Abstract
Open source components are a promising way for creating and delivering software to the market fast. However, challenges arise when assessing the quality of open source software. While frameworks to assess these components exist, the open source market is neither governed nor regulated and the use of these frameworks is labor-intensive and complex. This research aims to solve this problem by selecting quality indicators for open source software on GitHub and realizing a tool for automatically supporting the evaluation of information about open source software from other available sources. These sources include StackExchange.com for external support and the National Vulnerability and Exposure database for security incident history. Feedback on the developed prototype supports our view that automatic checks of open source software claims is possible and useful.
Original language | English |
---|---|
Title of host publication | 28th International Conference on Information Systems Development, ISD 2019 |
Number of pages | 12 |
Publication status | Published - 28 Aug 2019 |
Event | 28th International Conference on Information Systems Development, ISD 2019 - ISEN Yncréa Méditerranée, Toulon, France Duration: 28 Aug 2019 → 30 Aug 2019 Conference number: 28 |
Conference
Conference | 28th International Conference on Information Systems Development, ISD 2019 |
---|---|
Abbreviated title | ISD |
Country/Territory | France |
City | Toulon |
Period | 28/08/19 → 30/08/19 |