Characterising harmful API uses and repair techniques: Insights from a systematic review

API use has become prevalent in current times and its purposeful management is of foremost importance to avoid undesired effects on client code. A plethora of studies focusing on the isolated investigation of different types of harmful API uses (e.g., API misuse and security vulnerabilities) have be...

Celý popis

Uloženo v:

Podrobná bibliografie
Vydáno v:	Computer science review Ročník 57; s. 100732
Hlavní autoři:	Ochoa, Lina, Hammad, Muhammad, Giray, Görkem, Babur, Önder, Bennin, Kwabena
Médium:	Journal Article
Jazyk:	angličtina
Vydáno:	Elsevier Inc 01.08.2025
Témata:	Application Programming Interface (API) Client repair Harmful API use Program repair Survey Systematic literature review Program repair Survey Client repair Application Programming Interface (API) Harmful API use Systematic literature review
ISSN:	1574-0137
On-line přístup:	Získat plný text
Tagy:	Přidat tag Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!

Abstract	API use has become prevalent in current times and its purposeful management is of foremost importance to avoid undesired effects on client code. A plethora of studies focusing on the isolated investigation of different types of harmful API uses (e.g., API misuse and security vulnerabilities) have been conducted before. However, a comprehensive overview of possible harmful API uses is required to help both library and client developers on the management of implemented and used APIs. Moreover, repairing such harmful uses remains a significant challenge in software development, yet recent studies indicate its widespread prevalence despite efforts to develop automatic repair techniques. This paper presents the first systematic review of 35 peer-reviewed studies on harmful API uses and their corresponding (semi-)automatic repair techniques. We categorise common types of harmful API uses in terms of the origin and root cause of events triggering the undesired use and the type of harm incurred on the client. We further analyse their repair approaches, assessing their strengths and weaknesses. Additionally, we investigate the evaluation processes and metrics employed in the outlined repair techniques. Our study contributes to advancing the state-of-the-art in harmful API repair research, by addressing open research problems and paving the way to improve and develop new repair techniques and tool capabilities. •A harmful API use has: origin location, root cause, and compatibility and harm types.•API use repair can be done via replacement mining and program transformation.•API use repair is evaluated via benchmarking, baseline comparison or case study.•API use repair should strive for generalisation, transparency and context awareness.
AbstractList	API use has become prevalent in current times and its purposeful management is of foremost importance to avoid undesired effects on client code. A plethora of studies focusing on the isolated investigation of different types of harmful API uses (e.g., API misuse and security vulnerabilities) have been conducted before. However, a comprehensive overview of possible harmful API uses is required to help both library and client developers on the management of implemented and used APIs. Moreover, repairing such harmful uses remains a significant challenge in software development, yet recent studies indicate its widespread prevalence despite efforts to develop automatic repair techniques. This paper presents the first systematic review of 35 peer-reviewed studies on harmful API uses and their corresponding (semi-)automatic repair techniques. We categorise common types of harmful API uses in terms of the origin and root cause of events triggering the undesired use and the type of harm incurred on the client. We further analyse their repair approaches, assessing their strengths and weaknesses. Additionally, we investigate the evaluation processes and metrics employed in the outlined repair techniques. Our study contributes to advancing the state-of-the-art in harmful API repair research, by addressing open research problems and paving the way to improve and develop new repair techniques and tool capabilities. •A harmful API use has: origin location, root cause, and compatibility and harm types.•API use repair can be done via replacement mining and program transformation.•API use repair is evaluated via benchmarking, baseline comparison or case study.•API use repair should strive for generalisation, transparency and context awareness.
ArticleNumber	100732
Author	Ochoa, Lina Babur, Önder Giray, Görkem Hammad, Muhammad Bennin, Kwabena
Author_xml	– sequence: 1 givenname: Lina orcidid: 0000-0002-8767-036X surname: Ochoa fullname: Ochoa, Lina email: l.m.ochoa.venegas@tue.nl organization: Eindhoven University of Technology, Eindhoven, The Netherlands – sequence: 2 givenname: Muhammad orcidid: 0000-0002-6434-7260 surname: Hammad fullname: Hammad, Muhammad organization: Eindhoven University of Technology, Eindhoven, The Netherlands – sequence: 3 givenname: Görkem orcidid: 0000-0002-7023-9469 surname: Giray fullname: Giray, Görkem organization: Independent Researcher, İzmir, Turkey – sequence: 4 givenname: Önder orcidid: 0000-0002-1460-2825 surname: Babur fullname: Babur, Önder organization: Eindhoven University of Technology, Eindhoven, The Netherlands – sequence: 5 givenname: Kwabena orcidid: 0000-0001-9140-9271 surname: Bennin fullname: Bennin, Kwabena organization: Wageningen University and Research, Wageningen, The Netherlands
BookMark	eNqFkE9PAjEQxXvARFC_gYd-gcVut9tdOJgQ4h8SEj1o4q0ZulMoYbvYFgzf3pL15EFPk3mZ38u8NyID1zkk5DZn45zl8m471l3weBxzxssksargAzLMy0pkLC-qSzIKYZtkxko5JB_zDXjQEb0N1q1p2lpz2NHZ64IeAgYKrqEe92A9jag3zn4eMEzpwgW73sRAje9aCjScQsQWotXp-mjx65pcGNgFvPmZV-T98eFt_pwtX54W89ky0wWTMTONlNWKI5S6nqDUVVFLAxwnhUGsGYJYAZTASoG1EEZIXla1yVcCG46NFsUVmfa-2nchBTdK25j-6Fz0YHcqZ-rci9qqvhd17kX1vSRY_IL33rbgT_9h9z2GKVgK61XQFp3GxnrUUTWd_dvgGyYGhVY
CitedBy_id	crossref_primary_10_1007_s40964_025_01262_7 crossref_primary_10_1016_j_jss_2025_112537
Cites_doi	10.1016/j.scico.2020.102516 10.1109/ICPC.2019.00052 10.1145/3180155.3180250 10.1109/ICSME52107.2021.00019 10.1145/1103845.1094832 10.1109/ICSM.1996.565039 10.1145/2000799.2000805 10.1016/j.jss.2012.12.052 10.1145/3447245 10.1145/3266237.3266263 10.1016/j.infsof.2022.107027 10.1016/j.jss.2020.110817 10.1007/s10664-008-9077-5 10.1145/3318162 10.1145/3594264.3594265 10.1109/ICSE.2019.00067 10.1057/ejis.2012.26 10.1109/ICSE43902.2021.00020 10.1109/TSE.2018.2874648 10.1145/2884781.2884790 10.1145/2901739.2903506 10.1145/1453101.1453129 10.1109/TSE.2012.63 10.1007/s11432-020-3317-2 10.1145/3180155.3182526 10.1016/j.jss.2019.06.044 10.1109/TSE.2021.3067156 10.1109/TSE.2018.2827384 10.1007/s10664-014-9343-7 10.1109/MS.2014.80 10.1145/3511096 10.1147/sj.313.0590 10.1145/1476589.1476661 10.1145/2568225.2568324 10.1109/TSE.2015.2454513 10.1002/smr.328 10.5381/jot.2017.16.4.a2 10.1145/3377811.3380426 10.1016/j.hcc.2021.100032 10.1145/3241743 10.1016/j.jss.2022.111537 10.1007/s10664-010-9150-8 10.1016/j.cosrev.2020.100266 10.1007/s10664-021-10052-y 10.1145/3293882.3330571 10.1109/MSR.2019.00077 10.1145/361598.361623 10.1145/3579856.3582832 10.1145/2601248.2601268 10.1145/1094855.1094948 10.1145/3576039 10.1145/3377811.3380430 10.1145/3338906.3338911 10.1145/2601248.2601274 10.1109/ASE.2019.00052 10.1145/2771783.2771791 10.1109/ASE.2017.8115707 10.1109/ACCESS.2024.3406500 10.1016/j.infsof.2015.03.007 10.1145/3377811.3380378 10.1145/3643782 10.1145/3660773 10.1145/3180155.3180260 10.1145/2884781.2884800 10.1007/s10664-007-9040-x 10.1145/3540250.3549101 10.1109/TSE.2007.70747 10.1145/3485538 10.1016/j.infsof.2008.09.009 10.1109/TSE.2020.2988396 10.1145/1357010.1352618 10.1145/2970276.2970354 10.1145/3565799 10.1145/3470133 10.1109/ISSREW53611.2021.00098 10.1145/3105906 10.1145/1289971.1290000 10.1109/DASC.2014.22 10.1145/2804360.2804364
ContentType	Journal Article
Copyright	2025 The Authors
Copyright_xml	– notice: 2025 The Authors
DBID	6I. AAFTH AAYXX CITATION
DOI	10.1016/j.cosrev.2025.100732
DatabaseName	ScienceDirect Open Access Titles Elsevier:ScienceDirect:Open Access CrossRef
DatabaseTitle	CrossRef
DatabaseTitleList
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
ExternalDocumentID	10_1016_j_cosrev_2025_100732 S1574013725000097
GroupedDBID	--K --M .~1 0R~ 1B1 1~. 1~5 4.4 457 4G. 5GY 5VS 6I. 6J9 7-5 71M 8P~ AAEDT AAEDW AAFTH AAIKJ AAKOC AALRI AAOAW AAQFI AARIN AATTM AAXKI AAXUO AAYFN AAYWO ABBOA ABFRF ABJNI ABMAC ABUCO ABWVN ABXDB ACDAQ ACGFS ACNNM ACRLP ACRPL ACVFH ACZNC ADBBV ADCNI ADEZE ADMUD ADNMO AEBSH AEFWE AEIPS AEKER AEUPX AFJKZ AFPUW AFTJW AFXIZ AGCQF AGHFR AGRNS AGUBO AGYEJ AHZHX AIALX AIEXJ AIGII AIIUN AIKHN AITUG AKBMS AKRWK AKYEP ALMA_UNASSIGNED_HOLDINGS AMRAJ ANKPU AOUOD APLSM APXCP AXJTR BKOJK BLXMC BNPGV CS3 EBS EFJIC EJD EO8 EO9 EP2 EP3 FDB FEDTE FIRID FNPLU FYGXN GBLVA GBOLZ HAMUX HVGLF HZ~ IHE J1W KOM M41 MO0 N9A O-L O9- OAUVE OZT P-8 P-9 PC. Q38 RIG ROL RPZ SDF SDG SES SPC SPCBC SSB SSD SSH SSV SSZ T5K UNMZH ~G- 9DU AAYXX ACLOT CITATION EFKBS EFLBG ~HD
ID	FETCH-LOGICAL-c306t-fd667b2ea5c89e6c7386fa2e93fee80ea4baa5a054e844f462578f1b4ed2edc43
ISICitedReferencesCount	2
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001444049000001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN	1574-0137
IngestDate	Tue Nov 18 21:44:06 EST 2025 Sat Nov 29 07:49:55 EST 2025 Sat Jul 05 17:12:15 EDT 2025
IsDoiOpenAccess	true
IsOpenAccess	true
IsPeerReviewed	false
IsScholarly	true
Keywords	Program repair Survey Client repair Application Programming Interface (API) Harmful API use Systematic literature review
Language	English
License	This is an open access article under the CC BY-NC license.
