{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T13:23:44Z","timestamp":1773840224158,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,10,10]],"date-time":"2022-10-10T00:00:00Z","timestamp":1665360000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"INESC-ID","award":["UIDP\/50021\/2020"],"award-info":[{"award-number":["UIDP\/50021\/2020"]}]},{"name":"PRONEX","award":["APQ\/0388-1.03\/14"],"award-info":[{"award-number":["APQ\/0388-1.03\/14"]}]},{"name":"FACEPE grants","award":["APQ-0399-1.03\/17"],"award-info":[{"award-number":["APQ-0399-1.03\/17"]}]},{"name":"CNPq grant","award":["465614\/2014-0"],"award-info":[{"award-number":["465614\/2014-0"]}]},{"name":"CAPES grant","award":["88887.136410\/2017-00"],"award-info":[{"award-number":["88887.136410\/2017-00"]}]},{"name":"FCT","award":["SFRH\/BD\/143319\/2019"],"award-info":[{"award-number":["SFRH\/BD\/143319\/2019"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,10,10]]},"DOI":"10.1145\/3551349.3560419","type":"proceedings-article","created":{"date-parts":[[2023,1,5]],"date-time":"2023-01-05T20:43:54Z","timestamp":1672951434000},"page":"1-12","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":15,"title":["Leveraging Practitioners\u2019 Feedback to Improve a Security Linter"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5690-2279","authenticated-orcid":false,"given":"Sofia","family":"Reis","sequence":"first","affiliation":[{"name":"Instituto Superior T\u00e9cnico, University of Lisbon, Portugal and INESC-ID, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3734-3157","authenticated-orcid":false,"given":"Rui","family":"Abreu","sequence":"additional","affiliation":[{"name":"Faculty of Engineering of the University of Porto, Portugal and INESC-ID, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1323-8769","authenticated-orcid":false,"given":"Marcelo","family":"d'Amorim","sequence":"additional","affiliation":[{"name":"Federal University of Pernambuco, Brazil"}]},{"given":"Daniel","family":"Fortunato","sequence":"additional","affiliation":[{"name":"LIACC, Faculty of Engineering of the University of Porto, Portugal"}]}],"member":"320","published-online":{"date-parts":[[2023,1,5]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Palo Alto Networks. Unit 42 Cloud Threat Report 2H","year":"2020","unstructured":"2020. Palo Alto Networks. Unit 42 Cloud Threat Report 2H 2020. https:\/\/www.paloaltonetworks.com\/prisma\/unit42-cloud-threat-research."},{"key":"e_1_3_2_1_2_1","unstructured":"2022. Ask an Ethicist: Vulnerability Disclosure. https:\/\/ethics.acm.org\/integrity-project\/ask-an-ethicist\/ask-an-ethicist-vulnerability-disclosure\/."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2961111.2962628"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1646353.1646374"},{"key":"e_1_3_2_1_5_1","volume-title":"Variance reduction","author":"Botev Zdravko","year":"2014","unstructured":"Zdravko Botev and Ad Ridder. 2014. Variance reduction. Wiley StatsRef: Statistics Reference Online(2014), 1\u20136."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER48275.2020.9054842"},{"key":"e_1_3_2_1_7_1","volume-title":"Software Vulnerabilities: Full-, Responsible-, and Non-Disclosure. https:\/\/courses.cs.washington.edu\/courses\/csep590\/05au\/whitepaper_turnin\/software_vulnerabilities_by_cencini_yu_chan.pdf","author":"Cencini Andrew","year":"2005","unstructured":"Andrew Cencini, Kevin Yu, and Tony Chan. 2005. Software Vulnerabilities: Full-, Responsible-, and Non-Disclosure. https:\/\/courses.cs.washington.edu\/courses\/csep590\/05au\/whitepaper_turnin\/software_vulnerabilities_by_cencini_yu_chan.pdf"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2018.8622456"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970347"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1177\/001316446002000104"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","unstructured":"Stefano Dalla\u00a0Palma Dario Di\u00a0Nucci Fabio Palomba and Damian\u00a0Andrew Tamburri. 