Information and Software Technology最新文献

{"title":"Accessibility of low-code approaches: A systematic literature review","authors":"Hourieh Khalajzadeh ,&nbsp;John Grundy","doi":"10.1016/j.infsof.2024.107570","DOIUrl":"10.1016/j.infsof.2024.107570","url":null,"abstract":"<div><h3>Context:</h3><p>Model-driven approaches are increasingly used in different domains, such as education, finance and app development, in order to involve non-developers in the software development process. Such tools are hugely dependent on visual elements and thus might not be accessible for users with specific challenges, <em>e.g.</em>, visual impairments.</p></div><div><h3>Objectives:</h3><p>To locate and analyse existing literature on the accessibility of low-code approaches, their strengths and weaknesses and key directions for future research.</p></div><div><h3>Methods:</h3><p>We carried out a systematic literature review and searched through five leading databases for primary studies. We used both quantitative and qualitative methods for data synthesis.</p></div><div><h3>Results:</h3><p>After reviewing and filtering 918 located studies, and conducting both backward and forward snowballing, we identified 38 primary studies that were included in our analysis. We found most papers focusing on accessibility of visual languages and block-based programming.</p></div><div><h3>Conclusion:</h3><p>Limited work has been done on improving low code programming environment accessibility. The findings of this systematic literature review will assist researchers and developers in understanding the accessibility issues in low-code approaches and what has been done so far to develop accessible approaches.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"177 ","pages":"Article 107570"},"PeriodicalIF":3.8,"publicationDate":"2024-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0950584924001757/pdfft?md5=0f1075cef5d4359991b8dedfbe12585f&pid=1-s2.0-S0950584924001757-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142168286","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Software solutions for newcomers’ onboarding in software projects: A systematic literature review","authors":"Italo Santos ,&nbsp;Katia Romero Felizardo ,&nbsp;Igor Steinmacher ,&nbsp;Marco A. Gerosa","doi":"10.1016/j.infsof.2024.107568","DOIUrl":"10.1016/j.infsof.2024.107568","url":null,"abstract":"<div><h3>Context:</h3><p>Newcomers joining an unfamiliar software project face numerous barriers; therefore, effective onboarding is essential to help them engage with the team and develop the behaviors, attitudes, and skills needed to excel in their roles. However, onboarding can be a lengthy, costly, and error-prone process. Software solutions can help mitigate these barriers and streamline the process without overloading senior members.</p></div><div><h3>Objective:</h3><p>This study aims to identify the state-of-the-art software solutions for onboarding newcomers.</p></div><div><h3>Methods:</h3><p>We conducted a systematic literature review (SLR) to answer six research questions.</p></div><div><h3>Results:</h3><p>We analyzed 32 studies about software solutions for onboarding newcomers and yielded several key findings: (1) a range of strategies exists, with recommendation systems being the most prevalent; (2) most solutions are web-based; (3) solutions target a variety of onboarding aspects, with a focus on process; (4) many onboarding barriers remain unaddressed by existing solutions; (5) laboratory experiments are the most commonly used method for evaluating these solutions; and (6) diversity and inclusion aspects primarily address experience level.</p></div><div><h3>Conclusion:</h3><p>We shed light on current technological support and identify research opportunities to develop more inclusive software solutions for onboarding. These insights may also guide practitioners in refining existing platforms and onboarding programs to promote smoother integration of newcomers into software projects.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"177 ","pages":"Article 107568"},"PeriodicalIF":3.8,"publicationDate":"2024-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0950584924001733/pdfft?md5=5b1e509c801bc25d768d323c42cb734d&pid=1-s2.0-S0950584924001733-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142232414","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A systematic literature review on Agile, Cloud, and DevOps integration: Challenges, benefits","authors":"Fatiha El Aouni ,&nbsp;Karima Moumane ,&nbsp;Ali Idri ,&nbsp;Mehdi Najib ,&nbsp;Saeed Ullah Jan","doi":"10.1016/j.infsof.2024.107569","DOIUrl":"10.1016/j.infsof.2024.107569","url":null,"abstract":"<div><h3>Context:</h3><p>In today’s fast-paced digital landscape, integrating DevOps, cloud, and agile methodologies is crucial for meeting software demands. However, this integration remains under-researched.