LinkModel	OpenURL
MergedId	FETCHMERGED-LOGICAL-c306t-fd667b2ea5c89e6c7386fa2e93fee80ea4baa5a054e844f462578f1b4ed2edc43
ORCID	0000-0002-7023-9469 0000-0001-9140-9271 0000-0002-8767-036X 0000-0002-6434-7260 0000-0002-1460-2825
OpenAccessLink	https://dx.doi.org/10.1016/j.cosrev.2025.100732
ParticipantIDs	crossref_citationtrail_10_1016_j_cosrev_2025_100732 crossref_primary_10_1016_j_cosrev_2025_100732 elsevier_sciencedirect_doi_10_1016_j_cosrev_2025_100732
PublicationCentury	2000
PublicationDate	August 2025 2025-08-00
PublicationDateYYYYMMDD	2025-08-01
PublicationDate_xml	– month: 08 year: 2025 text: August 2025
PublicationDecade	2020
PublicationTitle	Computer science review
PublicationYear	2025
Publisher	Elsevier Inc
Publisher_xml	– name: Elsevier Inc
References	Cui, Fan, Chen, Cai, Zheng, Liu, Liu (b15) 2022; 65 Jayasuriya, Terragni, Dietrich, Blincoe (b51) 2024; 1 Garousi, Giray, Tüzün, Catal, Felderer (b31) 2019; 156 Robillard, DeLine (b104) 2011; 16 Parnas (b89) 1972; 15 Kitchenham, Brereton, Budgen, Turner, Bailey, Linkman (b57) 2007; 14 Ridder (b102) 2014 Dann, Hermann, Bodden (b19) 2023 Ossendrijver, Schroevers, Grelck (b86) 2023; 23 Saied, Sahraoui, Dufour (b105) 2015 Ira W. Cotton, Frank S. Greatorex, Data structures and techniques for remote computer graphics, in: Proceedings of the December 9–11, 1968, Fall Joint Computer Conference, Part I, 1968, pp. 533–544. Lamothe, Shang, Chen (b63) 2022; 48 Wang, Qiao, Xu, Liu, Cheung, Meng, Yu, Zhu (b124) 2021 Wei, Harzevili, Huang, Yang, Wang, Wang (b127) 2024 Ying Wang, Ming Wen, Yepang Liu, Yibo Wang, Zhenming Li, Chao Wang, Hai Yu, Shing-Chi Cheung, Chang Xu, Zhiliang Zhu, Watchman: Monitoring dependency conflicts for Python library ecosystem, in: Proceedings of the 42nd International Conference on Software Engineering, 2020, pp. 125–135. Newar, Zhao, Siy, Soh, Song (b79) 2023; 227 Tianyi Zhang, Ganesha Upadhyaya, Anastasia Reinhardt, Hridesh Rajan, Miryung Kim, Are code examples on an online Q&A forum reliable? A study of API misuse on Stack Overflow, in: Proceedings of the 40th International Conference on Software Engineering, 2018, pp. 886–896. Gao, Radhakrishna, Soares, Shariffdeen, Gulwani, Roychoudhury (b30) 2021; 5 Newbury, Ali, Craik (b80) 2021 Ilie Şavga, Michael Rudolf, Refactoring-based support for binary compatibility in evolving frameworks, in: Proceedings of the 6th International Conference on Generative Programming and Component Engineering, 2007, pp. 175–184. Amann, Nguyen, Nadi, Nguyen, Mezini (b4) 2019; 45 João Felipe Pimentel, Leonardo Murta, Vanessa Braganholo, Juliana Freire, A Large-Scale Study About Quality and Reproducibility of Jupyter Notebooks, in: Proceedings of the 16th International Conference on Mining Software Repositories, 2019, pp. 507–517. Caldiera, Rombach (b10) 1994 Edgar Hassler, Jeffrey C Carver, Nicholas A Kraft, David Hale, Outcomes of a community workshop to identify and rank barriers to the systematic literature review process, in: Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering, 2014, pp. 1–10. Huang, Chen, Pan, Wu, Peng (b48) 2022 Tian, Li, Pian, Kabore, Liu, Habib, Klein, Bissyandé (b117) 2022; 31 Zichao Qi, Fan Long, Sara Achour, Martin Rinard, An analysis of patch plausibility and correctness for generate-and-validate patch generation systems, in: Proceedings of the 2015 International Symposium on Software Testing and Analysis, 2015, pp. 24–36. Stol, Fitzgerald (b114) 2018; 27 Pan, Kim, Whitehead (b88) 2009; 14 Egele, Brumley, Fratantonio, Kruegel (b26) 2013 Whiting, Andrews (b129) 2020 Petersen, Vakkalanka, Kuzniarz (b92) 2015; 64 Kitchenham, Brereton, Budgen, Turner, Bailey, Linkman (b58) 2009; 51 Lamothe, Guéhéneuc, Shang (b62) 2021; 54 Manning (b69) 2009 Monce, Couturou, Hamdaoui, Degueule, Falleri (b73) 2024 Nguyen, Nguyen, Wilson, Nguyen, Kim, Nguyen (b81) 2010 Thomas Durieux, Fernanda Madeiral, Matias Martinez, Rui Abreu, Empirical review of Java program repair tools: A large-scale experiment on 2,141 bugs and 23,551 repair attempts, in: Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019, pp. 302–313. Jiang, Liu, Lutellier, Tan (b53) 2023 Ma, Lo, Li, Deng (b67) 2016 Kechagia, Mechtaev, Sarro, Harman (b55) 2021; 48 Shengzhe Xu, Ziqi Dong, Na Meng, Meditor: Inference and application of API migration edits, in: Proceedings of the 27th International Conference on Program Comprehension, 2019, pp. 335–346. Hou, Yao (b47) 2011 Negar Ghorbani, Joshua Garcia, Sam Malek, Detection and Repair of Architectural Inconsistencies in Java, in: Proceedings of the 41st International Conference on Software Engineering, 2019, pp. 560–571. Storey, Hoda, Milani, Baldassarre (b115) 2024 Liu, Koyuncu, Bissyandé, Kim, Klein, Le Traon (b65) 2019 William Granli, John Burchell, Imed Hammouda, Eric Knauss, The driving forces of API evolution, in: Proceedings of the 14th International Workshop on Principles of Software Evolution, 2015, pp. 28–37. Sharma, Fragkoulis, Spinellis (b110) 2016 Wang, Yu (b126) 2022 Sowa, Zachman (b113) 1992; 31 Yuan, Banzhaf (b138) 2018; 46 Dietrich, Jezek, Brada (b20) 2014 Yuan Kang, Baishakhi Ray, Suman Jana, APEx: Automated inference of error specifications for C APIs, in: Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, 2016, pp. 472–482. Le Goues, Holtschulte, Smith, Brun, Devanbu, Forrest, Weimer (b64) 2015; 41 Peguero, Cheng (b90) 2021; 1 Stefan Krüger, Sarah Nadi, Michael Reif, Karim Ali, Mira Mezini, Eric Bodden, Florian Göpfert, Felix Günther, Christian Weinert, Daniel Demmler, Ram Kamath, CogniCrypt: Supporting developers in using cryptography, in: Proceedings of the 32nd International Conference on Automated Software Engineering, 2017, pp. 931–936. Kechagia, Mitropoulos, Spinellis (b56) 2015; 20 Robillard, Bodden, Kawrykow, Mezini, Ratchford (b103) 2012; 39 Mattia Fazzini, Qi Xin, Alessandro Orso, Automated API-usage update for Android apps, in: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2019, pp. 204–215. Ochoa, Degueule, Falleri (b84) 2022 Stylos, Myers (b116) 2006 Urma, Mycroft (b122) 2012 Ekaterina Blech, Andrey Grishchenko, Ivan Kniazkov, Guangtai Liang, Oleg Serebrennikov, Andrei Tatarnikov, Polina Volkhontseva, Kuzma Yakimets, Patternika: A pattern-mining-based tool for automatic library migration, in: IEEE International Symposium on Software Reliability Engineering Workshops, 2021, pp. 333–338. Gonzalez-Barahona, Sherwood, Robles, Izquierdo (b35) 2017 Uddin, Robillard (b121) 2015; 32 Chen, Wu, Ling, Li, Rui, Luo, Wu (b12) 2024 Weimer, Nguyen, Le Goues, Forrest (b128) 2009 Rebeca C Motta, Káthia M de Oliveira, Guilherme H Travassos, On challenges in engineering IoT software systems, in: Proceedings of the XXXII Brazilian Symposium on Software Engineering, 2018, pp. 42–51. Zaitsev, Ducasse, Anquetil, Thiefaine (b139) 2022 Padioleau, Lawall, Hansen, Muller (b87) 2008; 42 Chunqiu Steven Xia, Lingming Zhang, Less Training, More Repairing Please: Revisiting Automated Program Repair via Zero-shot Learning, in: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2022, pp. 959–971. Bourque, Fairley, Society (b9) 2014 Meldrum, Licorish, Owen, Savarimuthu (b71) 2020; 199 Nickerson, Varshney (b82) 2013; 22 Ralph, Ali, Baltes, Bianculli, Diaz, Dittrich, Ernst, Felderer, Feldt, Filieri (b99) 2020 Christoph Treude, Martin P. Robillard, Augmenting API documentation with insights from Stack Overflow, in: Proceedings of the 38th International Conference on Software Engineering, 2016, pp. 392–403. Dig, Negara, Mohindra, Johnson (b23) 2008 Hammad, Basit, Jarzabek, Koschke (b39) 2020; 37 Rijnard van Tonder, Claire Le Goues, Static automated program repair for heap properties, in: Proceedings of the 40th International Conference on Software Engineering, 2018, pp. 151–162. Giray, Bennin, Köksal, Babur, Tekinerdogan (b34) 2023; 195 Ait, Izquierdo, Cabot (b2) 2022 Dig, Johnson (b22) 2006; 18 Haryono, Thung, Kang, Serrano, Muller, Lawall, Lo, Jiang (b40) 2020 Henkel, Diwan (b44) 2005 Maleshkova, Pedrinaci, Domingue (b68) 2010 Haryono, Thung, Lo, Lawall, Jiang (b42) 2021 Claes Wohlin, Guidelines for snowballing in systematic literature studies and a replication in software engineering, in: Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering, 2014, pp. 1–10. Benjamin Barslev Nielsen, Martin Toldam Torp, Anders Møller, Semantic Patches for Adaptation of JavaScript Programs to Evolving Libraries, in: Proceedings of the 43rd International Conference on Software Engineering, 2021, pp. 74–85. Zhang, Ernst (b140) 2014 Foo, Chua, Yeo, Ang, Sharma (b28) 2018 Monperrus (b75) 2018; 51 Zhang, Fang, Sun, Liu, He, Hao, Chen (b141) 2024 Acar, Backes, Fahl, Kim, Mazurek, Stransky (b1) 2016 Lam, Dietrich, Pearce (b61) 2020 Sandhu (b106) 1998; vol. 46 Mohagheghi, Conradi (b72) 2007; 12 Chow, Notkin, Semi-automatic Update of Applications in Response to Library Changes, in: Proceedings of International Conference on Software Maintenance, 1996, pp. 359–368. Banerjee (b6) 1991 Chen, Hassan, Wang, Zhang (b11) 2020 Jezek, Dietrich (b52) 2017; 16 Barthélémy Dagenais, Harold Ossher, Automatically locating framework extension examples, in: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2008, pp. 203–213. Md Johirul Islam, Rangeet Pan, Giang Nguyen, Hridesh Rajan, Repairing deep neural networks: Fix patterns and challenges, in: Proceedings of the 42nd International Conference on Software Engineering, 2020, pp. 1135–1146. Petrulio, Sawant, Bacchelli (b93) 2021; 26 Peguero, Zhang, Cheng (b91) 2018 Schultz, Brown, Longstaff (b109) 1990 Tian, Liu, Li, Kaboré, Koyuncu, Habib, Li, Wen, Klein, Bissyandé (b118) 2023; 32 Xing, Stroulia (b135) 2007; 33 Danny Dig, Using refactorings to automatically update component-based applications, in: