{"id":"https://openalex.org/W4388954771","doi":"https://doi.org/10.1145/3605770.3625216","title":"(Nothing But) Many Eyes Make All Bugs Shallow","display_name":"(Nothing But) Many Eyes Make All Bugs Shallow","publication_year":2023,"publication_date":"2023-11-23","ids":{"openalex":"https://openalex.org/W4388954771","doi":"https://doi.org/10.1145/3605770.3625216"},"language":"en","primary_location":{"id":"doi:10.1145/3605770.3625216","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605770.3625216","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605770.3625216","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3605770.3625216","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5041797346","display_name":"Elizabeth Wyss","orcid":"https://orcid.org/0009-0001-2228-9912"},"institutions":[{"id":"https://openalex.org/I146416000","display_name":"University of Kansas","ror":"https://ror.org/001tmjg57","country_code":"US","type":"education","lineage":["https://openalex.org/I146416000"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elizabeth Wyss","raw_affiliation_strings":["University of Kansas, Lawrence, KS, USA"],"raw_orcid":"https://orcid.org/0009-0001-2228-9912","affiliations":[{"raw_affiliation_string":"University of Kansas, Lawrence, KS, USA","institution_ids":["https://openalex.org/I146416000"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056233859","display_name":"Lorenzo De Carli","orcid":"https://orcid.org/0000-0003-0432-3686"},"institutions":[{"id":"https://openalex.org/I168635309","display_name":"University of Calgary","ror":"https://ror.org/03yjb2x39","country_code":"CA","type":"education","lineage":["https://openalex.org/I168635309"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"Lorenzo De Carli","raw_affiliation_strings":["University of Calgary, Calgary, AB, Canada"],"raw_orcid":"https://orcid.org/0000-0003-0432-3686","affiliations":[{"raw_affiliation_string":"University of Calgary, Calgary, AB, Canada","institution_ids":["https://openalex.org/I168635309"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5036211273","display_name":"Drew Davidson","orcid":"https://orcid.org/0000-0002-5096-1446"},"institutions":[{"id":"https://openalex.org/I146416000","display_name":"University of Kansas","ror":"https://ror.org/001tmjg57","country_code":"US","type":"education","lineage":["https://openalex.org/I146416000"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Drew Davidson","raw_affiliation_strings":["University of Kansas, Lawrence, KS, USA"],"raw_orcid":"https://orcid.org/0000-0002-5096-1446","affiliations":[{"raw_affiliation_string":"University of Kansas, Lawrence, KS, USA","institution_ids":["https://openalex.org/I146416000"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.2941,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.85612551,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"53","last_page":"63"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11675","display_name":"Open Source Software Innovations","score":0.9943000078201294,"subfield":{"id":"https://openalex.org/subfields/1706","display_name":"Computer Science Applications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.702734112739563},{"id":"https://openalex.org/keywords/scrutiny","display_name":"Scrutiny","score":0.6753837466239929},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.5127683281898499},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4795220196247101},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.4688226878643036},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.4615516662597656},{"id":"https://openalex.org/keywords/quality","display_name":"Quality (philosophy)","score":0.4569540321826935},{"id":"https://openalex.org/keywords/government","display_name":"Government (linguistics)","score":0.4448094666004181},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.41444259881973267},{"id":"https://openalex.org/keywords/scale","display_name":"Scale (ratio)","score":0.4115399122238159},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4101189076900482},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.34728047251701355}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.702734112739563},{"id":"https://openalex.org/C2776050585","wikidata":"https://www.wikidata.org/wiki/Q7439360","display_name":"Scrutiny","level":2,"score":0.6753837466239929},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.5127683281898499},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4795220196247101},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.4688226878643036},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.4615516662597656},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.4569540321826935},{"id":"https://openalex.org/C2778137410","wikidata":"https://www.wikidata.org/wiki/Q2732820","display_name":"Government (linguistics)","level":2,"score":0.4448094666004181},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.41444259881973267},{"id":"https://openalex.org/C2778755073","wikidata":"https://www.wikidata.org/wiki/Q10858537","display_name":"Scale (ratio)","level":2,"score":0.4115399122238159},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4101189076900482},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.34728047251701355},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3605770.3625216","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605770.3625216","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605770.3625216","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses","raw_type":"proceedings-article"},{"id":"pmh:oai:share.osf.io:108fa716-f7ca-4dc1-bf19-82d2adf381b9","is_oa":false,"landing_page_url":"https://osf.io/mtrsj","pdf_url":null,"source":{"id":"https://openalex.org/S4306401127","display_name":"OSF