2020. Towards a catalogue of software quality metrics for infrastructure code. Journal of Systems and Software(2020) 110726. https:\/\/doi.org\/10.1016\/j.jss.2020.110726","DOI":"10.1016\/j.jss.2020.110726"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/LADC.2016.25"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338112"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.23055"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE43902.2021.00121"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2018.00030"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387462"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSME.2019.00092"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SCAM.2018.00009"},{"key":"e_1_3_2_1_20_1","unstructured":"Thomas Hruska. 2011. How to calculate Password Strength...http:\/\/cubicspot.blogspot.com\/2011\/11\/how-to-calculate-password-strength.html."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2015.12"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2013.6606613"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2017.53"},{"key":"e_1_3_2_1_24_1","volume-title":"Interrater Reliability: the Kappa Statistic. Biochemia medica: Biochemia medica 22, 3","author":"McHugh L","year":"2012","unstructured":"Mary\u00a0L McHugh. 2012. Interrater Reliability: the Kappa Statistic. Biochemia medica: Biochemia medica 22, 3 (2012), 276\u2013282."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/SCAM.2016.25"},{"key":"e_1_3_2_1_26_1","volume-title":"Second International Workshop(RAID\u201999)","author":"Mutaf Pars","year":"1999","unstructured":"Pars Mutaf. 1999. Defending against a Denial-of-Service Attack on TCP. In Recent Advances in Intrusion Detection, Second International Workshop(RAID\u201999)."},{"key":"e_1_3_2_1_27_1","volume-title":"Battles with False Positives in Static Analysis of JavaScript Web Applications in the Wild. In IEEE\/ACM International Conference on Software Engineering Companion(ICSE-C\u201916)","author":"Park Joonyoung","year":"2016","unstructured":"Joonyoung Park, Inho Lim, and Sukyoung Ryu. 2016. Battles with False Positives in Static Analysis of JavaScript Web Applications in the Wild. In IEEE\/ACM International Conference on Software Engineering Companion(ICSE-C\u201916). 61\u201370."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00033"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/RCoSE.2017.8"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3408897"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2018.00014"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2021.3065190"},{"key":"e_1_3_2_1_33_1","volume-title":"Software Engineering User Study Recruitment on Prolific: An Experience Report. In International Workshop on Recruiting Participants for Empirical Software Engineering(RoPES\u201922)","author":"Reid Brittany","year":"2022","unstructured":"Brittany Reid, Markus Wagner, Marcelo d\u2019Amorim, and Christoph Treude. 2022. Software Engineering User Study Recruitment on Prolific: An Experience Report. In International Workshop on Recruiting Participants for Empirical Software Engineering(RoPES\u201922)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3188720"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2018.8330206"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10664-019-09750-5"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"crossref","unstructured":"Xiaoyun Wang and Hongbo Yu. 2005. How to Break MD5 and Other Hash Functions. In Advances in Cryptology(EUROCRYPT\u201905) Ronald Cramer (Ed.). 19\u201335.","DOI":"10.1007\/11426639_2"}],"event":{"name":"ASE '22: 37th IEEE\/ACM International Conference on Automated Software Engineering","location":"Rochester MI USA","acronym":"ASE '22"},"container-title":["Proceedings of the 37th IEEE\/ACM International Conference on Automated Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3551349.3560419","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3551349.3560419","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T07:57:20Z","timestamp":1755849440000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3551349.3560419"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,10,10]]},"references-count":37,"alternative-id":["10.1145\/3551349.3560419","10.1145\/3551349"],"URL":"https:\/\/doi.org\/10.1145\/3551349.3560419","relation":{},"subject":[],"published":{"date-parts":[[2022,10,10]]},"assertion":[{"value":"2023-01-05","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}