Companion To the 20th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, 2005, pp. 228–230. Sven Amann, Sarah Nadi, Hoan A Nguyen, Tien N Nguyen, Mira Mezini, MUBench: A benchmark for API-misuse detectors, in: Proceedings of the 13th International Conference on Mining Software Repositories, 2016, pp. 464–467. Xiaoxue Ren, Jiamou Sun, Zhenchang Xing, Xin Xia, Jianling Sun, Demystify official API usage directives with crowdsourced API misuse scenarios, erroneous code examples and patches, in: Proceedings of the 42nd International Conference on Software Engineering, 2020, pp. 925–936. ISO (b50) 2017 Rahaman, Xiao, Afrose, Shaon, Tian, Frantz, Kantarcioglu, Yao (b98) 2019 Sarah Nadi, Stefan Krüger, Mira Mezini, Eric Mohagheghi (10.1016/j.cosrev.2025.100732_b72) 2007; 12 Xing (10.1016/j.cosrev.2025.100732_b135) 2007; 33 Meldrum (10.1016/j.cosrev.2025.100732_b71) 2020; 199 Monperrus (10.1016/j.cosrev.2025.100732_b75) 2018; 51 Kitchenham (10.1016/j.cosrev.2025.100732_b57) 2007; 14 10.1016/j.cosrev.2025.100732_b74 Whiting (10.1016/j.cosrev.2025.100732_b129) 2020 10.1016/j.cosrev.2025.100732_b77 10.1016/j.cosrev.2025.100732_b78 Schultz (10.1016/j.cosrev.2025.100732_b109) 1990 Haryono (10.1016/j.cosrev.2025.100732_b42) 2021 Maleshkova (10.1016/j.cosrev.2025.100732_b68) 2010 Kitchenham (10.1016/j.cosrev.2025.100732_b59) 2015 10.1016/j.cosrev.2025.100732_b83 Petersen (10.1016/j.cosrev.2025.100732_b92) 2015; 64 Robillard (10.1016/j.cosrev.2025.100732_b104) 2011; 16 Sharma (10.1016/j.cosrev.2025.100732_b110) 2016 Xia (10.1016/j.cosrev.2025.100732_b133) 2023 Wang (10.1016/j.cosrev.2025.100732_b126) 2022 Stylos (10.1016/j.cosrev.2025.100732_b116) 2006 Sandhu (10.1016/j.cosrev.2025.100732_b106) 1998; vol. 46 10.1016/j.cosrev.2025.100732_b101 Lamothe (10.1016/j.cosrev.2025.100732_b63) 2022; 48 Egele (10.1016/j.cosrev.2025.100732_b26) 2013 Dagenais (10.1016/j.cosrev.2025.100732_b18) 2011; 20 Mostafa (10.1016/j.cosrev.2025.100732_b76) 2017 10.1016/j.cosrev.2025.100732_b94 Zhang (10.1016/j.cosrev.2025.100732_b141) 2024 10.1016/j.cosrev.2025.100732_b107 Dietrich (10.1016/j.cosrev.2025.100732_b20) 2014 Henkel (10.1016/j.cosrev.2025.100732_b44) 2005 Lam (10.1016/j.cosrev.2025.100732_b61) 2020 Jayasuriya (10.1016/j.cosrev.2025.100732_b51) 2024; 1 Marginean (10.1016/j.cosrev.2025.100732_b70) 2019 Stol (10.1016/j.cosrev.2025.100732_b114) 2018; 27 Gonzalez-Barahona (10.1016/j.cosrev.2025.100732_b35) 2017 Dann (10.1016/j.cosrev.2025.100732_b19) 2023 Wei (10.1016/j.cosrev.2025.100732_b127) 2024 Bourque (10.1016/j.cosrev.2025.100732_b9) 2014 Ma (10.1016/j.cosrev.2025.100732_b67) 2016 Ochoa (10.1016/j.cosrev.2025.100732_b85) 2022; 27 Dig (10.1016/j.cosrev.2025.100732_b23) 2008 10.1016/j.cosrev.2025.100732_b54 Giray (10.1016/j.cosrev.2025.100732_b34) 2023; 195 Qi (10.1016/j.cosrev.2025.100732_b96) 2018 Tom (10.1016/j.cosrev.2025.100732_b119) 2013; 86 Ossendrijver (10.1016/j.cosrev.2025.100732_b86) 2023; 23 Nguyen (10.1016/j.cosrev.2025.100732_b81) 2010 10.1016/j.cosrev.2025.100732_b60 Chen (10.1016/j.cosrev.2025.100732_b12) 2024 Zaitsev (10.1016/j.cosrev.2025.100732_b139) 2022 Jiang (10.1016/j.cosrev.2025.100732_b53) 2023 Yin (10.1016/j.cosrev.2025.100732_b137) 2011 Şavga (10.1016/j.cosrev.2025.100732_b108) 2008 Garousi (10.1016/j.cosrev.2025.100732_b31) 2019; 156 Lamothe (10.1016/j.cosrev.2025.100732_b62) 2021; 54 Monce (10.1016/j.cosrev.2025.100732_b73) 2024 Saied (10.1016/j.cosrev.2025.100732_b105) 2015 Sohan (10.1016/j.cosrev.2025.100732_b112) 2015 Zhu (10.1016/j.cosrev.2025.100732_b143) 2021 Wang (10.1016/j.cosrev.2025.100732_b124) 2021 Tian (10.1016/j.cosrev.2025.100732_b117) 2022; 31 10.1016/j.cosrev.2025.100732_b3 Cui (10.1016/j.cosrev.2025.100732_b15) 2022; 65 10.1016/j.cosrev.2025.100732_b7 Liu (10.1016/j.cosrev.2025.100732_b66) 2021; 171 Zhang (10.1016/j.cosrev.2025.100732_b140) 2014 Rahaman (10.1016/j.cosrev.2025.100732_b98) 2019 Foo (10.1016/j.cosrev.2025.100732_b28) 2018 Wu (10.1016/j.cosrev.2025.100732_b131) 2023; 32 Nickerson (10.1016/j.cosrev.2025.100732_b82) 2013; 22 10.1016/j.cosrev.2025.100732_b130 10.1016/j.cosrev.2025.100732_b32 10.1016/j.cosrev.2025.100732_b33 10.1016/j.cosrev.2025.100732_b134 Bogart (10.1016/j.cosrev.2025.100732_b8) 2021; 30 10.1016/j.cosrev.2025.100732_b37 Yuan (10.1016/j.cosrev.2025.100732_b138) 2018; 46 Le Goues (10.1016/j.cosrev.2025.100732_b64) 2015; 41 10.1016/j.cosrev.2025.100732_b136 Balaban (10.1016/j.cosrev.2025.100732_b5) 2005; 40 Goues (10.1016/j.cosrev.2025.100732_b36) 2019; 62 Haindl (10.1016/j.cosrev.2025.100732_b38) 2024 10.1016/j.cosrev.2025.100732_b49 Tian (10.1016/j.cosrev.2025.100732_b118) 2023; 32 Hou (10.1016/j.cosrev.2025.100732_b47) 2011 Jezek (10.1016/j.cosrev.2025.100732_b52) 2017; 16 10.1016/j.cosrev.2025.100732_b41 Newbury (10.1016/j.cosrev.2025.100732_b80) 2021 10.1016/j.cosrev.2025.100732_b43 10.1016/j.cosrev.2025.100732_b45 Chen (10.1016/j.cosrev.2025.100732_b11) 2020 10.1016/j.cosrev.2025.100732_b142 Urma (10.1016/j.cosrev.2025.100732_b122) 2012 Kechagia (10.1016/j.cosrev.2025.100732_b55) 2021; 48 Ochoa (10.1016/j.cosrev.2025.100732_b84) 2022 Acar (10.1016/j.cosrev.2025.100732_b1) 2016 Banerjee (10.1016/j.cosrev.2025.100732_b6) 1991 Hammad (10.1016/j.cosrev.2025.100732_b39) 2020; 37 Storey (10.1016/j.cosrev.2025.100732_b115) 2024 Newar (10.1016/j.cosrev.2025.100732_b79) 2023; 227 Haryono (10.1016/j.cosrev.2025.100732_b40) 2020 Zubair (10.1016/j.cosrev.2025.100732_b144) 2024 Ait (10.1016/j.cosrev.2025.100732_b2) 2022 10.1016/j.cosrev.2025.100732_b17 Manning (10.1016/j.cosrev.2025.100732_b69) 2009 Huang (10.1016/j.cosrev.2025.100732_b48) 2022 10.1016/j.cosrev.2025.100732_b97 Gao (10.1016/j.cosrev.2025.100732_b30) 2021; 5 Wu (10.1016/j.cosrev.2025.100732_b132) 2022; 151 10.1016/j.cosrev.2025.100732_b111 10.1016/j.cosrev.2025.100732_b13 10.1016/j.cosrev.2025.100732_b14 Uddin (10.1016/j.cosrev.2025.100732_b121) 2015; 32 Liu (10.1016/j.cosrev.2025.100732_b65) 2019 Sowa (10.1016/j.cosrev.2025.100732_b113) 1992; 31 Padioleau (10.1016/j.cosrev.2025.100732_b87) 2008; 42 ISO (10.1016/j.cosrev.2025.100732_b50) 2017 Reinking (10.1016/j.cosrev.2025.100732_b100) 2015 Fowler (10.1016/j.cosrev.2025.100732_b29) 1999 Preston-Werner (10.1016/j.cosrev.2025.100732_b95) 2013 Peguero (10.1016/j.cosrev.2025.100732_b90) 2021; 1 10.1016/j.cosrev.2025.100732_b27 Pan (10.1016/j.cosrev.2025.100732_b88) 2009; 14 Peguero (10.1016/j.cosrev.2025.100732_b91) 2018 Petrulio (10.1016/j.cosrev.2025.100732_b93) 2021; 26 Weimer (10.1016/j.cosrev.2025.100732_b128) 2009 10.1016/j.cosrev.2025.100732_b21 10.1016/j.cosrev.2025.100732_b24 10.1016/j.cosrev.2025.100732_b123 10.1016/j.cosrev.2025.100732_b25 10.1016/j.cosrev.2025.100732_b120 Dig (10.1016/j.cosrev.2025.100732_b22) 2006; 18 Cunningham (10.1016/j.cosrev.2025.100732_b16) 1992 Robillard (10.1016/j.cosrev.2025.100732_b103) 2012; 39 10.1016/j.cosrev.2025.100732_b125 Ridder (10.1016/j.cosrev.2025.100732_b102) 2014 Caldiera (10.1016/j.cosrev.2025.100732_b10) 1994 Kitchenham (10.1016/j.cosrev.2025.100732_b58) 2009; 51 Amann (10.1016/j.cosrev.2025.100732_b4) 2019; 45 Hossain (10.1016/j.cosrev.2025.100732_b46) 2024; 1 Ralph (10.1016/j.cosrev.2025.100732_b99) 2020 Kechagia (10.1016/j.cosrev.2025.100732_b56) 2015; 20 Parnas (10.1016/j.cosrev.2025.100732_b89) 1972; 15
References_xml	– year: 1999 ident: b29 article-title: Refactoring: Improving the Design of Existing Code – volume: 26 year: 2021 ident: b93 article-title: The indolent lambdification of Java: Understanding the support for lambda expressions in the Java ecosystem publication-title: Empir. Softw. Engg. – volume: 22 start-page: 336 year: 2013 end-page: 359 ident: b82 article-title: A method for taxonomy development and its application in information systems publication-title: Eur. J. Inf. Syst. – reference: Ilie Şavga, Michael Rudolf, Refactoring-based support for binary compatibility in evolving frameworks, in: Proceedings of the 6th International Conference on Generative Programming and Component Engineering, 2007, pp. 175–184. – volume: 15 start-page: 1053 year: 1972 end-page: 1058 ident: b89 article-title: On the criteria to be used in decomposing systems into modules publication-title: Commun. ACM – start-page: 2455 year: 2019 end-page: 2472 ident: b98 article-title: CryptoGuard: High precision detection of cryptographic vulnerabilities in massive-sized Java projects publication-title: ACM SIGSAC Conference on Computer and Communications Security – volume: 64 start-page: 1 year: 2015 end-page: 18 ident: b92 article-title: Guidelines for conducting systematic mapping studies in software engineering: An update publication-title: Inf. Softw. Technol. – volume: 86 start-page: 1498 year: 2013 end-page: 1516 ident: b119 article-title: An exploration of technical debt publication-title: J. Syst. Softw. – year: 2024 ident: b115 article-title: Guidelines for using mixed and multi methods research in software engineering – reference: Tianyi Zhang, Ganesha Upadhyaya, Anastasia Reinhardt, Hridesh Rajan, Miryung Kim, Are code examples on an online Q&A forum reliable? A study of API misuse on Stack Overflow, in: Proceedings of the 40th International Conference on Software Engineering, 2018, pp. 886–896. – start-page: 364 year: 2009 end-page: 374 ident: b128 article-title: Automatically finding patches using genetic programming publication-title: 2009 IEEE 31st International Conference on Software Engineering – start-page: 401 year: 2020 end-page: 405 ident: b40 article-title: Automatic Android deprecated-API usage update by learning from single updated example publication-title: Proceedings of the 28th International Conference on Program Comprehension – reference: Shengzhe Xu, Ziqi Dong, Na Meng, Meditor: Inference and application of API migration