</p></div><div><h3>Objective:</h3><p>This study explores the integration of Agile, Cloud, and DevOps in today’s software development landscape. It aims to analyze the challenges and benefits associated with merging these three approaches, focusing on their impact on software testing and the role of mindset in successful implementation and identifying the most suitable Agile methodologies.</p></div><div><h3>Methods:</h3><p>This investigation utilizes a Systematic Literature Review(SLR) to enrich comprehension of this integration in current software development practices.</p></div><div><h3>Results:</h3><p>The analysis of 31 articles highlights benefits such as improved collaboration and accelerated development, despite challenges with tool proliferation. Platforms like Jenkins, GitLab, Kubernetes, and Docker show promise in addressing these complexities. Our study examines the advantages and challenges of this integration, focusing on its impact on software testing and the role of mindset in successful implementation and identifying the most suitable Agile methodologies.</p></div><div><h3>Conclusion:</h3><p>The integration of Agile, DevOps, and Cloud signifies a vital move towards collaborative, scalable, and automated methods, crucial for swift delivery, enhanced quality, and ongoing competitiveness. This unified approach is fundamental for organizational advancement and innovation in the ever-evolving software development realm. Further research should tackle challenges in merging these methods and delve into their interactions with emerging technologies to refine practices for increased efficiency.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"177 ","pages":"Article 107569"},"PeriodicalIF":3.8,"publicationDate":"2024-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0950584924001745/pdfft?md5=e228bb6a5ecf5b26efe28bc3feb2aedb&pid=1-s2.0-S0950584924001745-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142128306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Graph-based explainable vulnerability prediction","authors":"Hong Quy Nguyen ,&nbsp;Thong Hoang ,&nbsp;Hoa Khanh Dam ,&nbsp;Aditya Ghose","doi":"10.1016/j.infsof.2024.107566","DOIUrl":"10.1016/j.infsof.2024.107566","url":null,"abstract":"<div><p>Significant increases in cyberattacks worldwide have threatened the security of organizations, businesses, and individuals. Cyberattacks exploit vulnerabilities in software systems. Recent work has leveraged powerful and complex models, such as deep neural networks, to improve the predictive performance of vulnerability detection models. However, these models are often regarded as “black box” models, making it challenging for software practitioners to understand and interpret their predictions. This lack of explainability has resulted in a reluctance to adopt or deploy these vulnerability prediction models in industry applications. This paper proposes a novel approach, <strong>G</strong>enetic <strong>A</strong>lgorithm-based <strong>Vul</strong>nerability Prediction <strong>Explainer</strong>, (herein GAVulExplainer), which generates explanations for vulnerability prediction models based on graph neural networks. GAVulExplainer leverages genetic algorithms to construct a subgraph explanation that represents the crucial factor contributing to the vulnerability. Experimental results show that our proposed approach outperforms baselines in providing concrete reasons for a vulnerability prediction.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"177 ","pages":"Article 107566"},"PeriodicalIF":3.8,"publicationDate":"2024-08-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S095058492400171X/pdfft?md5=51c2432186d2a7513da1bb84a4daf260&pid=1-s2.0-S095058492400171X-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142149949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"REARRANGE: Effort estimation approach for software clustering-based remodularisation","authors":"Alvin Jian Jia Tan ,&nbsp;Chun Yong Chong ,&nbsp;Aldeida Aleti","doi":"10.1016/j.infsof.2024.107567","DOIUrl":"10.1016/j.infsof.2024.107567","url":null,"abstract":"<div><h3>Context:</h3><p>Most research in software clustering and remodularisation typically concludes by recommending the refactoring operations without further insight into the practicality of the proposed technique. Developers might be hesitant to follow through with the refactoring suggestions due to the uncertainty in the effort needed.