{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T04:43:38Z","timestamp":1775018618443,"version":"3.50.1"},"reference-count":32,"publisher":"Pleiades Publishing Ltd","issue":"4","license":[{"start":{"date-parts":[[2023,7,28]],"date-time":"2023-07-28T00:00:00Z","timestamp":1690502400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,7,28]],"date-time":"2023-07-28T00:00:00Z","timestamp":1690502400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Program Comput Soft"],"published-print":{"date-parts":[[2023,8]]},"DOI":"10.1134\/s0361768823040072","type":"journal-article","created":{"date-parts":[[2023,7,28]],"date-time":"2023-07-28T09:02:21Z","timestamp":1690534941000},"page":"302-309","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Static Analysis of Corpus of Source Codes of Python Applications"],"prefix":"10.1134","volume":"49","author":[{"given":"D. A.","family":"Kapustin","sequence":"first","affiliation":[]},{"given":"V. V.","family":"Shvyrov","sequence":"additional","affiliation":[]},{"given":"T. I.","family":"Shulika","sequence":"additional","affiliation":[]}],"member":"137","published-online":{"date-parts":[[2023,7,28]]},"reference":[{"key":"3744_CR1","unstructured":"Federal Law of the Russian Federation no. 184-FZ \u201cOn Technical Control,\u201d Dec. 27, 2002, Edition 28.11.2018. http:\/\/www.consultant.ru\/document\/cons_doc_LAW_40241\/. Cited 04.05.2022."},{"key":"3744_CR2","unstructured":"Russian Government Decree no. 608 \u201cOn Certification of Information Security Tools,\u201d June 26, 1995, Edition 21.04.2010. http:\/\/www.consultant.ru\/document\/cons_doc_LAW_7054\/. Cited 04.05.2022."},{"key":"3744_CR3","doi-asserted-by":"crossref","unstructured":"Cousot, P., Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints, Proc. 4th ACM SIGACT-SIGPLAN Symp. on Principles of Programming Languages, Los Angeles, 1977, pp. 238\u2013252 .","DOI":"10.1145\/512950.512973"},{"key":"3744_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/390013.808479","volume":"5","author":"F.E. Allen","year":"1970","unstructured":"Allen, F.E., Control flow analysis, ACM SIGPLAN Not., 1970, vol. 5, issue 7, pp. 1\u201319.","journal-title":"ACM SIGPLAN Not."},{"key":"3744_CR5","volume-title":"Lint, C Program Checker","author":"S.C. Johnson","year":"1977","unstructured":"Johnson, S.C., Lint, C Program Checker, Bell Laboratories, 1977, pp. 78\u201390."},{"key":"3744_CR6","doi-asserted-by":"publisher","unstructured":"Beller, M., Bholanath, R., McIntosh, S., and Zaidman, A., Analyzing the state of static analysis: a large-scale evaluation in open source software, Proc. 23rd IEEE Int. Conf. on Software Analysis, Evolution, and Reengineering (SANER 2016), Suita, 2016, pp. 470\u2013481. https:\/\/doi.org\/10.1109\/SANER.2016.105","DOI":"10.1109\/SANER.2016.105"},{"key":"3744_CR7","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/MSP.2004.111","volume":"2","author":"B. Chess","year":"2004","unstructured":"Chess, B. and McGraw, G., Static analysis for security, IEEE Secur. Privacy, 2004, vol. 2, no. 6, pp. 76\u201379. https:\/\/doi.org\/10.1109\/MSP.2004.111","journal-title":"IEEE Secur. Privacy"},{"key":"3744_CR8","doi-asserted-by":"crossref","unstructured":"Fromherz, A., Ouadjaout, A., and Mine, A., Static value analysis of Python programs by abstract interpretation, in Proc. 10th NASA Formal Methods Int. Symp. (NFM 2018), Springer, 2018, pp. 185\u2013202.","DOI":"10.1007\/978-3-319-77935-5_14"},{"key":"3744_CR9","doi-asserted-by":"crossref","unstructured":"Oyetoyan, T.D., Milosheska, B., Grini, M., and Cruzes, D.S., Myths and facts about static application security testing tools: an action research at Telenor Digital, in Proc. 19th Conf. on Agile Processes in Software Engineering and Extreme Programming (XP 2018), Porto, \n               2018, Springer, 2018, pp. 86\u2013103.","DOI":"10.1007\/978-3-319-91602-6_6"},{"key":"3744_CR10","doi-asserted-by":"publisher","first-page":"1419","DOI":"10.1007\/s10664-019-09750-5","volume":"25","author":"C. Vassallo","year":"2020","unstructured":"Vassallo, C., Panichella, S., Palomba, F., Proksch, S., Gall, H.C., and Zaidman, A., How developers engage with static analysis tools in different contexts, Empirical Software Eng., 2020, vol. 25, pp. 1419\u20131457. https:\/\/doi.org\/10.1007\/s10664-019-09750-5","journal-title":"Empirical Software Eng."},{"key":"3744_CR11","doi-asserted-by":"publisher","first-page":"877","DOI":"10.1109\/TSE.2018.2810116","volume":"45","author":"J. Smith","year":"2019","unstructured":"Smith, J., Johnson, B., Murphy-Hill, E., Chu, B., and Lipford, H.R., How developers diagnose potential security vulnerabilities with a static analysis tool, IEEE Trans. Software Eng., 2019, vol. 45, no. 9, pp. 877\u2013897. https:\/\/doi.org\/10.1109\/TSE.2018.2810116","journal-title":"IEEE Trans. Software Eng."