edits, in: Proceedings of the 27th International Conference on Program Comprehension, 2019, pp. 335–346. – start-page: 131 year: 2011 end-page: 140 ident: b47 article-title: Exploring the intent behind API evolution: A case study publication-title: Proceedings of the 18th Working Conference on Reverse Engineering – reference: Claes Wohlin, Guidelines for snowballing in systematic literature studies and a replication in software engineering, in: Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering, 2014, pp. 1–10. – reference: Sarah Nadi, Stefan Krüger, Mira Mezini, Eric Bodden, Jumping through hoops: Why do Java developers struggle with cryptography APIs?, in: Proceedings of the 38th International Conference on Software Engineering, 2016, pp. 935–946. – reference: Ying Wang, Ming Wen, Yepang Liu, Yibo Wang, Zhenming Li, Chao Wang, Hai Yu, Shing-Chi Cheung, Chang Xu, Zhiliang Zhu, Watchman: Monitoring dependency conflicts for Python library ecosystem, in: Proceedings of the 42nd International Conference on Software Engineering, 2020, pp. 125–135. – start-page: 73 year: 2013 end-page: 84 ident: b26 article-title: An empirical study of cryptographic misuse in Android applications publication-title: ACM SIGSAC Conference on Computer & Communications Security – reference: Rijnard van Tonder, Claire Le Goues, Static automated program repair for heap properties, in: Proceedings of the 40th International Conference on Software Engineering, 2018, pp. 151–162. – start-page: 159 year: 2011 end-page: 172 ident: b137 article-title: An empirical study on configuration errors in commercial and open source systems publication-title: 23th ACM Symposium on Operating Systems Principles – reference: Ekaterina Blech, Andrey Grishchenko, Ivan Kniazkov, Guangtai Liang, Oleg Serebrennikov, Andrei Tatarnikov, Polina Volkhontseva, Kuzma Yakimets, Patternika: A pattern-mining-based tool for automatic library migration, in: IEEE International Symposium on Software Reliability Engineering Workshops, 2021, pp. 333–338. – start-page: 102 year: 2019 end-page: 113 ident: b65 article-title: You cannot fix what you cannot find! An investigation of fault localization bias in benchmarking automated program repair systems publication-title: Proceedings of the 12th IEEE Conference on Software Testing, Validation and Verification – volume: 40 start-page: 265 year: 2005 end-page: 279 ident: b5 article-title: Refactoring support for class library migration publication-title: ACM SIGPLAN Not. – start-page: 29 year: 1992 end-page: 30 ident: b16 article-title: The WyCash portfolio management system publication-title: Addendum To the Proceedings on Object-Oriented Programming Systems, Languages, and Applications – year: 2015 ident: b59 publication-title: Evidence-Based Software Engineering and Systematic Reviews – reference: Yuan Kang, Baishakhi Ray, Suman Jana, APEx: Automated inference of error specifications for C APIs, in: Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, 2016, pp. 472–482. – volume: 195 year: 2023 ident: b34 article-title: On the use of deep learning in software defect prediction publication-title: J. Syst. Softw. – start-page: 73 year: 2021 end-page: 82 ident: b80 article-title: Hotfixing misuses of crypto APIs in Java programs publication-title: Proceedings of the 31st Annual International Conference on Computer Science and Software Engineering – start-page: 22 year: 2022 end-page: 37 ident: b139 article-title: DepMiner: Automatic recommendation of transformation rules for method deprecation publication-title: International Conference on Software and Software Reuse – volume: 16 start-page: 703 year: 2011 end-page: 732 ident: b104 article-title: A field study of API learning obstacles publication-title: Empir. Softw. Eng. – start-page: 157 year: 2020 end-page: 179 ident: b61 article-title: Putting the semantics into semantic versioning publication-title: ACM SIGPLAN International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software – reference: Shao Shuai, Dong Guowei, Guo Tao, Yang Tianchang, Shi Chenjie, Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications, in: Proceedings of the 12th International Conference on Dependable, Autonomic and Secure Computing, 2014, pp. 75–80. – reference: Mattia Fazzini, Qi Xin, Alessandro Orso, Automated API-usage update for Android apps, in: Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2019, pp. 204–215. – volume: 5 year: 2021 ident: b30 article-title: APIfix: Output-oriented program synthesis for combating breaking changes in libraries publication-title: Proc. ACM Program. Lang. – volume: 23 start-page: 5 year: 2023 end-page: 19 ident: b86 article-title: Automating library migrations with error prone and Refaster publication-title: SIGAPP Appl. Comput. Rev. – start-page: 195 year: 2006 end-page: 202 ident: b116 article-title: Mica: A web-search tool for finding API components and examples publication-title: Visual Languages and Human-Centric Computing – volume: 51 start-page: 7 year: 2009 end-page: 15 ident: b58 article-title: Systematic literature reviews in software engineering–A systematic literature review publication-title: Inf. Softw. Technol. – reference: Chunqiu Steven Xia, Lingming Zhang, Less Training, More Repairing Please: Revisiting Automated Program Repair via Zero-shot Learning, in: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2022, pp. 959–971. – year: 1990 ident: b109 article-title: Responding to Computer Security Incidents: Guidelines for Incident Handling – reference: Benjamin Barslev Nielsen, Martin Toldam Torp, Anders Møller, Semantic Patches for Adaptation of JavaScript Programs to Evolving Libraries, in: Proceedings of the 43rd International Conference on Software Engineering, 2021, pp. 74–85. – reference: Martin Monperrus, A critical review of “automatic patch generation learned from human-written patches”: Essay on the problem statement and the evaluation of automatic software repair, in: Proceedings of the 36th International Conference on Software Engineering, 2014, pp. 234–242. – start-page: 584 year: 2021 end-page: 588 ident: b42 article-title: MLCatchUp: Automated update of deprecated machine-learning APIs in Python publication-title: IEEE International Conference on Software Maintenance and Evolution – volume: 20 year: 2011 ident: b18 article-title: Recommending adaptive changes for framework evolution publication-title: ACM Trans. Softw. Eng. Methodol. – volume: 41 start-page: 1236 year: 2015 end-page: 1256 ident: b64 article-title: The ManyBugs and IntroClass benchmarks for automated repair of C programs publication-title: IEEE Trans. Softw. Eng. – year: 2009 ident: b69 article-title: An Introduction to Information Retrieval – reference: João Felipe Pimentel, Leonardo Murta, Vanessa Braganholo, Juliana Freire, A Large-Scale Study About Quality and Reproducibility of Jupyter Notebooks, in: Proceedings of the 16th International Conference on Mining Software Repositories, 2019, pp. 507–517. – volume: 32 start-page: 1 year: 2023 end-page: 34 ident: b118 article-title: The best of both worlds: Combining learned embeddings with engineered features for accurate prediction of correct patches publication-title: ACM Trans. Softw. Eng. Methodol. – reference: Edgar Hassler, Jeffrey C Carver, Nicholas A Kraft, David Hale, Outcomes of a community workshop to identify and rank barriers to the systematic literature review process, in: Proceedings of the 18th International Conference on Evaluation and Assessment in Software Engineering, 2014, pp. 1–10. – volume: 1 year: 2021 ident: b90 article-title: Electrolint and security of Electron applications publication-title: High-Confid. Comput. – start-page: 35 year: 2012 end-page: 38 ident: b122 article-title: Programming language evolution via source code query languages publication-title: Proceedings of the 4th Annual Workshop on Evaluation and Usability of Programming Languages and Tools – start-page: 99 year: 2021 end-page: 111 ident: b124 article-title: Hero: On the chaos when PATH meets modules publication-title: Proceedings of the 43rd International Conference on Software Engineering – start-page: 107 year: 2010 end-page: 114 ident: b68 article-title: Investigating web APIs on the World Wide Web publication-title: Proceedings of the 8th IEEE European Conference on Web Services – year: 2014 ident: b102 article-title: Book Review: Qualitative Data Analysis. A Methods Sourcebook – volume: 37 year: 2020 ident: b39 article-title: A systematic mapping study of clone visualization publication-title: Comput. Sci. Rev. – start-page: 441 year: 2008 end-page: 450 ident: b23 article-title: ReBA: Refactoring-aware binary adaptation of evolving libraries publication-title: Proceedings of the 30th International Conference on Software Engineering – start-page: 215 year: 2017 end-page: 225 ident: b76 article-title: Experience paper: A study on behavioral backward incompatibilities of Java software libraries publication-title: Proceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis – year: 2017 ident: b50 article-title: Systems and Software Engineering — Vocabulary – volume: 54 start-page: 1 year: 2021 end-page: 36 ident: b62 article-title: A systematic review of API evolution literature publication-title: ACM Comput. Surv. – start-page: 152 year: 2014 end-page: 163 ident: b140 article-title: Which configuration option should I change? publication-title: Proceedings of the 36th International Conference on Software Engineering – start-page: 1430 year: 2023 end-page: 1442 ident: b53 article-title: Impact of code language models on automated program repair publication-title: Proceedings of the 45th International Conference on Software