Ambush from All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines.
Ziyue PanWenbo ShenXingkai WangYutian YangRui ChangYao LiuChengwei LiuYang LiuKui RenPublished in: CoRR (2024)
Keyphrases
- open source software
- security threats
- open source
- key management
- software development
- security issues
- source code
- open source projects
- security mechanisms
- open source software development
- security risks
- case study
- mailing lists
- maintenance effort
- software engineering
- object oriented
- sensor networks
- data mining
- proprietary software
- databases