{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,7]],"date-time":"2026-02-07T11:45:37Z","timestamp":1770464737694,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":14,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,10]],"date-time":"2022-10-10T00:00:00Z","timestamp":1665360000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Japan Society for the Promotion of Science (JSPS) KAKENHI","award":["P20H05706 and JP20K19774"],"award-info":[{"award-number":["P20H05706 and JP20K19774"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,10]]},"DOI":"10.1145\/3551349.3559526","type":"proceedings-article","created":{"date-parts":[[2023,1,5]],"date-time":"2023-01-05T20:43:54Z","timestamp":1672951434000},"page":"1-4","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["V-Achilles: An Interactive Visualization of Transitive Security Vulnerabilities"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6502-1107","authenticated-orcid":false,"given":"Vipawan","family":"Jarukitpipat","sequence":"first","affiliation":[{"name":"Faculty of Information and Communication Technology, Mahidol University, Thailand"}]},{"given":"Klinton","family":"Chhun","sequence":"additional","affiliation":[{"name":"Faculty of Information and Communication Technology, Mahidol University, Thailand"}]},{"given":"Wachirayana","family":"Wanprasert","sequence":"additional","affiliation":[{"name":"Faculty of Information and Communication Technology, Mahidol University, Thailand"}]},{"given":"Chaiyong","family":"Ragkhitwetsagul","sequence":"additional","affiliation":[{"name":"Faculty of Information and Communication Technology, Mahidol University, Thailand"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8188-4749","authenticated-orcid":false,"given":"Morakot","family":"Choetkiertikul","sequence":"additional","affiliation":[{"name":"Faculty of Information and Communication Technology, Mahidol University, Thailand"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2324-0608","authenticated-orcid":false,"given":"Thanwadee","family":"Sunetnanta","sequence":"additional","affiliation":[{"name":"Faculty of Information and Communication Technology, Mahidol University, Thailand"}]},{"given":"Raula Gaikovina","family":"Kula","sequence":"additional","affiliation":[{"name":"Graduate School of Information Science, Nara Institute of Science and Technology (NAIST), Japan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4439-1608","authenticated-orcid":false,"given":"Bodin","family":"Chinthanet","sequence":"additional","affiliation":[{"name":"Graduate School of Information Science, Nara Institute of Science and Technology (NAIST), Japan"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4106-699X","authenticated-orcid":false,"given":"Takashi","family":"Ishio","sequence":"additional","affiliation":[{"name":"Graduate School of Information Science, Nara Institute of Science and Technology (NAIST), Japan"}]},{"given":"Kenichi","family":"Matsumoto","sequence":"additional","affiliation":[{"name":"Graduate School of Information Science, Nara Institute of Science and Technology (NAIST), Japan"}]}],"member":"320","published-online":{"date-parts":[[2023,1,5]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-014-9325-9"},{"key":"e_1_3_2_1_2_1","first-page":"3","article-title":"Lags in the release, adoption, and propagation of npm vulnerability fixes","volume":"26","author":"Chinthanet Bodin","year":"2021","unstructured":"Bodin Chinthanet, Raula\u00a0Gaikovina Kula, Shane McIntosh, Takashi Ishio, Akinori Ihara, and Kenichi Matsumoto. 2021. Lags in the release, adoption, and propagation of npm vulnerability fixes. Empirical Software Engineering (ESME) 26, 3 (March 2021).","journal-title":"Empirical Software Engineering (ESME)"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3329781.3344149"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196398.3196401"},{"key":"e_1_3_2_1_5_1","volume-title":"The Pharo Ecosystem Case. In IEEE International Conference on Software Maintenance and Evolution (ICSME). 251\u2013260","author":"Hora Andre","year":"2015","unstructured":"Andre Hora, Romain Robbes, Nicolas Anquetil, Anne Etien, Stephane Ducasse, and Marco\u00a0Tulio Valente. 2015. How Do Developers React to API Evolution? The Pharo Ecosystem Case. In IEEE International Conference on Software Maintenance and Evolution (ICSME). 251\u2013260."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-57735-7_13"},{"key":"e_1_3_2_1_7_1","volume-title":"Structure and Evolution of Package Dependency Networks. In IEEE\/ACM Mining Software Repositories Conference (MSR). 102\u2013112","author":"Kikas Riivo","year":"2017","unstructured":"Riivo Kikas, Georgios Gousios, Marlon Dumas, and Dietmar Pfahl. 2017. Structure and Evolution of Package Dependency Networks. In IEEE\/ACM Mining Software Repositories Conference (MSR). 102\u2013112."},{"key":"e_1_3_2_1_8_1","volume-title":"Do Developers Update Their Library Dependencies?Empirical Software Engineering (ESME) 23, 1 (Feb","author":"Kula Raula\u00a0Gaikovina","year":"2018","unstructured":"Raula\u00a0Gaikovina Kula, Daniel\u00a0M. German, Ali Ouni, Takashi Ishio, and Katsuro Inoue. 2018. Do Developers Update Their Library Dependencies?Empirical Software Engineering (ESME) 23, 1 (Feb. 2018)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2393596.2393662"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2016.64"},{"key":"e_1_3_2_1_11_1","unstructured":"Snyk. 2020. The state of open source security report. Technical Report. Snyk."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1038\/nmeth.1618"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"crossref","unstructured":"Nusrat Zahan Thomas Zimmermann Patrice Godefroid Brendan Murphy Chandra Maddila and Laurie Williams. 2022. What are Weak Links in the npm Supply Chain?. In ICSE-SEIP \u201922.","DOI":"10.1109\/ICSE-SEIP55303.2022.9794068"},{"key":"e_1_3_2_1_14_1","volume-title":"Proceedings of the 28th USENIX Security Symposium","author":"Zimmermann Markus","year":"2019","unstructured":"Markus Zimmermann, Cristian\u00a0Alexandru Staicu, Michael Pradel, and Cam Tenny. 2019. Small world with high risks: A study of security threats in the NPM ecosystem. Proceedings of the 28th USENIX Security Symposium (2019), 995\u20131010."}],"event":{"name":"ASE '22: 37th IEEE\/ACM International Conference on Automated Software Engineering","location":"Rochester MI USA","acronym":"ASE '22"},"container-title":["Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3551349.3559526","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3551349.3559526","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T08:31:01Z","timestamp":1755851461000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3551349.3559526"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,10]]},"references-count":14,"alternative-id":["10.1145\/3551349.3559526","10.1145\/3551349"],"URL":"https:\/\/doi.org\/10.1145\/3551349.3559526","relation":{},"subject":[],"published":{"date-parts":[[2022,10,10]]},"assertion":[{"value":"2023-01-05","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}