Engineering – volume: 65 start-page: 172101:1 year: 2022 end-page: 172101:19 ident: b15 article-title: Towards characterizing bug fixes through dependency-level changes in Apache Java open source projects publication-title: Sci. China Inf. Sci. – start-page: 365 year: 2022 end-page: 375 ident: b2 article-title: An empirical study on the survival rate of GitHub projects publication-title: Proceedings of the 19th International Conference on Mining Software Repositories – volume: 14 start-page: 131 year: 2007 end-page: 164 ident: b57 article-title: Guidelines for performing systematic literature reviews in software engineering publication-title: Empir. Softw. Eng. – volume: 32 start-page: 68 year: 2015 end-page: 75 ident: b121 article-title: How API documentation fails publication-title: IEEE Softw. – volume: 156 start-page: 65 year: 2019 end-page: 83 ident: b31 article-title: Aligning software engineering education with industrial needs: A meta-analysis publication-title: J. Syst. Softw. – start-page: 426 year: 2024 end-page: 437 ident: b73 article-title: Lightweight syntactic API usage analysis with UCov publication-title: Proceedings of the 32nd IEEE/ACM International Conference on Program Comprehension – volume: 1 year: 2024 ident: b51 article-title: Understanding the impact of APIs behavioral breaking changes on client applications publication-title: Proc. ACM Softw. Eng. – volume: 27 start-page: 1 year: 2018 end-page: 51 ident: b114 article-title: The ABC of software engineering research publication-title: ACM Trans. Softw. Eng. Methodol. – start-page: 266 year: 2022 end-page: 278 ident: b48 article-title: RepFinder: Finding replacements for missing APIs in library update publication-title: Proceedings of the 36th International Conference on Automated Software Engineering – volume: 227 year: 2023 ident: b79 article-title: SSDTutor: A feedback-driven intelligent tutoring system for secure software development publication-title: Sci. Comput. Program. – volume: 31 start-page: 590 year: 1992 end-page: 616 ident: b113 article-title: Extending and formalizing the framework for information systems architecture publication-title: IBM Syst. J. – start-page: 182 year: 2017 end-page: 192 ident: b35 article-title: Technical lag in software compilations: Measuring how outdated a software deployment is publication-title: Open Source Systems: Towards Robust Practices – start-page: 269 year: 2019 end-page: 278 ident: b70 article-title: Sapfix: Automated end-to-end repair at scale publication-title: IEEE/ACM 41st International Conference on Software Engineering: Software Engineering in Practice – reference: Barthélémy Dagenais, Harold Ossher, Automatically locating framework extension examples, in: Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering, 2008, pp. 203–213. – volume: 171 year: 2021 ident: b66 article-title: A critical review on the evaluation of automated program repair systems publication-title: J. Syst. Softw. – reference: Christoph Treude, Martin P. Robillard, Augmenting API documentation with insights from Stack Overflow, in: Proceedings of the 38th International Conference on Software Engineering, 2016, pp. 392–403. – start-page: 528 year: 1994 end-page: 532 ident: b10 article-title: The goal question metric approach publication-title: Encycl. Softw. Eng. – start-page: 245 year: 2015 end-page: 252 ident: b112 article-title: A case study of web API evolution publication-title: 2015 IEEE World Congress on Services – start-page: 55 year: 2022 end-page: 64 ident: b126 article-title: AUGraft: Graft new API usage into old code publication-title: Proceedings of the 13th Asia-Pacific Symposium on Internetware – year: 2014 ident: b9 article-title: Guide to the Software Engineering Body of Knowledge (SWEBOK(R)): Version 3.0 – volume: 42 start-page: 247 year: 2008 end-page: 260 ident: b87 article-title: Documenting and automating collateral evolutions in Linux device drivers publication-title: ACM SIGOPS Oper. Syst. Rev. – start-page: 112 year: 2020 end-page: 124 ident: b11 article-title: Taming behavioral backward incompatibilities via cross-project testing and analysis publication-title: Proceedings of the 42nd International Conference on Software Engineering – start-page: 302 year: 2010 end-page: 321 ident: b81 article-title: A graph-based approach to API usage adaptation publication-title: ACM International Conference on Object Oriented Programming Systems Languages and Applications – volume: 18 start-page: 83 year: 2006 end-page: 107 ident: b22 article-title: How do APIs evolve? A story of refactoring publication-title: J. Softw. Maint. Evol.: Res. Pr. – start-page: 274 year: 2005 end-page: 283 ident: b44 article-title: CatchUp! Capturing and replaying refactorings to support API evolution publication-title: Proceedings of the 27th International Conference on Software Engineering – volume: 48 start-page: 417 year: 2022 end-page: 431 ident: b63 article-title: A3: Assisting Android API migrations using code examples publication-title: IEEE Trans. Softw. Eng. – start-page: 289 year: 2016 end-page: 305 ident: b1 article-title: You get where you’re looking for: The impact of information sources on code security publication-title: IEEE Symposium on Security and Privacy – year: 2024 ident: b38 article-title: A systematic literature review of inter-service security threats and mitigation strategies in microservice architectures publication-title: IEEE Access – volume: 45 start-page: 1170 year: 2019 end-page: 1188 ident: b4 article-title: A systematic evaluation of static API-misuse detectors publication-title: IEEE Trans. Softw. Eng. – reference: Thomas Durieux, Fernanda Madeiral, Matias Martinez, Rui Abreu, Empirical review of Java program repair tools: A large-scale experiment on 2,141 bugs and 23,551 repair attempts, in: Proceedings of the 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019, pp. 302–313. – year: 2024 ident: b144 article-title: The use of large language models for program repair publication-title: Comput. Stand. Interfaces – start-page: 753 year: 2018 end-page: 758 ident: b91 article-title: An empirical study of the framework impact on the security of JavaScript web applications publication-title: Companion Proceedings of the the Web Conference – start-page: 459 year: 2024 end-page: 471 ident: b12 article-title: When large language models confront repository-level automatic program repair: How well they done? publication-title: Proceedings of the 46th International Conference on Software Engineering: Companion Proceedings – reference: Eric Horton, Chris Parnin, V2: Fast Detection of Configuration Drift in Python, in: Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering, 2019, pp. 477–488. – volume: 46 start-page: 1040 year: 2018 end-page: 1067 ident: b138 article-title: Arja: Automated repair of Java programs via multi-objective genetic programming publication-title: IEEE Trans. Softw. Eng. – reference: Luca Gazzola, Daniela Micucci, Leonardo Mariani, Automatic software repair: A survey, in: Proceedings of the 40th International Conference on Software Engineering, 2018, pp. 1219–1219. – start-page: 240 year: 2021 end-page: 252 ident: b143 article-title: Restoring the executability of Jupyter notebooks by automatic upgrade of deprecated APIs publication-title: Proceedings of the 36th International Conference on Automated Software Engineering – reference: Stefanus A. Haryono, Ferdian Thung, David Lo, Julia Lawall, Lingxiao Jiang, Characterization and Automatic Updates of Deprecated Machine-Learning API Usages, in: IEEE International Conference on Software Maintenance and Evolution, 2021, pp. 137–147. – volume: 33 start-page: 818 year: 2007 end-page: 836 ident: b135 article-title: API-evolution support with Diff-CatchUp publication-title: IEEE Trans. Softw. Eng. – reference: William Granli, John Burchell, Imed Hammouda, Eric Knauss, The driving forces of API evolution, in: Proceedings of the 14th International Workshop on Principles of Software Evolution, 2015, pp. 28–37. – volume: 31 start-page: 1 year: 2022 end-page: 30 ident: b117 article-title: Predicting patch correctness based on the similarity of failing test cases publication-title: ACM Trans. Softw. Eng. Methodol. – start-page: 711 year: 2016 end-page: 722 ident: b67 article-title: CDRep: Automatic repair of cryptographic misuses in Android applications publication-title: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security – reference: Rebeca C Motta, Káthia M de Oliveira, Guilherme H Travassos, On challenges in engineering IoT software systems, in: Proceedings of the XXXII Brazilian Symposium on Software Engineering, 2018, pp. 42–51. – start-page: 33 year: 2015 end-page: 42 ident: b105 article-title: An observational study on API usage constraints and their documentation publication-title: Proceedings of the 22nd International Conference on Software Analysis, Evolution, and Reengineering – volume: 12 start-page: 471 year: 2007 end-page: 516 ident: b72 article-title: Quality, productivity and economic benefits of software reuse: A review of industrial studies publication-title: Empir. Softw. Eng. – volume: 16 start-page: 2:1 year: 2017 end-page: 23 ident: b52 article-title: API evolution and compatibility: A data corpus and tool evaluation publication-title: J. Object Technol. – volume: 48 start-page: 2658 year: 2021 end-page: 2679 ident: b55 article-title: Evaluating automatic program repair capabilities to repair API misuses publication-title: IEEE Trans. Softw. Eng. – year: 2013 ident: b95 article-title: Semantic versioning 2.0.0 – volume: 20 start-page: 1785 year: 2015 end-page: 1830 ident: b56 article-title: Charting the API minefield using