{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T02:18:34Z","timestamp":1743041914709,"version":"3.40.3"},"publisher-location":"Cham","reference-count":60,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031360596"},{"type":"electronic","value":"9783031360602"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-36060-2_9","type":"book-chapter","created":{"date-parts":[[2023,10,5]],"date-time":"2023-10-05T17:04:18Z","timestamp":1696525458000},"page":"215-245","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Infrastructure-as-Code Ecosystems"],"prefix":"10.1007","author":[{"given":"Ruben","family":"Opdebeeck","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ahmed","family":"Zerouali","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Coen De","family":"Roover","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,5,26]]},"reference":[{"key":"9_CR1","unstructured":"Anchore.io: Snapshot of the container ecosystem (2017). https:\/\/anchore.com\/wp-content\/uploads\/2017\/04\/Anchore-Container-Survey-5.pdf. Accessed 15 Apr 2023"},{"issue":"2","key":"9_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10664-021-10081-7","volume":"27","author":"H Azuma","year":"2022","unstructured":"Azuma, H., Matsumoto, S., Kamei, Y., Kusumoto, S.: An empirical study on self-admitted technical debt in dockerfiles. Empirical Softw. Eng. 27(2), 1\u201326 (2022)","journal-title":"Empirical Softw. Eng."},{"key":"9_CR3","unstructured":"Bettini, A.: Vulnerability exploitation in Docker container environments. FlawCheck, Black Hat Europe (2015)"},{"issue":"1","key":"9_CR4","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1145\/2723872.2723882","volume":"49","author":"C Boettiger","year":"2015","unstructured":"Boettiger, C.: An introduction to Docker for reproducible research. ACM SIGOPS Oper. Syst. Rev. 49(1), 71\u201379 (2015). https:\/\/doi.org\/10.1145\/2723872.2723882","journal-title":"ACM SIGOPS Oper. Syst. Rev."},{"key":"9_CR5","doi-asserted-by":"crossref","unstructured":"Borovits, N., Kumara, I., Di Nucci, D., Krishnan, P., Dalla Palma, S., Palomba, F., Tamburri, D.A., van den Heuvel, W.J.: FindICI: using machine learning to detect linguistic inconsistencies between code and natural language descriptions in infrastructure-as-code. Empirical Softw. Eng. 27(178) (2022). https:\/\/doi.org\/10.1007\/s10664-022-10215-5","DOI":"10.1007\/s10664-022-10215-5"},{"key":"9_CR6","doi-asserted-by":"publisher","unstructured":"Chiari, M., De Pascalis, M., Pradella, M.: Static analysis of infrastructure as code: a survey. In: International Conference on Software Architecture (ICSA), pp. 218\u2013225 (2022). https:\/\/doi.org\/10.1109\/ICSA-C54293.2022.00049","DOI":"10.1109\/ICSA-C54293.2022.00049"},{"key":"9_CR7","doi-asserted-by":"publisher","unstructured":"Cito, J., Schermann, G., Wittern, J.E., Leitner, P., Zumberi, S., Gall, H.C.: An empirical analysis of the Docker container ecosystem on GitHub. In: International Conference on Mining Software Repositories (MSR), pp. 323\u2013333. IEEE, Piscataway (2017). https:\/\/doi.org\/10.1109\/MSR.2017.67","DOI":"10.1109\/MSR.2017.67"},{"issue":"5","key":"9_CR8","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1109\/MCC.2016.100","volume":"3","author":"T Combe","year":"2016","unstructured":"Combe, T., Martin, A., Di Pietro, R.: To Docker or not to Docker: a security perspective. IEEE Cloud Comput. 3(5), 54\u201362 (2016). https:\/\/doi.org\/10.1109\/MCC.2016.100","journal-title":"IEEE Cloud Comput."