</p></div><div><h3>Objective:</h3><p>This work aims to address this gap by introducing an effo<strong>R</strong>t <strong>E</strong>stimation <strong>A</strong>pp<strong>R</strong>oach fo<strong>R</strong> softw<strong>A</strong>re clusteri<strong>NG</strong>-based r<strong>E</strong>modularisation (REARRANGE) to close the loop in extant software clustering and remodularisation research by estimating the time required to carry out the suggested refactoring operations based on the history of the evolution of the software. By providing tangible estimates of refactoring effort in person-hours, we can inform developers of complex and time-consuming refactoring operations that will help prioritise refactoring efforts, allowing practitioners to weave in these activities during sprint planning.</p></div><div><h3>Method:</h3><p>REARRANGE builds a machine learning model to predict effort estimation based on past commit activity which extracts Software Features (lines of code, number of methods), Refactoring Features (refactoring type, source and destination) and Dependency Features (dependencies between classes). REARRANGE is then compared against sanity checks, baseline effort estimation models, and state-of-the-art software estimation models. We also attempt to cross-validate REARRANGE’s effort estimation with software developers.</p></div><div><h3>Results:</h3><p>Experimented through 25 open-source Java-based projects, the proposed approach estimated the refactoring effort of the test subjects with a Mean Absolute Error (MAE) of 5.47 person-hours against the MAE of the next-best approach of 453.31 person-hours. Based on a survey conducted among software developers, REARRANGE consistently delivers accurate estimates in 93.6% of cases.</p></div><div><h3>Conclusion:</h3><p>The lack of a direct comparison for REARRANGE highlights the need for a refactoring effort-focused estimation model that provides tangible effort estimates in person-hours for refactoring operations. Only then can developers selectively choose relevant refactoring operations while considering the available time and budget constraints, bridging the gap between software clustering research and real-world application.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"176 ","pages":"Article 107567"},"PeriodicalIF":3.8,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0950584924001721/pdfft?md5=bd53a5ee1cbc06cd207117c50478f517&pid=1-s2.0-S0950584924001721-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142096904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A3Test: Assertion-Augmented Automated Test case generation","authors":"Saranya Alagarsamy,&nbsp;Chakkrit Tantithamthavorn,&nbsp;Aldeida Aleti","doi":"10.1016/j.infsof.2024.107565","DOIUrl":"10.1016/j.infsof.2024.107565","url":null,"abstract":"<div><h3>Context:</h3><p>Test case generation is a critical yet challenging task in software development. Recently, AthenaTest – a Deep Learning (DL) approach for generating unit test cases has been proposed. However, our revisiting study reveals that AthenaTest can generate less than one-fifth of the test cases correctly, due to a lack of assertion knowledge and test signature verification.</p></div><div><h3>Objective:</h3><p>This paper introduces A3Test, a novel DL-based approach to the generation of test cases, enhanced with assertion knowledge and a mechanism to verify consistency of the name and signatures of the tests. A3Test aims to adapt domain knowledge from assertion generation to test case generation.</p></div><div><h3>Method:</h3><p>A3Test employs domain adaptation principles and introduces a verification approach to name consistency and test signatures. We evaluate its effectiveness using 5,278 focal methods from the Defects4j dataset.</p></div><div><h3>Results:</h3><p>Our findings indicate that A3Test outperforms AthenaTest and ChatUniTest. A3Test generates 2.16% to 395.43% more correct test cases, achieves 2.17% to 34.29% higher method coverage, and 25.64% higher line coverage. A3Test achieves 2.13% to 12.20% higher branch coverage, 2.22% to 12.20% higher mutation scores, and 2.44% to 55.56% more correct assertions compared to both ChatUniTest and AthenaTest respectively for one iteration. When generating multiple test cases per method A3Test still shows improvements and comparable efficacy to ChatUnitTest. A survey of developers reveals that the majority of the participants 70.51% agree that test cases generated by A3Test are more readable than those generated by EvoSuite.</p></div><div><h3>Conclusions:</h3><p>A3Test significantly enhances test case generation through its incorporation of assertion knowledge and test signature verification, contributing to the generation of correct test cases.