- Baldwin, A. Details about the event-stream incident. The npm Blog (Nov. 2018); https://bit.ly/2DRjySJGoogle Scholar
- Cox, R. Go & Versioning, 2018; https://research.swtch.com/vgo.Google Scholar
- Cox, R. The principles of versioning in Go. GopherCon Singapore (May 2018); https://www.youtube.com/watch?v=F8nrpe0XWRg.Google Scholar
- Cox, R. RE2: A principled approach to regular expression matching. Google Open Source Blog (Mar. 2010); https://bit.ly/2XoLFzC.Google Scholar
- Cox, R. Regular expression matching with a trigram index or how Google Code Search worked. Swtch.com (Jan. 2012); https://swtch.com/~rsc/regexp/regexp4.html.Google Scholar
- Facebook. Infer: A tool to detect bugs in Java and C/ C++/Objective-C code before it ships; https://fbinfer.com/.Google Scholar
- GNU Project. GNU General Public License, version 1, 1989; https://www.gnu.org/licenses/old-licenses/gpl-1.0.html.Google Scholar
- Go Project. Go 1 and the future of Go programs, 2013; https://golang.org/doc/go1compat.Google Scholar
- Google Open Source. Using third-party licenses; https://opensource.google.com/docs/thirdparty/licenses/#banned.Google Scholar
- Hipp, D. R. How SQLite is tested; https://www.sqlite.org/testing.html.Google Scholar
- Lacasse, N., Open-sourcing gVisor, a sandboxed container runtime. Google Cloud (May 2018); http://bit.ly/2wzA84D.Google Scholar
- Langley, A. Chromium's seccomp sandbox. ImperialViolet (Aug. 2009); https://www.imperialviolet.org/2009/08/26/seccomp.html.Google Scholar
- National Institute of Standards and Technology. National Vulnerability Database---Search and Statistics; https://nvd.nist.gov/vuln/search.Google Scholar
- Pike, R. Go Proverbs, 2015; https://go-proverbs.github.io/.Google Scholar
- Pike, R., Dorward, S., Griesemer, R. and Quinlan, S. Interpreting the data: Parallel analysis with Sawzall. Scientific Programming J. 13, 4 (2005), 277--298 Google ScholarDigital Library
- Potapenko, A. Testing Chromium: ThreadSanitizer v2, a next-gen data race detector. Chromium Blog (Apr. 2014); http://bit.ly/2WN29o0.Google Scholar
- Potvin, R., Levenberg, J. Why Google stores billions of lines of code in a single repository. Commun. ACM 59, 7 (July 2016), 78--87 Google ScholarDigital Library
- Reis, C. Multi-process architecture. Chromium Blog (Sept. 2008); https://blog.chromium.org/2008/09/multi-process-architecture.html.Google Scholar
- SpotBugs: Find bugs in Java programs; https://spotbugs.github.io/.Google Scholar
- Thompson, K. Reflections on trusting trust. Commun. ACM 27, 8 (Aug. 1984), 761--763 Google ScholarDigital Library
- U.S. House of Representatives Committee on Oversight and Government Reform. The Equifax Data Breach, Majority Staff Report, 115th Congress (Dec. 2018); http://bit.ly/2Gf53IJ.Google Scholar
- Willis, N. A single Node of failure. LWN.net (Mar. 2016); https://lwn.net/Articles/681410/.Google Scholar
- Winters, T. SD-8: Standard library compatibility, C++ standing document, 2018; http://bit.ly/2QNhT5k.Google Scholar
Index Terms
- Surviving software dependencies
Recommendations
Surviving Software Dependencies: Software reuse is finally here but comes with risks.
Knowledge GraphsSoftware reuse is finally here, and its benefits should not be understated, but we’ve accepted this transformation without completely thinking through the potential consequences. The Copay and Equifax attacks are clear warnings of real problems in the ...
Reusability of Mathematical Software: A Contribution
Mathematical software is devoted to solving problems involving matrix computation and manipulation. The main problem limiting the reusability of existing mathematical software is that programs are often not initially designed for being reused. Therefore,...
Comments