},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Dai, T., Karve, A., Koper, G., Zeng, S.: Automatically detecting risky scripts in infrastructure code. In: Symposium on Cloud Computing (SoCC), pp. 358\u2013371. ACM (2020). https:\/\/doi.org\/10.1145\/3419111.3421303","DOI":"10.1145\/3419111.3421303"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Dalla Palma, S., Di Nucci, D., Palomba, F., Tamburri, D.A.: Toward a catalog of software quality metrics for infrastructure code. J. Syst. Softw. 170 (2020). https:\/\/doi.org\/10.1016\/j.jss.2020.110726","DOI":"10.1016\/j.jss.2020.110726"},{"issue":"6","key":"9_CR11","doi-asserted-by":"publisher","first-page":"2086","DOI":"10.1109\/TSE.2021.3051492","volume":"48","author":"S Dalla Palma","year":"2022","unstructured":"Dalla Palma, S., Di Nucci, D., Palomba, F., Tamburri, D.A.: Within-project defect prediction of infrastructure-as-code using product and process metrics. Trans. Softw. Eng. 48(6), 2086\u20132104 (2022). https:\/\/doi.org\/10.1109\/TSE.2021.3051492","journal-title":"Trans. Softw. Eng."},{"issue":"6","key":"9_CR12","doi-asserted-by":"publisher","first-page":"1226","DOI":"10.1109\/TSE.2019.2918315","volume":"47","author":"A Decan","year":"2021","unstructured":"Decan, A., Mens, T.: What do package dependencies tell us about semantic versioning? Trans. Softw. Eng. 47(6), 1226\u20131240 (2021). https:\/\/doi.org\/10.1109\/TSE.2019.2918315","journal-title":"Trans. Softw. Eng."},{"key":"9_CR13","doi-asserted-by":"crossref","unstructured":"Dragoni, N., Giallorenzo, S., Lafuente, A.L., Mazzara, M., Montesi, F., Mustafin, R., Safina, L.: Microservices: yesterday, today, and tomorrow. In: Present and Ulterior Software Engineering, pp. 195\u2013216 (2017)","DOI":"10.1007\/978-3-319-67425-4_12"},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Eng, K., Hindle, A.: Revisiting Dockerfiles in open source software over time. In: 2021 IEEE\/ACM 18th International Conference on Mining Software Repositories (MSR), pp. 449\u2013459. IEEE, Piscataway (2021)","DOI":"10.1109\/MSR52588.2021.00057"},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"Gholami, S., Khazaei, H., Bezemer, C.P.: Should you upgrade official Docker Hub images in production environments? In: International Conference on Software Engineering\u2014New Ideas and Emerging Results (ICSE-NIER), pp. 101\u2013105. IEEE, Piscataway (2021)","DOI":"10.1109\/ICSE-NIER52604.2021.00029"},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"Guerriero, M., Garriga, M., Tamburri, D.A., Palomba, F.: Adoption, support, and challenges of infrastructure-as-code: insights from industry. In: International Conference on Software Maintenance and Evolution (ICSME), pp. 580\u2013589. IEEE, Piscataway (2019)","DOI":"10.1109\/ICSME.2019.00092"},{"key":"9_CR17","doi-asserted-by":"publisher","unstructured":"Hassan, M.M., Rahman, A.: As code testing: characterizing test quality in open source Ansible development. In: International Conference on Software Testing, Verification and Validation (ICST), pp. 208\u2013219 (2022). https:\/\/doi.org\/10.1109\/ICST53961.2022.00031","DOI":"10.1109\/ICST53961.2022.00031"},{"key":"9_CR18","doi-asserted-by":"crossref","unstructured":"Henkel, J., Bird, C., Lahiri, S.K., Reps, T.: Learning from, understanding, and supporting DevOps artifacts for docker. In: International Conference on Software Engineering (ICSE), pp. 38\u201349. IEEE, Piscataway (2020)","DOI":"10.1145\/3377811.3380406"},{"key":"9_CR19","doi-asserted-by":"publisher","unstructured":"Henkel, J., Silva, D., Teixeira, L., d\u2019Amorim, M., Reps, T.: Shipwright: a human-in-the-loop system for Dockerfile repair. In: International Conference on Software Engineering (ICSE), pp. 1148\u20131160. IEEE, Piscataway (2021). https:\/\/doi.org\/10.1109\/ICSE43902.2021.00106","DOI":"10.1109\/ICSE43902.2021.00106"},{"key":"9_CR20","unstructured":"Henriksson, O., Falk, M.: Static vulnerability analysis of Docker images (2017)"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Horton, E., Parnin, C.: Dozer: migrating shell commands to Ansible modules via execution profiling and synthesis. In: International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP), pp. 147\u2013148 (2022). https:\/\/doi.org\/10.1145\/3510457.3513060","DOI":"10.1145\/3510457.3513060"},{"key":"9_CR22","doi-asserted-by":"crossref","unstructured":"Hummer, W., Rosenberg, F., Oliveira, F., Eilam, T.: Testing idempotence for infrastructure as code. In: ACM\/IFIP\/USENIX International Middleware Conference, pp. 368\u2013388 (2013). https:\/\/doi.org\/10.1007\/978-3-642-45065-5%5C_19","DOI":"10.1007\/978-3-642-45065-5_19"},{"key":"9_CR23","doi-asserted-by":"publisher","unstructured":"Kokuryo, S., Kondo, M., Mizuno, O.: An empirical study of utilization of imperative modules in Ansible. In: International Conference on Software Quality, Reliability and Security (QRS), pp. 442\u2013449 (2020). https:\/\/doi.org\/10.1109\/QRS51102.2020.00063","DOI":"10.1109\/QRS51102.2020.00063"},{"key":"9_CR24","doi-asserted-by":"publisher","unstructured":"Ksontini, E., Kessentini, M., Ferreira, T.d.N., Hassan, F.: Refactorings and technical debt in docker projects: an empirical study. In: International Conference on Automated Software Engineering (ASE), pp. 781\u2013791. IEEE, Piscataway (2021). https:\/\/doi.org\/10.1109\/ASE51524.2021.9678585","DOI":"10.1109\/ASE51524.2021.9678585"},{"key":"9_CR25","doi-asserted-by":"crossref","unstructured":"Lam, P., Dietrich, J., Pearce, D.J.: Putting the semantics into semantic versioning. In: International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software (Onward!), pp. 157\u2013179. ACM (2020). https:\/\/doi.org\/10.1145\/3426428.3426922","DOI":"10.1145\/3426428.3426922"},{"key":"9_CR26","doi-asserted-by":"publisher","unstructured":"Lin, C., Nadi, S., Khazaei, H.: A large-scale data set and an empirical study of Docker images hosted on Docker Hub. In: International Conference on Software Maintenance and Evolution (ICSME), pp. 371\u2013381. IEEE, Piscataway (2020). https:\/\/doi.org\/10.1109\/ICSME46990.2020.00043","DOI":"10.1109\/ICSME46990.2020.00043"},{"key":"9_CR27","doi-asserted-by":"publisher","unstructured":"Lin, C., Nadi, S., Khazaei, H.: A large-scale data set of Docker images hosted on Docker Hub (2020). https:\/\/doi.org\/10.5281\/zenodo.3862987","DOI":"10.5281\/zenodo.3862987"},{"key":"9_CR28","doi-asserted-by":"publisher","unstructured":"Opdebeeck, R., Zerouali, A., De Roover, C.: Andromeda: a dataset of Ansible Galaxy roles and their evolution. In: International Conference on Mining Software Repositories (MSR), pp. 580\u2013584 (2021). https:\/\/doi.org\/10.1109\/MSR52588.2021.00078","DOI":"10.1109\/MSR52588.2021.00078"},{"key":"9_CR29","doi-asserted-by":"crossref","unstructured":"Opdebeeck, R., Zerouali, A., De Roover, C.: Smelly variables in Ansible infrastructure code: detection, prevalence, and lifetime. In: International Conference on Mining Software Repositories (MSR). ACM (2022). https:\/\/doi.org\/10.1145\/3524842.3527964","DOI":"10.1145\/3524842.3527964"},{"key":"9_CR30","doi-asserted-by":"publisher","unstructured":"Opdebeeck, R., Zerouali, A., Vel\u00e1zquez-Rodr\u00edguez, C., De Roover, C.: Replication package of SCAM 2020 Ansible role semantic versioning empirical study (2020). https:\/\/doi.org\/10.5281\/zenodo.4041169","DOI":"10.5281\/zenodo.4041169"},{"key":"9_CR31","doi-asserted-by":"crossref","unstructured":"Opdebeeck, R., Zerouali, A., Vel\u00e1zquez-Rodr\u00edguez, C., De Roover, C.: On the practice of semantic versioning for Ansible Galaxy roles: an empirical study and a change classification model. J. Syst. Softw. 182 (2021). https:\/\/doi.org\/10.1016\/j.jss.2021.111059","DOI":"10.1016\/j.jss.2021.111059"},{"key":"9_CR32","doi-asserted-by":"crossref","unstructured":"Oumaziz, M.A., Falleri, J.R., Blanc, X., Bissyand\u00e9, T.F., Klein, J.: Handling duplicates in Dockerfiles families: learning from experts. In: International Conference on Software Maintenance and Evolution (ICSME), pp. 524\u2013535. IEEE, Piscataway (2019)","DOI":"10.1109\/ICSME.2019.00086"},{"issue":"3","key":"9_CR33","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MCC.2015.51","volume":"2","author":"C Pahl","year":"2015","unstructured":"Pahl, C.: Containerization and the PaaS cloud. IEEE Cloud Comput. 2(3), 24\u201331 (2015)","journal-title":"IEEE Cloud Comput."},{"key":"9_CR34","unstructured":"Preston-Werner, T.: Semantic versioning 2.0.0 (2013). https:\/\/semver.org\/. Accessed 15 Apr 2023"},{"key":"9_CR35","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1016\/j.jss.2016.04.008","volume":"129","author":"S Raemaekers","year":"2017","unstructured":"Raemaekers, S., van Deursen, A., Visser, J.: Semantic versioning and impact of breaking changes in the maven repository. J. Syst. Softw. 129, 140\u2013158 (2017). https:\/\/doi.org\/10.1016\/j.jss.2016.04.008","journal-title":"J. Syst. Softw."},{"key":"9_CR36","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1016\/j.infsof.2018.12.004","volume":"108","author":"A Rahman","year":"2019","unstructured":"Rahman, A., Mahdavi-Hezaveh, R., Williams, L.: A systematic mapping study of infrastructure as code research. Inform. Softw. Technol. 108, 65\u201377 (2019). https:\/\/doi.org\/10.1016\/j.infsof.2018.12.004","journal-title":"Inform. Softw. Technol."},{"key":"9_CR37","doi-asserted-by":"publisher","unstructured":"Rahman, A., Parnin, C., Williams, L.: The seven sins: security smells in infrastructure as code scripts. In: International Conference on Software Engineering (ICSE), ICSE \u201919, pp. 164\u2013175 (2019). https:\/\/doi.org\/10.1109\/ICSE.2019.00033","DOI":"10.1109\/ICSE.2019.00033"},{"key":"9_CR38","doi-asserted-by":"crossref","unstructured":"Rahman, A., Rahman, M.R., Parnin, C., Williams, L.: Security smells in Ansible and Chef scripts: a replication study. Trans. Softw. Eng. Methodol. 30(1) (2021). https:\/\/doi.org\/10.1145\/3408897","DOI":"10.1145\/3408897"},{"key":"9_CR39","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1016\/j.infsof.2019.04.013","volume":"112","author":"A Rahman","year":"2019","unstructured":"Rahman, A., Williams, L.: Source code properties of defective infrastructure as code scripts. Inform. Softw. Technol. 112, 148\u2013163 (2019). https:\/\/doi.org\/10.1016\/j.infsof.2019.04.013","journal-title":"Inform. Softw. Technol."