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"176 ","pages":"Article 107565"},"PeriodicalIF":3.8,"publicationDate":"2024-08-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0950584924001708/pdfft?md5=76cf4413a9abbc636fe62d1466a54e41&pid=1-s2.0-S0950584924001708-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142096905","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Sustainable systematic literature reviews","authors":"Vinicius dos Santos ,&nbsp;Anderson Y. Iwazaki ,&nbsp;Katia R. Felizardo ,&nbsp;Érica F. de Souza ,&nbsp;Elisa Y. Nakagawa","doi":"10.1016/j.infsof.2024.107551","DOIUrl":"10.1016/j.infsof.2024.107551","url":null,"abstract":"<div><h3>Context:</h3><p>Systematic Literature Reviews (SLR) have been recognized as an important research method for summarizing evidence in Software Engineering (SE). At the same, SLR still presents several problems, such as the high resource consumption (mainly human resources) and lack of effective impact on SE practitioners, although much research has already been done.</p></div><div><h3>Objective:</h3><p>The main goal of this paper is to explore the concept of sustainability in the SLR area, intending to contribute to understanding better and solving such problems in an integrated way. More specifically, this paper characterizes what sustainable SLR are, their core characteristics, critical factors (i.e., sensitive points in the SLR process), and guidelines for conducting such SLR.</p></div><div><h3>Methods:</h3><p>We performed a meta-ethnographic study to find key concepts of sustainable software systems and transpose them to sustainable SLR. For this, we systematically selected 16 studies about sustainable software systems and 14 distinguished studies about SLR. Following, we extracted the main keywords and metaphors, determined how both areas are correlated, and transposed them to obtain a set of core characteristics of sustainable SLR as well as critical factors and guidelines. Additionally, we validated them with specialists using the Delphi method.</p></div><div><h3>Results:</h3><p>We found 15 core characteristics that offer a broad view of sustainable SLR, 15 critical factors in the SLR process that should be carefully addressed when conducting and updating SLR, and also 16 guidelines to manage SLR from the sustainability perspective.</p></div><div><h3>Conclusion:</h3><p>The concept of sustainability in SLR can contribute to solving SLR problems in a more integrated way, while this work could change the mindset of the SLR community about the need to conduct sustainable SLR.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"176 ","pages":"Article 107551"},"PeriodicalIF":3.8,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142117637","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing logic-based testing with EvoDomain: A search-based domain-oriented test suite generation approach","authors":"Akram Kalaee,&nbsp;Saeed Parsa,&nbsp;Zahra Mansouri","doi":"10.1016/j.infsof.2024.107564","DOIUrl":"10.1016/j.infsof.2024.107564","url":null,"abstract":"<div><h3>Context</h3><p>Effective software testing requires test adequacy criteria. MC/DC, a widely used logic-based testing criterion, struggles to detect domain errors caused by incorrect arithmetic operations. Domain errors occur when test requirement boundaries shift or tilt, causing unpredictable behavior and system crashes.</p></div><div><h3>Objective</h3><p>To address the inadequacy of MC/DC in detecting domain errors, we present EvoDomain, a search-based testing technique.</p></div><div><h3>Method</h3><p>EvoDomain uses a memetic algorithm combining genetic and hill-climbing algorithms, along with the DBSCAN clustering algorithm to select diversified boundary test data. The memetic algorithm is designed to efficiently enhance the search process for covering boundary test data. We compared EvoDomain with two logic-based testing approaches, a domain-oriented test suite generation approach, and random testing.</p></div><div><h3>Results</h3><p>Evaluations on 30 case studies show EvoDomain increases fault detection by 74.44% over MC/DC and 65.06% over RoRG. Additionally, EvoDomain improves support for different fault types by up to 68.89% for MC/DC and 66.33% for RoRG. Compared to COSMOS, which uses static analysis, EvoDomain improves the convergence effectiveness of identifying feasible subdomains by 32%. It offers high accuracy (0.99-1) and F1-score (0.99-1). EvoDomain finds the subdomains in less than 1/3 the time of Random search.</p></div><div><h3>Conclusion</h3><p>EvoDomain effectively generates domain-oriented test suites, enhancing the accuracy and effectiveness of fault detection.