},{"key":"3744_CR12","unstructured":"OWASP Web Security Testing Guide. https:\/\/github.com\/OWASP\/wstg. Cited 04.05.2022."},{"key":"3744_CR13","unstructured":"Common Weakness Enumeration. https:\/\/cwe.mitre.org\/about\/index.html. Cited 04.05.2022."},{"key":"3744_CR14","unstructured":"CVE. https:\/\/cve.mitre.org\/. Cited: 04.05.2022."},{"key":"3744_CR15","unstructured":"OWASP Top 10 \u2013 2021. https:\/\/owasp.org\/Top10\/. Cited 04.05.2022."},{"key":"3744_CR16","unstructured":"TIOBE Index for March 2022. https:\/\/www.tiobe.com\/tiobe-index\/. Cited 04.05.2022."},{"key":"3744_CR17","unstructured":"Django Software Foundation. Security in Django. https:\/\/docs.djangoproject.com\/en\/3.0\/topics\/security\/. Cited 04.05.2022."},{"key":"3744_CR18","doi-asserted-by":"crossref","unstructured":"Xia, X., He, X., Yan, Y., Xu, L., and Xu, B., An empirical study of dynamic types for python projects, in Proc. 8th Int. Conf. on Software Analysis, Testing, and Evolution (SATE 2018), Springer, 2018, pp. 85\u2013100.","DOI":"10.1007\/978-3-030-04272-1_6"},{"key":"3744_CR19","doi-asserted-by":"crossref","unstructured":"Ruohonen, J., An empirical analysis of vulnerabilities in Python packages for web applications, in Proc. 9th IEEE Int. Workshop on Empirical Software Engineering in Practice (IWESEP 2018), Nara, 2018, pp. 25\u201330.","DOI":"10.1109\/IWESEP.2018.00013"},{"key":"3744_CR20","unstructured":"The Python Package Index (PyPI) is a repository of software for the Python programming language. https:\/\/pypi.org\/. Cited 04.05.2022."},{"key":"3744_CR21","doi-asserted-by":"crossref","unstructured":"Ruohonen, J., Hjerpee, K., and Rindell, K., A large-scale security-oriented static analysis of python packages in PyPi, Proc. 18th IEEE Annu. Int. Conf. on Privacy, Security and Trust (PST 2021), Auckland (online), 2021, pp. 1\u201310.","DOI":"10.1109\/PST52912.2021.9647791"},{"key":"3744_CR22","unstructured":"Welcome to the Bandit documentation! \u2013 Bandit documentation. https:\/\/bandit.readthedocs.io\/en\/latest\/. Cited 04.05.2022."},{"key":"3744_CR23","unstructured":"A Collection of Datasets for Big Code Analysis. https:\/\/github.com\/CUHK-ARISE\/ml4code-dataset. Cited 04.05.2022."},{"key":"3744_CR24","unstructured":"Secure, Reliable, and Intelligent Systems Lab | SRI Group Website. https:\/\/www.sri.inf.ethz.ch\/. Cited 04.05.2022."},{"key":"3744_CR25","unstructured":"Infowatch Appercut. https:\/\/www.infowatch.ru\/products\/appercut. Cited 04.05.2022."},{"key":"3744_CR26","unstructured":"AK-VS 2. https:\/\/npo-echelon.ru\/production\/65\/4243. Cited 09.04.2022."},{"key":"3744_CR27","unstructured":"pylint: 2.13.5. https:\/\/pypi.org\/project\/pylint\/. Cited 04.05.2022."},{"key":"3744_CR28","unstructured":"Welcome to mypy documentation! \u2013 Mypy 0.942 documentation. https:\/\/mypy.readthedocs.io\/en\/stable\/#. Cited 04.05.2022."},{"key":"3744_CR29","doi-asserted-by":"publisher","unstructured":"Edmundson, A., Holtkamp, B., Rivera, E., Finifter, M., Mettler, A., and Wagner, D., An empirical study on the effectiveness of security code review, in Proc. 5th Int. Symp. on Engineering Secure Software and Systems (ESSoS 2013), Paris, 2013, pp. 197\u2013212. https:\/\/doi.org\/10.1007\/978-3-642-36563-8_14","DOI":"10.1007\/978-3-642-36563-8_14"},{"key":"3744_CR30","unstructured":"Exploiting Python pickles. https:\/\/davidhamann.de\/2020\/04\/05\/exploiting-python-pickle\/. Cited 04.05.2022."},{"key":"3744_CR31","unstructured":"Database of Information Safety Risks. https:\/\/bdu.fstec.ru\/vul. Cited 04.05.2022."},{"key":"3744_CR32","unstructured":"Python Python: list of security vulnerabilities. https:\/\/www.cvedetails.com\/vulnerability-list\/vendor_id-10210\/product_id-18230\/opov-1\/Python-Python.html. Cited 04.05.2022."}],"container-title":["Programming and Computer Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1134\/S0361768823040072.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1134\/S0361768823040072","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1134\/S0361768823040072.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T02:54:22Z","timestamp":1775012062000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1134\/S0361768823040072"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,28]]},"references-count":32,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2023,8]]}},"alternative-id":["3744"],"URL":"https:\/\/doi.org\/10.1134\/s0361768823040072","relation":{},"ISSN":["0361-7688","1608-3261"],"issn-type":[{"value":"0361-7688","type":"print"},{"value":"1608-3261","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,7,28]]},"assertion":[{"value":"9 January 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 February 2023","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 March 2023","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"28 July 2023","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}