Preprints (OSF Preprints)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I2799848540","host_organization_name":"Center for Open Science","host_organization_lineage":["https://openalex.org/I2799848540"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Project"}],"best_oa_location":{"id":"doi:10.1145/3605770.3625216","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3605770.3625216","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3605770.3625216","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/17","score":0.5199999809265137,"display_name":"Partnerships for the goals"}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4388954771.pdf","grobid_xml":"https://content.openalex.org/works/W4388954771.grobid-xml"},"referenced_works_count":51,"referenced_works":["https://openalex.org/W1999265552","https://openalex.org/W2047794235","https://openalex.org/W2049992102","https://openalex.org/W2060337373","https://openalex.org/W2080571599","https://openalex.org/W2105300539","https://openalex.org/W2110229593","https://openalex.org/W2110385988","https://openalex.org/W2113658292","https://openalex.org/W2127332160","https://openalex.org/W2131604235","https://openalex.org/W2135198476","https://openalex.org/W2138318139","https://openalex.org/W2141482658","https://openalex.org/W2142481192","https://openalex.org/W2147105902","https://openalex.org/W2148542607","https://openalex.org/W2161470369","https://openalex.org/W2161648633","https://openalex.org/W2169503241","https://openalex.org/W2170207476","https://openalex.org/W2400282174","https://openalex.org/W2740279154","https://openalex.org/W2742244373","https://openalex.org/W2789570312","https://openalex.org/W2884431305","https://openalex.org/W2896961914","https://openalex.org/W2910728092","https://openalex.org/W2953558274","https://openalex.org/W2963531473","https://openalex.org/W2964080672","https://openalex.org/W2967904600","https://openalex.org/W2986678597","https://openalex.org/W2989443621","https://openalex.org/W3007484883","https://openalex.org/W3031471692","https://openalex.org/W3098270307","https://openalex.org/W3104664309","https://openalex.org/W3194926883","https://openalex.org/W3196277935","https://openalex.org/W4205583230","https://openalex.org/W4223414248","https://openalex.org/W4226410005","https://openalex.org/W4231947862","https://openalex.org/W4235354960","https://openalex.org/W4236271749","https://openalex.org/W4241947741","https://openalex.org/W4256428742","https://openalex.org/W4281390800","https://openalex.org/W4296394699","https://openalex.org/W4308562555"],"related_works":["https://openalex.org/W1987888524","https://openalex.org/W2415594679","https://openalex.org/W4400813213","https://openalex.org/W3190981800","https://openalex.org/W2111385166","https://openalex.org/W2119108885","https://openalex.org/W2230884280","https://openalex.org/W2901630044","https://openalex.org/W2082427261","https://openalex.org/W2086408730"],"abstract_inverted_index":{"Open":[0],"source":[1],"package":[2,96,177],"repositories":[3,37],"have":[4,53],"become":[5],"a":[6,48,69,78,109,160],"crucial":[7],"component":[8],"of":[9,59,72,163,176],"the":[10,57,88,129,172],"modern":[11],"software":[12],"supply":[13],"chain":[14],"since":[15],"they":[16],"enable":[17],"developers":[18,39],"to":[19,42,56,64,117,159,188,201],"easily":[20],"and":[21,40,45,94,124,168,174],"rapidly":[22],"import":[23],"code":[24,33],"written":[25],"by":[26,102],"others.":[27],"However,":[28,81],"low":[29],"quality,":[30],"poorly":[31],"vetted":[32],"residing":[34],"in":[35,98,105],"such":[36],"exposes":[38],"end-users":[41],"dangerous":[43],"bugs":[44],"vulnerabilities":[46],"at":[47],"large":[49],"scale.":[50],"Such":[51],"issues":[52,97,123],"recently":[54],"led":[55],"creation":[58],"government-backed":[60],"verification":[61],"standards":[62],"pertaining":[63,158],"packages,":[65],"as":[66,68,194,196],"well":[67,195],"significant":[70,182],"body":[71],"developer":[73],"folklore":[74],"regarding":[75],"what":[76],"constitutes":[77],"reliable":[79,169],"package.":[80],"there":[82],"exists":[83],"little":[84],"academic":[85],"research":[86],"assessing":[87],"relationships":[89],"between":[90],"recommended":[91],"development":[92],"practices":[93],"known":[95],"this":[99,103],"domain.":[100],"Motivated":[101],"gap":[104],"understanding,":[106],"we":[107],"conduct":[108],"large-scale":[110],"study":[111],"that":[112,153,165],"formally":[113],"evaluates":[114],"whether":[115],"adherence":[116],"these":[118],"guidelines":[119],"meaningfully":[120],"impacts":[121],"reported":[122],"bug":[125],"maintenance":[126],"activity":[127],"across":[128,148],"most":[130],"widely":[131],"utilized":[132],"npm":[133],"packages":[134,137,191,204],"(encompassing":[135],"7,162":[136],"with":[138],"over":[139],"100K":[140],"weekly":[141],"downloads":[142],"each),":[143],"which":[144],"unveiled":[145],"wide":[146],"disparities":[147],"package-level":[149],"metrics.":[150],"We":[151],"find":[152],"it":[154],"is":[155],"only":[156],"recommendations":[157],"broad":[161],"notion":[162],"scrutiny":[164],"provide":[166],"strong":[167],"insights":[170],"into":[171],"reporting":[173],"resolving":[175],"issues.":[178],"These":[179],"findings":[180],"pose":[181],"implications":[183],"for":[184,192,205],"developers,":[185],"who":[186,199],"seek":[187,200],"identify":[189,202],"well-maintained":[190],"use,":[193],"security":[197],"researchers,":[198],"suspicious":[203],"critical":[206],"observation.":[207]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}