software telemetry data publication-title: Empir. Softw. Eng. – volume: 1 year: 2024 ident: b46 article-title: A deep dive into large language models for automated bug localization and repair publication-title: Proc. ACM Softw. Eng. – reference: Danny Dig, Using refactorings to automatically update component-based applications, in: Companion To the 20th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, 2005, pp. 228–230. – volume: 30 year: 2021 ident: b8 article-title: When and how to make breaking changes: Policies and practices in 18 open source software ecosystems publication-title: ACM Trans. Softw. Eng. Methodol. – start-page: 233 year: 2023 end-page: 244 ident: b19 article-title: UPCY: Safely updating outdated dependencies publication-title: Proceedings of the 45th International Conference on Software Engineering – start-page: 246 year: 2018 end-page: 250 ident: b96 article-title: How to measure the performance of automated program repair publication-title: Proceedings of the 5th International Conference on Information Science and Control Engineering – start-page: 189 year: 2016 end-page: 200 ident: b110 article-title: Does your configuration code smell? publication-title: Proceedings of the 13th International Conference on Mining Software Repositories – year: 2024 ident: b141 article-title: APPT: Boosting automated patch correctness prediction via fine-tuning pre-trained models publication-title: IEEE Trans. Softw. Eng. – reference: Sven Amann, Sarah Nadi, Hoan A Nguyen, Tien N Nguyen, Mira Mezini, MUBench: A benchmark for API-misuse detectors, in: Proceedings of the 13th International Conference on Mining Software Repositories, 2016, pp. 464–467. – reference: Chow, Notkin, Semi-automatic Update of Applications in Response to Library Changes, in: Proceedings of International Conference on Software Maintenance, 1996, pp. 359–368. – volume: 27 year: 2022 ident: b85 article-title: Breaking bad? Semantic versioning and impact of breaking changes in Maven Central: An external and differentiated replication study publication-title: Empir. Softw. Eng. – volume: 51 start-page: 1 year: 2018 end-page: 24 ident: b75 article-title: Automatic software repair: A bibliography publication-title: ACM Comput. Surv. – reference: Ira W. Cotton, Frank S. Greatorex, Data structures and techniques for remote computer graphics, in: Proceedings of the December 9–11, 1968, Fall Joint Computer Conference, Part I, 1968, pp. 533–544. – reference: Xiaoxue Ren, Jiamou Sun, Zhenchang Xing, Xin Xia, Jianling Sun, Demystify official API usage directives with crowdsourced API misuse scenarios, erroneous code examples and patches, in: Proceedings of the 42nd International Conference on Software Engineering, 2020, pp. 925–936. – reference: Florian Draschbacher, Johannes Feichtner, CryptoShield-Automatic On-Device Mitigation for Crypto API Misuse in Android Applications, in: Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security, 2023, pp. 899–912. – volume: 62 start-page: 56 year: 2019 end-page: 65 ident: b36 article-title: Automated program repair publication-title: Commun. ACM – volume: vol. 46 start-page: 237 year: 1998 end-page: 286 ident: b106 article-title: Role-based access control publication-title: Advances in Computers – start-page: 791 year: 2018 end-page: 796 ident: b28 article-title: Efficient static checking of library updates publication-title: Proceedings of the 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering – reference: Md Johirul Islam, Rangeet Pan, Giang Nguyen, Hridesh Rajan, Repairing deep neural networks: Fix patterns and challenges, in: Proceedings of the 42nd International Conference on Software Engineering, 2020, pp. 1135–1146. – start-page: 132 year: 2020 end-page: 138 ident: b129 article-title: Drift and erosion in software architecture: Summary and prevention strategies publication-title: Proceedings of the 4th International Conference on Information System and Data Mining – start-page: 26 year: 2022 end-page: 30 ident: b84 article-title: BreakBot: Analyzing the impact of breaking changes to assist library evolution publication-title: Proceedings of the 44th International Conference on Software Engineering: New Ideas and Emerging Results – year: 2020 ident: b99 article-title: Empirical standards for software engineering research – reference: Zichao Qi, Fan Long, Sara Achour, Martin Rinard, An analysis of patch plausibility and correctness for generate-and-validate patch generation systems, in: Proceedings of the 2015 International Symposium on Software Testing and Analysis, 2015, pp. 24–36. – start-page: 189 year: 2008 end-page: 203 ident: b108 article-title: Refactoring-based adaptation of adaptation specifications publication-title: Software Engineering Research, Management and Applications – start-page: 132 year: 1991 end-page: 142 ident: b6 article-title: Implementation of a software configuration environment publication-title: Proceedings of the 4th Software Engineering Standards Application Workshop – reference: Negar Ghorbani, Joshua Garcia, Sam Malek, Detection and Repair of Architectural Inconsistencies in Java, in: Proceedings of the 41st International Conference on Software Engineering, 2019, pp. 560–571. – reference: Stefan Krüger, Sarah Nadi, Michael Reif, Karim Ali, Mira Mezini, Eric Bodden, Florian Göpfert, Felix Günther, Christian Weinert, Daniel Demmler, Ram Kamath, CogniCrypt: Supporting developers in using cryptography, in: Proceedings of the 32nd International Conference on Automated Software Engineering, 2017, pp. 931–936. – start-page: 511 year: 2015 end-page: 517 ident: b100 article-title: A type-directed approach to program repair publication-title: Computer Aided Verification: 27th International Conference – volume: 14 start-page: 286 year: 2009 end-page: 315 ident: b88 article-title: Toward an understanding of bug fix patterns publication-title: Empir. Softw. Eng. – volume: 199 year: 2020 ident: b71 article-title: Understanding Stack Overflow code quality: A recommendation of caution publication-title: Sci. Comput. Program. – year: 2024 ident: b127 article-title: Demystifying and detecting misuses of deep learning APIs publication-title: Proceedings of the 46th International Conference on Software Engineering – start-page: 1482 year: 2023 end-page: 1494 ident: b133 article-title: Automated program repair in the era of large pre-trained language models publication-title: IEEE/ACM 45th International Conference on Software Engineering – volume: 39 start-page: 613 year: 2012 end-page: 637 ident: b103 article-title: Automated API property inference techniques publication-title: IEEE Trans. Softw. Eng. – volume: 32 start-page: 1 year: 2023 end-page: 36 ident: b131 article-title: Retrieving API knowledge from tutorials and Stack Overflow based on natural language queries publication-title: ACM Trans. Softw. Eng. Methodol. – start-page: 64 year: 2014 end-page: 73 ident: b20 article-title: Broken promises: An empirical study into evolution problems in Java programs caused by library upgrades publication-title: 2014 Software Evolution Week-IEEE Conference on Software Maintenance, Reengineering, and Reverse Engineering – volume: 151 year: 2022 ident: b132 article-title: Automatically repairing tensor shape faults in deep learning programs publication-title: Inf. Softw. Technol. – volume: 199 year: 2020 ident: 10.1016/j.cosrev.2025.100732_b71 article-title: Understanding Stack Overflow code quality: A recommendation of caution publication-title: Sci. Comput. Program. doi: 10.1016/j.scico.2020.102516 – ident: 10.1016/j.cosrev.2025.100732_b136 doi: 10.1109/ICPC.2019.00052 – start-page: 33 year: 2015 ident: 10.1016/j.cosrev.2025.100732_b105 article-title: An observational study on API usage constraints and their documentation – start-page: 99 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b124 article-title: Hero: On the chaos when PATH meets modules – ident: 10.1016/j.cosrev.2025.100732_b123 doi: 10.1145/3180155.3180250 – ident: 10.1016/j.cosrev.2025.100732_b41 doi: 10.1109/ICSME52107.2021.00019 – start-page: 426 year: 2024 ident: 10.1016/j.cosrev.2025.100732_b73 article-title: Lightweight syntactic API usage analysis with UCov – start-page: 131 year: 2011 ident: 10.1016/j.cosrev.2025.100732_b47 article-title: Exploring the intent behind API evolution: A case study – start-page: 266 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b48 article-title: RepFinder: Finding replacements for missing APIs in library update – volume: 40 start-page: 265 issue: 10 year: 2005 ident: 10.1016/j.cosrev.2025.100732_b5 article-title: Refactoring support for class library migration publication-title: ACM SIGPLAN Not. doi: 10.1145/1103845.1094832 – ident: 10.1016/j.cosrev.2025.100732_b13 doi: 10.1109/ICSM.1996.565039 – year: 2015 ident: 10.1016/j.cosrev.2025.100732_b59 – start-page: 528 year: 1994 ident: 10.1016/j.cosrev.2025.100732_b10 article-title: The goal question metric approach publication-title: Encycl. Softw. Eng. – start-page: 233 year: 2023 ident: 10.1016/j.cosrev.2025.100732_b19 article-title: UPCY: Safely updating outdated dependencies – year: 2014 ident: 10.1016/j.cosrev.2025.100732_b102 – volume: 20 issue: 4 year: 2011 ident: 10.1016/j.cosrev.2025.100732_b18 article-title: Recommending adaptive changes for framework evolution publication-title: ACM Trans. Softw. Eng. Methodol. doi: 10.1145/2000799.2000805 – start-page: 189 year: 2016 ident: 10.1016/j.cosrev.2025.100732_b110 article-title: Does your configuration code smell? – volume: 86 start-page: 1498 issue: 6 year: 2013 ident: 10.1016/j.cosrev.2025.100732_b119 article-title: An exploration of technical debt publication-title: J. Syst. Softw. doi: 