Page 144 - 《软件学报》2025年第7期
P. 144

孙伟杰 等: Java 依赖异味的实证研究与统一检测技术                                                    3065


                 [35]  Feature/devx dashboard. #192, 2024. https://github.com/microsoftgraph/msgraph-sdk-java-core/pull/192
                 [36]  Bump guava from 30.1-jre to 30.1.1-jre. #176, 2024. https://github.com/microsoftgraph/msgraph-sdk-java-core/pull/176
                 [37]  Add missing gradle-wrapper.jar. #17, 2024. https://github.com/hkupty/penna/pull/17
                 [38]  Can gradle-wrapper.jar be included into “INCLUDING BUILD TOOLS” list? LEGAL-570, 2024. https://issues.apache.org/jira/browse/
                     LEGAL-570
                 [39]  Bump gradle wrapper to version 5.6.4. #3422, 2024. https://github.com/bisq-network/bisq/pull/3422
                 [40]  Gradle wrapper attack report. 2024. https://blog.gradle.org/wrapper-attack-report
                 [41]  bug/PMTS-24-change-dependencies-scope-to-runtime. #25, 2024. https://github.com/qnocks/payment-service/pull/25
                 [42]  Fix: Change scope of selenium-support dependency to compile. #2019, 2024. https://github.com/appium/java-client/pull/2019
                 [43]  slf4j-log4j12 in test scope causes downstream issues. #152, 2024. https://github.com/confluentinc/common/pull/152
                 [44]  Project lombok. 2024. https://projectlombok.org/
                 [45]  Soot. 2024. http://soot-oss.github.io/soot/
                 [46]  About JavaParser. 2024. https://javaparser.org/about.html
                 [47]  Javassist by jboss-javassist. 2023. http://www.javassist.org/
                 [48]  Add used but undeclared dependencies to pom.xmls. #4539, 2024. https://github.com/aws/aws-sdk-java-v2/pull/4539
                 [49]  [INLONG-4771][manager] change junit-jupiter dependency to test scope. #4772, 2024. https://github.com/apache/inlong/pull/4772
                 [50]  hapifhir/hapi-fhir-jpaserver-starter. 2024. https://github.com/hapifhir/hapi-fhir-jpaserver-starter
                 [51]  Spring | home. 2024. https://spring.io/
                 [52]  Btrace—A safe, dynamic tracing tool for the Java platform. 2024. https://github.com/btraceio/btrace
                 [53]  Possible dependency conflict due to version conflict in /client. #2189, 2024. https://github.com/networknt/light-4j/issues/2189
                 [54]  Undeclared dependency identified in client module. #2001, 2024. https://github.com/networknt/light-4j/issues/2001
                 [55]  Add Maven wrapper for light-4j. #2021, 2024. https://github.com/networknt/light-4j/issues/2021
                 [56]  The gradle-wrapper. jar is not up-to-date with gradle version. #1655, 2024. https://github.com/MobilityData/gtfs-validator/issues/1655
                 [57]  Manage the versions of snappy-java and jackson-* centrally to avoid version conflict. #2546, 2024. https://github.com/apache/tinkerpop/
                     pull/2546
                 [58]  Abate P, Di Cosmo R, Treinen R, Zacchiroli S. Dependency solving: A separate concern in component evolution management. Journal of
                     Systems and Software, 2012, 85(10): 2228–2240. [doi: 10.1016/j.jss.2012.02.018]
                 [59]  Xu  C,  Qin  Y,  Yu  P,  Cao  C,  Lü  J.  Theories  and  techniques  for  growing  software:  Paradigm  and  beyond.  SCIENTIA  SINICA
                     Informationis, 2020, 50(11): 1595–1611 (in Chinese with English abstract). [doi: 10.1360/SSI-2020-0079]
                 [60]  Jin Z, Zhou MH, Zhang YX. Open source software and its eco-systems: Today and tommorow. Science & Technology Review, 2016,
                     34(14): 42–48 (in Chinese with English abstract). [doi: 10.3981/j.issn.1000-7857.2016.14.005]
                 [61]  Ponta  SE,  Fischer  W,  Plate  H,  Sabetta  A.  The  used,  the  bloated,  and  the  vulnerable:  Reducing  the  attack  surface  of  an  industrial
                     application.  In:  Proc.  of  the  2021  IEEE  Int’l  Conf.  on  Software  Maintenance  and  Evolution  (ICSME).  Luxembourg:  IEEE,  2021.
                     555–558. [doi: 10.1109/ICSME52107.2021.00056]
                 [62]  Jezek K, Dietrich J. On the use of static analysis to safeguard recursive dependency resolution. In: Proc. of the 40th EUROMICRO Conf.
                     on Software Engineering and Advanced Applications. Verona: IEEE, 2014. 166–173. [doi: 10.1109/SEAA.2014.35]
                 [63]  Yang HL, Chen L, Cao YL, Li YH, Zhou YM. Towards better dependency scope settings in Maven projects. In: Proc. of the 14th Asia-
                     Pacific Symp. on Internetware. Hangzhou: ACM, 2023. 90–100. [doi: 10.1145/3609437.3609447]
                 [64]  Song XH, Wang Y, Cheng X, Liang GT, Wang QX, Zhu ZL. Efficiently trimming the fat: Streamlining software dependencies with Java
                     reflection and dependency analysis. In: Proc. of the 46th IEEE/ACM Int’l Conf. on Software Engineering (ICSE). Lisbon: IEEE, 2024.
                     1261–1272.
                 [65]  Weeraddana  NR,  Alfadel  M,  McIntosh  S.  Dependency-induced  waste  in  continuous  integration:  An  empirical  study  of  unused
                     dependencies in the npm ecosystem. Proc. of the ACM on Software Engineering, 2024, 1(FSE): 116. [doi: 10.1145/3660823]
                 [66]  Drosos GP, Sotiropoulos T, Spinellis D, Mitropoulos D. Bloat beneath Python’s scales: A fine-grained inter-project dependency analysis.
                     Proc. of the ACM on Software Engineering, 2024, 1(FSE): 114. [doi: 10.1145/3660821]
                 [67]  Peng  Y,  Hu  RD,  Wang  RK,  Gao  CY,  Li  SQ,  Lyu  MR.  Less  is  more?  An  empirical  study  on  configuration  issues  in  Python  PyPI
                     ecosystem.  In:  Proc.  of  the  46th  IEEE/ACM  Int’l  Conf.  on  Software  Engineering.  Lisbon:  ACM,  2024.  202.  [doi: 10.1145/3597503.
                     3639077]
   139   140   141   142   143   144   145   146   147   148   149