Characterising harmful API uses and repair techniques: Insights from a systematic review

API use has become prevalent in current times and its purposeful management is of foremost importance to avoid undesired effects on client code. A plethora of studies focusing on the isolated investigation of different types of harmful API uses (e.g., API misuse and security vulnerabilities) have be...

Full description

Saved in:
Bibliographic Details
Published in:Computer science review Vol. 57; p. 100732
Main Authors: Ochoa, Lina, Hammad, Muhammad, Giray, Görkem, Babur, Önder, Bennin, Kwabena
Format: Journal Article
Language:English
Published: Elsevier Inc 01.08.2025
Subjects:
Application Programming Interface (API)
Client repair
Harmful API use
Program repair
Survey
Systematic literature review
Program repair
Survey
Client repair
Application Programming Interface (API)
Harmful API use
Systematic literature review
ISSN:1574-0137
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:API use has become prevalent in current times and its purposeful management is of foremost importance to avoid undesired effects on client code. A plethora of studies focusing on the isolated investigation of different types of harmful API uses (e.g., API misuse and security vulnerabilities) have been conducted before. However, a comprehensive overview of possible harmful API uses is required to help both library and client developers on the management of implemented and used APIs. Moreover, repairing such harmful uses remains a significant challenge in software development, yet recent studies indicate its widespread prevalence despite efforts to develop automatic repair techniques. This paper presents the first systematic review of 35 peer-reviewed studies on harmful API uses and their corresponding (semi-)automatic repair techniques. We categorise common types of harmful API uses in terms of the origin and root cause of events triggering the undesired use and the type of harm incurred on the client. We further analyse their repair approaches, assessing their strengths and weaknesses. Additionally, we investigate the evaluation processes and metrics employed in the outlined repair techniques. Our study contributes to advancing the state-of-the-art in harmful API repair research, by addressing open research problems and paving the way to improve and develop new repair techniques and tool capabilities. •A harmful API use has: origin location, root cause, and compatibility and harm types.•API use repair can be done via replacement mining and program transformation.•API use repair is evaluated via benchmarking, baseline comparison or case study.•API use repair should strive for generalisation, transparency and context awareness.
ISSN:1574-0137
DOI:10.1016/j.cosrev.2025.100732