![]() ![]() ![]() ![]() However, the OpenChain Project defined identifying and tracking source code reuses as responsibilities of FLOSS software staffs. In general, code reuse is not documented well, consequently, appropriate changes like security patches cannot be propagated to descendant software projects. These clone-and-own operations can be occurred sequentially, that is, cloned components can be cloned again and owned by other new owners on the supply chain. Cloned software components are maintained independently by a new owner. Our method reports a list of original components whose precision and recall are 0.998 and 0.997.Ĭlone-and-own is a typical code reuse approach because of its simplicity and efficiency. The Software Bertillonage technique reports many candidates the precision and recall are 0.357 and 0.993, respectively. To compare the method with the existing technique, we have conducted an evaluation using randomly created jar files including up to 1,000 components. More concretely, given a Java product and a repository of jar files of existing components, our method selects jar files that can provide Java classes to the product in a greedy manner. In this paper, we propose a method to automatically select the most likely origin of components reused in a product, based on an assumption that a product tends to include an entire copy of a component rather than a partial copy. Although the technique can extract candidates of reused components, a user still has to manually identify the original components among the candidates. Since such a list is not always available, a code comparison technique named Software Bertillonage has been proposed to test whether a product likely includes a copy of a particular component or not. To assess potential risks, such as security vulnerabilities and license violations, a list of components and their versions in a product is important for release engineers and security analysts. A software product is often dependent on a large number of third-party components. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |