Ambush From All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines.
Ziyue PanWenbo ShenXingkai WangYutian YangRui ChangYao LiuChengwei LiuYang LiuKui RenPublished in: IEEE Trans. Dependable Secur. Comput. (2024)
Keyphrases
- open source software
- security threats
- open source
- security issues
- open source software development
- source code
- software development
- security mechanisms
- free software
- open source projects
- key management
- security risks
- mailing lists
- data model
- case study
- database
- object oriented
- distributed systems
- information technology
- data mining
- maintenance effort