. Over last decades, software engineering research community has been making use of mining repository techniques investigate refactoring under multiple perspectives, identifying properties and impact this on quality, other than using data coming from repositories build automated recommendation systems. While current state art proposes various tools mine data, there still lack instruments that may help researchers when test-specific data. The availability those enable additional, specialized support while test code. In paper, we introduce an approach extends REFACTORINGMINER-a well-established tool having high precision recall scores- able detect seven operations. We perform mixed-method assess capabilities usefulness approach. First, compare extracted against oracle 375 refactorings. Second, engage with 15 apply technology acceptance model how they would benefit our key results study show reaches 100% 92.5% scores, respectively. addition, considered useful suitable for tasks, including definition novel learning models recommend actions.
Language: Английский
Citations
1
IEEE Access, Journal Year: 2024, Volume and Issue: 12, P. 128570 - 128584
Published: Jan. 1, 2024
Refactoring is one of the techniques mostly employed by software developers to improve quality attributes their systems. However, little has been done investigate how refactoring operations specifically aimed at improving internal structure can impact its security. usually entails different code change including decomposition classes, methods, and reallocation elements. While this refinement aims design a system, it might inadvertently disperse security-critical elements throughout codebase. Consequently, such dispersion could contribute an increase in attack surface. To end, paper presents empirical study conducted on 30 open-source systems that were developed Python, C, Java. The scrutinized two subsequent versions each subject application uncover applied trend security vulnerabilities. Specifically, focused injection or removal bugs, smells other vulnerabilities aiming discern refactorings Data was collected using well-known tools, namely SonarQube, RefDiff, PyReff. findings suggest have multiple effects (i.e., positive, negative, neutral) smells, further confirm must be aware combination sequence without compromising
Language: Английский
Citations
0
2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER), Journal Year: 2024, Volume and Issue: unknown, P. 267 - 271
Published: March 12, 2024
Language: Английский
Citations
0
Empirical Software Engineering, Journal Year: 2024, Volume and Issue: 30(1)
Published: Nov. 16, 2024
Language: Английский
Citations
0