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"177 ","pages":"Article 107564"},"PeriodicalIF":3.8,"publicationDate":"2024-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0950584924001691/pdfft?md5=07f3cb29ae612025010607deae6b1c2b&pid=1-s2.0-S0950584924001691-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142128298","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Perceived impact of agile principles: Insights from a survey-based study on agile software development project success","authors":"Yulianus Palopak,&nbsp;Sun-Jen Huang","doi":"10.1016/j.infsof.2024.107552","DOIUrl":"10.1016/j.infsof.2024.107552","url":null,"abstract":"<div><h3>Context</h3><p>Agile methodology has emerged as a fundamental framework guiding software development projects, emphasizing values and principles for achieving successful project outcomes. Despite the widespread recognition of the importance of agile principles, there remains a gap in empirical research investigating their actual impact on agile project success.</p></div><div><h3>Objective</h3><p>This research aims to examine the relationship between agile principles and project outcomes and provide empirical evidence supporting the importance of agile principles in achieving success in agile software development (ASD) projects.</p></div><div><h3>Method</h3><p>A total of 298 Agile project practitioners participated in an online survey between August and September 2023 to test this study's research model using the partial least square structural equation modeling (PLS-SEM) method.</p></div><div><h3>Results</h3><p>We find a significant relationship between adopting agile principles and project success, with regular delivery, technical excellence, team member proactivity, and customer collaboration showing the highest impact on Agile project success. However, process simplicity was found not to be significant in the study.</p></div><div><h3>Conclusions</h3><p>Our analysis verifies the importance of Agile principles and suggests areas for further study to successfully understand their impact on Agile projects. The findings contribute to the ongoing discourse on agile principles and their impact on software development project success, opening avenues for future research and the refinement of agile methodologies. These insights could assist organizations in optimizing Agile practices and decision-making, leading to more successful and efficient software development projects.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"176 ","pages":"Article 107552"},"PeriodicalIF":3.8,"publicationDate":"2024-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142096910","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A socio-technical perspective on software vulnerabilities: A causal analysis","authors":"Carlos Paradis ,&nbsp;Rick Kazman ,&nbsp;Mike Konrad","doi":"10.1016/j.infsof.2024.107553","DOIUrl":"10.1016/j.infsof.2024.107553","url":null,"abstract":"<div><h3>Context:</h3><p>Software development organizations are composed of people working together towards a common goal. These people are connected in networks. The effectiveness of these networks seems like it would be an essential consideration for the effectiveness of the organization as a whole, but does network effectiveness actually matter?</p></div><div><h3>Objective:</h3><p>In this paper, we seek to understand whether causal relationships exist between the maintenance effort spent on files implicated in software vulnerabilities and suboptimal social behaviors – social smells – within that project’s developer community.</p></div><div><h3>Methods:</h3><p>To gain insight into this question, we chose to study OpenSSL and over 100 of its published vulnerabilities. We performed a socio-technical analysis on OpenSSL to understand whether social smells could be causally linked to the effort to maintain files implicated in vulnerabilities.</p></div><div><h3>Results:</h3><p>Our results indicate that this is the case: Social smells are, in fact, causally linked to the maintenance effort surrounding files implicated in software vulnerabilities.</p></div><div><h3>Conclusion:</h3><p>This result has significant implications for the management of software projects. These insights may motivate and help to guide project managers and architects to also focus on team communications, and not merely on technical quality measures such as bug rates or feature velocity. Social interactions among a project’s team members matter, and smells can be measured and monitored.</p></div>","PeriodicalId":54983,"journal":{"name":"Information and Software Technology","volume":"176 ","pages":"Article 107553"},"PeriodicalIF":3.8,"publicationDate":"2024-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142088251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}