10.1016/j.jss.2012.12.052 – start-page: 245 year: 2015 ident: 10.1016/j.cosrev.2025.100732_b112 article-title: A case study of web API evolution – start-page: 159 year: 2011 ident: 10.1016/j.cosrev.2025.100732_b137 article-title: An empirical study on configuration errors in commercial and open source systems – volume: 30 issue: 4 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b8 article-title: When and how to make breaking changes: Policies and practices in 18 open source software ecosystems publication-title: ACM Trans. Softw. Eng. Methodol. doi: 10.1145/3447245 – ident: 10.1016/j.cosrev.2025.100732_b77 doi: 10.1145/3266237.3266263 – volume: 151 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b132 article-title: Automatically repairing tensor shape faults in deep learning programs publication-title: Inf. Softw. Technol. doi: 10.1016/j.infsof.2022.107027 – volume: 171 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b66 article-title: A critical review on the evaluation of automated program repair systems publication-title: J. Syst. Softw. doi: 10.1016/j.jss.2020.110817 – volume: 14 start-page: 286 year: 2009 ident: 10.1016/j.cosrev.2025.100732_b88 article-title: Toward an understanding of bug fix patterns publication-title: Empir. Softw. Eng. doi: 10.1007/s10664-008-9077-5 – start-page: 64 year: 2014 ident: 10.1016/j.cosrev.2025.100732_b20 article-title: Broken promises: An empirical study into evolution problems in Java programs caused by library upgrades – volume: 62 start-page: 56 issue: 12 year: 2019 ident: 10.1016/j.cosrev.2025.100732_b36 article-title: Automated program repair publication-title: Commun. ACM doi: 10.1145/3318162 – volume: 23 start-page: 5 issue: 1 year: 2023 ident: 10.1016/j.cosrev.2025.100732_b86 article-title: Automating library migrations with error prone and Refaster publication-title: SIGAPP Appl. Comput. Rev. doi: 10.1145/3594264.3594265 – ident: 10.1016/j.cosrev.2025.100732_b33 doi: 10.1109/ICSE.2019.00067 – volume: 22 start-page: 336 year: 2013 ident: 10.1016/j.cosrev.2025.100732_b82 article-title: A method for taxonomy development and its application in information systems publication-title: Eur. J. Inf. Syst. doi: 10.1057/ejis.2012.26 – start-page: 269 year: 2019 ident: 10.1016/j.cosrev.2025.100732_b70 article-title: Sapfix: Automated end-to-end repair at scale – ident: 10.1016/j.cosrev.2025.100732_b83 doi: 10.1109/ICSE43902.2021.00020 – year: 2013 ident: 10.1016/j.cosrev.2025.100732_b95 – volume: 46 start-page: 1040 issue: 10 year: 2018 ident: 10.1016/j.cosrev.2025.100732_b138 article-title: Arja: Automated repair of Java programs via multi-objective genetic programming publication-title: IEEE Trans. Softw. Eng. doi: 10.1109/TSE.2018.2874648 – ident: 10.1016/j.cosrev.2025.100732_b78 doi: 10.1145/2884781.2884790 – start-page: 35 year: 2012 ident: 10.1016/j.cosrev.2025.100732_b122 article-title: Programming language evolution via source code query languages – ident: 10.1016/j.cosrev.2025.100732_b3 doi: 10.1145/2901739.2903506 – ident: 10.1016/j.cosrev.2025.100732_b17 doi: 10.1145/1453101.1453129 – start-page: 511 year: 2015 ident: 10.1016/j.cosrev.2025.100732_b100 article-title: A type-directed approach to program repair – volume: 39 start-page: 613 issue: 5 year: 2012 ident: 10.1016/j.cosrev.2025.100732_b103 article-title: Automated API property inference techniques publication-title: IEEE Trans. Softw. Eng. doi: 10.1109/TSE.2012.63 – year: 2024 ident: 10.1016/j.cosrev.2025.100732_b141 article-title: APPT: Boosting automated patch correctness prediction via fine-tuning pre-trained models publication-title: IEEE Trans. Softw. Eng. – start-page: 215 year: 2017 ident: 10.1016/j.cosrev.2025.100732_b76 article-title: Experience paper: A study on behavioral backward incompatibilities of Java software libraries – start-page: 189 year: 2008 ident: 10.1016/j.cosrev.2025.100732_b108 article-title: Refactoring-based adaptation of adaptation specifications – volume: vol. 46 start-page: 237 year: 1998 ident: 10.1016/j.cosrev.2025.100732_b106 article-title: Role-based access control – year: 2024 ident: 10.1016/j.cosrev.2025.100732_b115 – year: 2017 ident: 10.1016/j.cosrev.2025.100732_b50 – start-page: 73 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b80 article-title: Hotfixing misuses of crypto APIs in Java programs – volume: 65 start-page: 172101:1 issue: 7 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b15 article-title: Towards characterizing bug fixes through dependency-level changes in Apache Java open source projects publication-title: Sci. China Inf. Sci. doi: 10.1007/s11432-020-3317-2 – ident: 10.1016/j.cosrev.2025.100732_b32 doi: 10.1145/3180155.3182526 – volume: 156 start-page: 65 year: 2019 ident: 10.1016/j.cosrev.2025.100732_b31 article-title: Aligning software engineering education with industrial needs: A meta-analysis publication-title: J. Syst. Softw. doi: 10.1016/j.jss.2019.06.044 – year: 1990 ident: 10.1016/j.cosrev.2025.100732_b109 – start-page: 240 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b143 article-title: Restoring the executability of Jupyter notebooks by automatic upgrade of deprecated APIs – volume: 48 start-page: 2658 issue: 7 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b55 article-title: Evaluating automatic program repair capabilities to repair API misuses publication-title: IEEE Trans. Softw. Eng. doi: 10.1109/TSE.2021.3067156 – volume: 45 start-page: 1170 issue: 12 year: 2019 ident: 10.1016/j.cosrev.2025.100732_b4 article-title: A systematic evaluation of static API-misuse detectors publication-title: IEEE Trans. Softw. Eng. doi: 10.1109/TSE.2018.2827384 – volume: 20 start-page: 1785 issue: 6 year: 2015 ident: 10.1016/j.cosrev.2025.100732_b56 article-title: Charting the API minefield using software telemetry data publication-title: Empir. Softw. Eng. doi: 10.1007/s10664-014-9343-7 – start-page: 246 year: 2018 ident: 10.1016/j.cosrev.2025.100732_b96 article-title: How to measure the performance of automated program repair – volume: 32 start-page: 68 issue: 4 year: 2015 ident: 10.1016/j.cosrev.2025.100732_b121 article-title: How API documentation fails publication-title: IEEE Softw. doi: 10.1109/MS.2014.80 – volume: 31 start-page: 1 issue: 4 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b117 article-title: Predicting patch correctness based on the similarity of failing test cases publication-title: ACM Trans. Softw. Eng. Methodol. doi: 10.1145/3511096 – volume: 31 start-page: 590 issue: 3 year: 1992 ident: 10.1016/j.cosrev.2025.100732_b113 article-title: Extending and formalizing the framework for information systems architecture publication-title: IBM Syst. J. doi: 10.1147/sj.313.0590 – ident: 10.1016/j.cosrev.2025.100732_b14 doi: 10.1145/1476589.1476661 – ident: 10.1016/j.cosrev.2025.100732_b74 doi: 10.1145/2568225.2568324 – volume: 41 start-page: 1236 issue: 12 year: 2015 ident: 10.1016/j.cosrev.2025.100732_b64 article-title: The ManyBugs and IntroClass benchmarks for automated repair of C programs publication-title: IEEE Trans. Softw. Eng. doi: 10.1109/TSE.2015.2454513 – volume: 18 start-page: 83 issue: 2 year: 2006 ident: 10.1016/j.cosrev.2025.100732_b22 article-title: How do APIs evolve? A story of refactoring publication-title: J. Softw. Maint. Evol.: Res. Pr. doi: 10.1002/smr.328 – start-page: 55 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b126 article-title: AUGraft: Graft new API usage into old code – start-page: 274 year: 2005 ident: 10.1016/j.cosrev.2025.100732_b44 article-title: CatchUp! Capturing and replaying refactorings to support API evolution – volume: 14 start-page: 131 issue: 2 year: 2007 ident: 10.1016/j.cosrev.2025.100732_b57 article-title: Guidelines for performing systematic literature reviews in software engineering publication-title: Empir. Softw. Eng. – start-page: 289 year: 2016 ident: 10.1016/j.cosrev.2025.100732_b1 article-title: You get where you’re looking for: The impact of information sources on code security – volume: 16 start-page: 2:1 issue: 4 year: 2017 ident: 10.1016/j.cosrev.2025.100732_b52 article-title: API evolution and compatibility: A data corpus and tool evaluation publication-title: J. Object Technol. doi: 10.5381/jot.2017.16.4.a2 – ident: 10.1016/j.cosrev.2025.100732_b125 doi: 10.1145/3377811.3380426 – start-page: 364 year: 2009 ident: 10.1016/j.cosrev.2025.100732_b128 article-title: Automatically finding patches using genetic programming – volume: 1 issue: 2 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b90 article-title: Electrolint and security of Electron applications publication-title: High-Confid. Comput. doi: 10.1016/j.hcc.2021.100032 – start-page: 182 year: 2017 ident: 10.1016/j.cosrev.2025.100732_b35 article-title: Technical lag in software compilations: Measuring how outdated a software deployment is – volume: 27 start-page: 1 issue: 3 year: 2018 ident: 10.1016/j.cosrev.2025.100732_b114 article-title: The ABC of software engineering research publication-title: ACM Trans. Softw. Eng. Methodol. doi: 10.1145/3241743 – volume: 195 year: 2023 ident: 10.1016/j.cosrev.2025.100732_b34 article-title: On the use of deep learning in software defect prediction publication-title: J. Syst. Softw. doi: 10.1016/j.jss.2022.111537 – volume: 16 start-page: 703 year: 2011 ident: 10.1016/j.cosrev.2025.100732_b104 article-title: A field study of API learning obstacles publication-title: Empir. Softw. Eng. doi: 10.1007/s10664-010-9150-8 – volume: 37 year: 2020 ident: 10.1016/j.cosrev.2025.100732_b39 article-title: A systematic mapping study of clone visualization publication-title: Comput. Sci. Rev. doi: 10.1016/j.cosrev.2020.100266 – volume: 27 issue: 3 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b85 