},{"key":"9_CR40","unstructured":"Red Hat, Inc.: Ansible Molecule (2023). https:\/\/molecule.readthedocs.io\/en\/latest\/. Accessed 15 Apr 2023"},{"key":"9_CR41","unstructured":"Rosa, G., Scalabrino, S., Oliveto, R.: Fixing dockerfile smells: an empirical study. International Conference on Software Maintenance and Evolution (ICSME) (2022)"},{"key":"9_CR42","doi-asserted-by":"crossref","unstructured":"Sabuhi, M., Musilek, P., Bezemer, C.P.: Studying the performance risks of upgrading Docker Hub images: a case study of WordPress. In: International Conference on Performance Engineering, pp. 97\u2013104. ACM (2022)","DOI":"10.1145\/3489525.3511683"},{"key":"9_CR43","doi-asserted-by":"crossref","unstructured":"Sharma, T., Fragkoulis, M., Spinellis, D.: Does your configuration code smell? In: Working Conference on Mining Software Repositories (MSR), pp. 189\u2013200 (2016). https:\/\/doi.org\/10.1145\/2901739.2901761","DOI":"10.1145\/2901739.2901761"},{"key":"9_CR44","doi-asserted-by":"crossref","unstructured":"Shu, R., Gu, X., Enck, W.: A study of security vulnerabilities on Docker Hub. In: International Conference on Data and Application Security and Privacy, pp. 269\u2013280. ACM (2017). https:\/\/doi.org\/10.1145\/3029806.3029832","DOI":"10.1145\/3029806.3029832"},{"key":"9_CR45","doi-asserted-by":"crossref","unstructured":"Sotiropoulos, T., Mitropoulos, D., Spinellis, D.: Practical fault detection in Puppet programs. In: International Conference on Software Engineering (ICSE), pp. 26\u201337 (2020). https:\/\/doi.org\/10.1145\/3377811.3380384","DOI":"10.1145\/3377811.3380384"},{"key":"9_CR46","unstructured":"Stack Overflow: 2022 stack overflow developer survey (2022). https:\/\/survey.stackoverflow.co\/2022. Accessed 15 Apr 2023"},{"key":"9_CR47","doi-asserted-by":"crossref","unstructured":"Tsuru, T., Nakagawa, T., Matsumoto, S., Higo, Y., Kusumoto, S.: Type-2 code clone detection for Dockerfiles. In: International Workshop on Software Clones (IWSC). IEEE, Piscataway (2021)","DOI":"10.1109\/IWSC53727.2021.00007"},{"key":"9_CR48","unstructured":"Turnbull, J.: The Docker Book: Containerization is the New Virtualization. James Turnbull (2014)"},{"key":"9_CR49","doi-asserted-by":"publisher","unstructured":"van der Bent, E., Hage, J., Visser, J., Gousios, G.: How good is your Puppet? An empirically defined and validated quality model for Puppet. In: International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 164\u2013174 (2018). https:\/\/doi.org\/10.1109\/SANER.2018.8330206","DOI":"10.1109\/SANER.2018.8330206"},{"key":"9_CR50","unstructured":"Vermeer, B., Henry, W.: Shifting Docker security left (2019). https:\/\/snyk.io\/blog\/shifting-docker-security-left\/. Accessed 15 Apr 2023"},{"key":"9_CR51","doi-asserted-by":"publisher","first-page":"34127","DOI":"10.1109\/ACCESS.2020.2973750","volume":"8","author":"Y Wu","year":"2020","unstructured":"Wu, Y., Zhang, Y., Wang, T., Wang, H.: Characterizing the occurrence of dockerfile smells in open-source software: an empirical study. IEEE Access 8, 34127\u201334139 (2020)","journal-title":"IEEE Access"},{"key":"9_CR52","doi-asserted-by":"publisher","unstructured":"Xu, J., Wu, Y., Lu, Z., Wang, T.: Dockerfile TF smell detection based on dynamic and static analysis methods. In: Annual Computer Software and Applications Conference (COMPSAC), vol. 1, pp. 185\u2013190. IEEE, Piscataway (2019). https:\/\/doi.org\/10.1109\/COMPSAC.2019.00033","DOI":"10.1109\/COMPSAC.2019.00033"},{"key":"9_CR53","doi-asserted-by":"crossref","unstructured":"Zerouali, A., Constantinou, E., Mens, T., Robles, G., Gonz\u00e1lez-Barahona, J.: An empirical analysis of technical lag in npm package dependencies. In: International Conference on Software Reuse (ICSR). Lecture Notes in Computer Science, vol. 10826, pp. 95\u2013110. Springer, Berlin (2018). https:\/\/doi.org\/10.1007\/978-3-319-90421-4_6","DOI":"10.1007\/978-3-319-90421-4_6"},{"key":"9_CR54","doi-asserted-by":"crossref","unstructured":"Zerouali, A., Cosentino, V., Mens, T., Robles, G., Gonzalez-Barahona, J.M.: On the impact of outdated and vulnerable JavaScript packages in Docker images. In: International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 619\u2013623. IEEE, Piscataway (2019)","DOI":"10.1109\/SANER.2019.8667984"},{"key":"9_CR55","doi-asserted-by":"crossref","unstructured":"Zerouali, A., Cosentino, V., Robles, G., Gonzalez-Barahona, J.M., Mens, T.: Conpan: a tool to analyze packages in software containers. In: International Conference on Mining Software Repositories (MSR), pp. 592\u2013596. IEEE, Piscataway (2019)","DOI":"10.1109\/MSR.2019.00089"},{"key":"9_CR56","doi-asserted-by":"publisher","first-page":"102653","DOI":"10.1016\/j.scico.2021.102653","volume":"207","author":"A Zerouali","year":"2021","unstructured":"Zerouali, A., Mens, T., De Roover, C.: On the usage of JavaScript, Python and Ruby packages in Docker Hub images. Sci. Comput. Program. 207, 102653 (2021)","journal-title":"Sci. Comput. Program."},{"issue":"2","key":"9_CR57","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10664-020-09908-6","volume":"26","author":"A Zerouali","year":"2021","unstructured":"Zerouali, A., Mens, T., Decan, A., Gonzalez-Barahona, J., Robles, G.: A multi-dimensional analysis of technical lag in Debian-based Docker images. Empirical Softw. Eng. 26(2), 1\u201345 (2021)","journal-title":"Empirical Softw. Eng."},{"key":"9_CR58","doi-asserted-by":"publisher","unstructured":"Zerouali, A., Mens, T., Gonzalez-Barahona, J., Decan, A., Constantinou, E., Robles, G.: A formal framework for measuring technical lag in component repositories\u2014and its application to npm. J. Softw. Evol. Process 31(8) (2019). https:\/\/doi.org\/10.1002\/smr.2157","DOI":"10.1002\/smr.2157"},{"key":"9_CR59","doi-asserted-by":"publisher","unstructured":"Zerouali, A., Mens, T., Robles, G., Gonzalez-Barahona, J.M.: On the relation between outdated docker containers, severity vulnerabilities, and bugs. In: International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 491\u2013501. IEEE, Piscataway (2019). https:\/\/doi.org\/10.1109\/SANER.2019.8668013","DOI":"10.1109\/SANER.2019.8668013"},{"key":"9_CR60","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Zhang, Y., Mao, X., Wu, Y., Lin, B., Wang, S.: Recommending base image for docker containers based on deep configuration comprehension. In: International Conference on Software Analysis, Evolution and Reengineering (SANER), pp. 449\u2013453. IEEE, Piscataway (2022)","DOI":"10.1109\/SANER53432.2022.00060"}],"container-title":["Software Ecosystems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-36060-2_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,10,5]],"date-time":"2023-10-05T17:07:11Z","timestamp":1696525631000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-36060-2_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031360596","9783031360602"],"references-count":60,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-36060-2_9","relation":{},"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"26 May 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}