{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T01:06:57Z","timestamp":1769735217068,"version":"3.49.0"},"reference-count":45,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,10,26]],"date-time":"2023-10-26T00:00:00Z","timestamp":1698278400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2023,10,26]],"date-time":"2023-10-26T00:00:00Z","timestamp":1698278400000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001809","name":"NSFC","doi-asserted-by":"publisher","award":["62172311"],"award-info":[{"award-number":["62172311"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,10,26]]},"DOI":"10.1109\/esem56168.2023.10304852","type":"proceedings-article","created":{"date-parts":[[2023,11,8]],"date-time":"2023-11-08T18:50:15Z","timestamp":1699469415000},"page":"1-12","source":"Crossref","is-referenced-by-count":8,"title":["Security Defect Detection via Code Review: A Study of the OpenStack and Qt Communities"],"prefix":"10.1109","author":[{"given":"Jiaxin","family":"Yu","sequence":"first","affiliation":[{"name":"School of Computer Science, Wuhan University,Wuhan,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Liming","family":"Fu","sequence":"additional","affiliation":[{"name":"School of Computer Science, Wuhan University,Wuhan,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peng","family":"Liang","sequence":"additional","affiliation":[{"name":"School of Computer Science, Wuhan University,Wuhan,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Amjed","family":"Tahir","sequence":"additional","affiliation":[{"name":"School of Mathematical and Computational Sciences, Massey University,Palmerston North,New Zealand"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mojtaba","family":"Shahin","sequence":"additional","affiliation":[{"name":"School of Computing Technologies, RMIT University,Melbourne,Australia"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1177\/001316446002000104"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/3468264.3473107"},{"key":"ref34","author":"tan","year":"2016","journal-title":"Introduction to Data Mining"},{"key":"ref12","first-page":"197","article-title":"An empirical study on the effectiveness of security code review","author":"edmundson","year":"0","journal-title":"Proceedings of the 5th International Symposium on Engineering Secure Software and Systems (ESSoS)"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2020.106333"},{"key":"ref15","author":"alfadel","year":"2022","journal-title":"Qualitative analysis of security-related code reviews in npm packages An empirical study"},{"key":"ref36","first-page":"68","article-title":"Can you tell me if it smells? a study on how developers discuss code smells and anti-patterns in stack overflow","author":"tahir","year":"0","journal-title":"Proc Int'l Conf Evaluation and Assessment in Software Engineering (EASE)"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1109\/SCAM.2016.30"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2020.2977907"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1145\/3544902.3546253"},{"key":"ref33","author":"bird","year":"2009","journal-title":"Natural Language Processing with Python Analyzing Text with the Natural Language Toolkit"},{"key":"ref11","author":"mcconnell","year":"2004","journal-title":"Code Complete"},{"key":"ref32","year":"2022","journal-title":"Common Weakness Enumeration"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2016.2576451"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1080\/10864415.2004.11044320"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2007.70712"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1177\/0049124113500475"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-022-10267-7"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.2307\/798843"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-021-09951-x"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCNT49239.2020.9225385"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.3390\/app10249119"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/3183519.3183525"},{"key":"ref45","doi-asserted-by":"crossref","first-page":"2146","DOI":"10.1007\/s10664-015-9381-9","article-title":"An empirical study of the impact of modern code review practices on software quality","volume":"21","author":"mcintosh","year":"2016","journal-title":"Empirical Software Engineering"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/SERE-C.2013.22"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-016-9452-6"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2597073.2597076"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970278"},{"key":"ref20","article-title":"A comprehensive framework for using iterative analysis to improve human-intensive process security: An election example","author":"osterweil","year":"2017","journal-title":"ACM Transactions on Information and System Security"},{"key":"ref41","year":"2022","journal-title":"OWASP Top 10 Web Application Security Risks"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/2025113.2025155"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3511560"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.33"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00124"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2013.6624003"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180192"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-022-10178-7"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/2635868.2635880"},{"key":"ref7","year":"2022","journal-title":"GitLab Mapping the DevSecOps Landscape - 2022 Survey"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/3127005.3127014"},{"key":"ref4","author":"mcgraw","year":"2013","journal-title":"Software Security Engineering A Guide for Project Managers"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2022.3140868"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-022-10278-4"},{"key":"ref5","volume":"1","author":"planning","year":"2002","journal-title":"The Economic Impacts of Inadequate Infrastructure for Software Testing"},{"key":"ref40","author":"yu","year":"2023","journal-title":"Dataset of the Paper “Security Issue Detection in Code Review An Exploratory Study of OpenStack and Qt communities”"}],"event":{"name":"2023 ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)","location":"New Orleans, LA, USA","start":{"date-parts":[[2023,10,26]]},"end":{"date-parts":[[2023,10,27]]}},"container-title":["2023 ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10304838\/10304789\/10304852.pdf?arnumber=10304852","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,12,11]],"date-time":"2023-12-11T19:19:14Z","timestamp":1702322354000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10304852\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,26]]},"references-count":45,"URL":"https:\/\/doi.org\/10.1109\/esem56168.2023.10304852","relation":{},"subject":[],"published":{"date-parts":[[2023,10,26]]}}}