Write a Blog >>
ASE 2021
Sun 14 - Sat 20 November 2021 Australia
Tue 16 Nov 2021 19:10 - 19:30 at Wombat - SRC

Selecting which libraries (‘dependencies’ or ‘packages’ in the industry’s jargon) to adopt in a project is an essential task in software development. The quality of the corresponding source code is a key factor behind this selection (from security to timeliness). Yet, how easy is it to find the ‘actual’ source? How reliable is this information? To address this problem, I developed an approach called py2src to automatically identify GitHub source code repositories corresponding to packages in PyPI and automatically provide an indicator of the reliability of such information. I also report a preliminary empirical evaluation.

I am a Ph.D. student at the University of Trento. My research interests are software supply chain security and malware detection.

Tue 16 Nov

Displayed time zone: Hobart change

18:30 - 20:15
18:30
20m
Talk
A Program Synthesis Approach for Adding Architectural Tactics to An Existing Code Base
Student Research Competition
Ali Shokri Rochester Institute of Technology
Pre-print
18:50
20m
Talk
Program Synthesis with Algorithm Pseudocode Guidance
Student Research Competition
Zihui Wang National University of Defense Technology
19:10
20m
Talk
py2src: Towards the Automatic (and Reliable) Identification of Sources for PyPI Package
Student Research Competition
Duc Ly Vu University of Trento, Italy
Pre-print
19:30
45m
Panel
Judging and awards
Student Research Competition