article-title: Breaking bad? Semantic versioning and impact of breaking changes in Maven Central: An external and differentiated replication study publication-title: Empir. Softw. Eng. doi: 10.1007/s10664-021-10052-y – start-page: 22 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b139 article-title: DepMiner: Automatic recommendation of transformation rules for method deprecation – start-page: 711 year: 2016 ident: 10.1016/j.cosrev.2025.100732_b67 article-title: CDRep: Automatic repair of cryptographic misuses in Android applications – ident: 10.1016/j.cosrev.2025.100732_b27 doi: 10.1145/3293882.3330571 – ident: 10.1016/j.cosrev.2025.100732_b94 doi: 10.1109/MSR.2019.00077 – year: 1999 ident: 10.1016/j.cosrev.2025.100732_b29 – year: 2009 ident: 10.1016/j.cosrev.2025.100732_b69 – volume: 15 start-page: 1053 issue: 12 year: 1972 ident: 10.1016/j.cosrev.2025.100732_b89 article-title: On the criteria to be used in decomposing systems into modules publication-title: Commun. ACM doi: 10.1145/361598.361623 – start-page: 365 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b2 article-title: An empirical study on the survival rate of GitHub projects – ident: 10.1016/j.cosrev.2025.100732_b24 doi: 10.1145/3579856.3582832 – ident: 10.1016/j.cosrev.2025.100732_b130 doi: 10.1145/2601248.2601268 – start-page: 112 year: 2020 ident: 10.1016/j.cosrev.2025.100732_b11 article-title: Taming behavioral backward incompatibilities via cross-project testing and analysis – start-page: 401 year: 2020 ident: 10.1016/j.cosrev.2025.100732_b40 article-title: Automatic Android deprecated-API usage update by learning from single updated example – year: 2024 ident: 10.1016/j.cosrev.2025.100732_b127 article-title: Demystifying and detecting misuses of deep learning APIs – ident: 10.1016/j.cosrev.2025.100732_b21 doi: 10.1145/1094855.1094948 – start-page: 441 year: 2008 ident: 10.1016/j.cosrev.2025.100732_b23 article-title: ReBA: Refactoring-aware binary adaptation of evolving libraries – start-page: 753 year: 2018 ident: 10.1016/j.cosrev.2025.100732_b91 article-title: An empirical study of the framework impact on the security of JavaScript web applications – start-page: 584 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b42 article-title: MLCatchUp: Automated update of deprecated machine-learning APIs in Python – volume: 32 start-page: 1 issue: 4 year: 2023 ident: 10.1016/j.cosrev.2025.100732_b118 article-title: The best of both worlds: Combining learned embeddings with engineered features for accurate prediction of correct patches publication-title: ACM Trans. Softw. Eng. Methodol. doi: 10.1145/3576039 – ident: 10.1016/j.cosrev.2025.100732_b101 doi: 10.1145/3377811.3380430 – ident: 10.1016/j.cosrev.2025.100732_b25 doi: 10.1145/3338906.3338911 – start-page: 2455 year: 2019 ident: 10.1016/j.cosrev.2025.100732_b98 article-title: CryptoGuard: High precision detection of cryptographic vulnerabilities in massive-sized Java projects – start-page: 791 year: 2018 ident: 10.1016/j.cosrev.2025.100732_b28 article-title: Efficient static checking of library updates – ident: 10.1016/j.cosrev.2025.100732_b43 doi: 10.1145/2601248.2601274 – start-page: 1430 year: 2023 ident: 10.1016/j.cosrev.2025.100732_b53 article-title: Impact of code language models on automated program repair – volume: 26 issue: 6 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b93 article-title: The indolent lambdification of Java: Understanding the support for lambda expressions in the Java ecosystem publication-title: Empir. Softw. Engg. – start-page: 73 year: 2013 ident: 10.1016/j.cosrev.2025.100732_b26 article-title: An empirical study of cryptographic misuse in Android applications – ident: 10.1016/j.cosrev.2025.100732_b45 doi: 10.1109/ASE.2019.00052 – start-page: 302 year: 2010 ident: 10.1016/j.cosrev.2025.100732_b81 article-title: A graph-based approach to API usage adaptation – start-page: 152 year: 2014 ident: 10.1016/j.cosrev.2025.100732_b140 article-title: Which configuration option should I change? – start-page: 459 year: 2024 ident: 10.1016/j.cosrev.2025.100732_b12 article-title: When large language models confront repository-level automatic program repair: How well they done? – start-page: 132 year: 1991 ident: 10.1016/j.cosrev.2025.100732_b6 article-title: Implementation of a software configuration environment – ident: 10.1016/j.cosrev.2025.100732_b97 doi: 10.1145/2771783.2771791 – ident: 10.1016/j.cosrev.2025.100732_b60 doi: 10.1109/ASE.2017.8115707 – year: 2024 ident: 10.1016/j.cosrev.2025.100732_b38 article-title: A systematic literature review of inter-service security threats and mitigation strategies in microservice architectures publication-title: IEEE Access doi: 10.1109/ACCESS.2024.3406500 – volume: 64 start-page: 1 year: 2015 ident: 10.1016/j.cosrev.2025.100732_b92 article-title: Guidelines for conducting systematic mapping studies in software engineering: An update publication-title: Inf. Softw. Technol. doi: 10.1016/j.infsof.2015.03.007 – start-page: 195 year: 2006 ident: 10.1016/j.cosrev.2025.100732_b116 article-title: Mica: A web-search tool for finding API components and examples – ident: 10.1016/j.cosrev.2025.100732_b49 doi: 10.1145/3377811.3380378 – volume: 1 year: 2024 ident: 10.1016/j.cosrev.2025.100732_b51 article-title: Understanding the impact of APIs behavioral breaking changes on client applications publication-title: Proc. ACM Softw. Eng. doi: 10.1145/3643782 – volume: 1 issue: FSE year: 2024 ident: 10.1016/j.cosrev.2025.100732_b46 article-title: A deep dive into large language models for automated bug localization and repair publication-title: Proc. ACM Softw. Eng. doi: 10.1145/3660773 – start-page: 132 year: 2020 ident: 10.1016/j.cosrev.2025.100732_b129 article-title: Drift and erosion in software architecture: Summary and prevention strategies – ident: 10.1016/j.cosrev.2025.100732_b142 doi: 10.1145/3180155.3180260 – ident: 10.1016/j.cosrev.2025.100732_b120 doi: 10.1145/2884781.2884800 – start-page: 1482 year: 2023 ident: 10.1016/j.cosrev.2025.100732_b133 article-title: Automated program repair in the era of large pre-trained language models – volume: 12 start-page: 471 year: 2007 ident: 10.1016/j.cosrev.2025.100732_b72 article-title: Quality, productivity and economic benefits of software reuse: A review of industrial studies publication-title: Empir. Softw. Eng. doi: 10.1007/s10664-007-9040-x – volume: 227 issue: C year: 2023 ident: 10.1016/j.cosrev.2025.100732_b79 article-title: SSDTutor: A feedback-driven intelligent tutoring system for secure software development publication-title: Sci. Comput. Program. – ident: 10.1016/j.cosrev.2025.100732_b134 doi: 10.1145/3540250.3549101 – start-page: 107 year: 2010 ident: 10.1016/j.cosrev.2025.100732_b68 article-title: Investigating web APIs on the World Wide Web – start-page: 29 year: 1992 ident: 10.1016/j.cosrev.2025.100732_b16 article-title: The WyCash portfolio management system – volume: 33 start-page: 818 issue: 12 year: 2007 ident: 10.1016/j.cosrev.2025.100732_b135 article-title: API-evolution support with Diff-CatchUp publication-title: IEEE Trans. Softw. Eng. doi: 10.1109/TSE.2007.70747 – year: 2020 ident: 10.1016/j.cosrev.2025.100732_b99 – volume: 5 issue: OOPSLA year: 2021 ident: 10.1016/j.cosrev.2025.100732_b30 article-title: APIfix: Output-oriented program synthesis for combating breaking changes in libraries publication-title: Proc. ACM Program. Lang. doi: 10.1145/3485538 – volume: 51 start-page: 7 issue: 1 year: 2009 ident: 10.1016/j.cosrev.2025.100732_b58 article-title: Systematic literature reviews in software engineering–A systematic literature review publication-title: Inf. Softw. Technol. doi: 10.1016/j.infsof.2008.09.009 – volume: 48 start-page: 417 issue: 2 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b63 article-title: A3: Assisting Android API migrations using code examples publication-title: IEEE Trans. Softw. Eng. doi: 10.1109/TSE.2020.2988396 – start-page: 157 year: 2020 ident: 10.1016/j.cosrev.2025.100732_b61 article-title: Putting the semantics into semantic versioning – volume: 42 start-page: 247 issue: 4 year: 2008 ident: 10.1016/j.cosrev.2025.100732_b87 article-title: Documenting and automating collateral evolutions in Linux device drivers publication-title: ACM SIGOPS Oper. Syst. Rev. doi: 10.1145/1357010.1352618 – ident: 10.1016/j.cosrev.2025.100732_b54 doi: 10.1145/2970276.2970354 – volume: 32 start-page: 1 issue: 5 year: 2023 ident: 10.1016/j.cosrev.2025.100732_b131 article-title: Retrieving API knowledge from tutorials and Stack Overflow based on natural language queries publication-title: ACM Trans. Softw. Eng. Methodol. doi: 10.1145/3565799 – start-page: 26 year: 2022 ident: 10.1016/j.cosrev.2025.100732_b84 article-title: BreakBot: Analyzing the impact of breaking changes to assist library evolution – volume: 54 start-page: 1 issue: 8 year: 2021 ident: 10.1016/j.cosrev.2025.100732_b62 article-title: A systematic review of API evolution literature publication-title: ACM Comput. Surv. doi: 10.1145/3470133 – ident: 10.1016/j.cosrev.2025.100732_b7 doi: 10.1109/ISSREW53611.2021.00098 – volume: 51 start-page: 1 issue: 1 year: 2018 ident: 10.1016/j.cosrev.2025.100732_b75 article-title: Automatic software repair: A bibliography publication-title: ACM Comput. Surv. doi: 10.1145/3105906 – ident: 10.1016/j.cosrev.2025.100732_b107 doi: 10.1145/1289971.1290000 – ident: 10.1016/j.cosrev.2025.100732_b111 doi: 10.1109/DASC.2014.22 – start-page: 102 year: 2019 ident: 10.1016/j.cosrev.2025.100732_b65 article-title: You cannot fix what you cannot find! An investigation of fault localization bias in benchmarking automated program repair systems – ident: 10.1016/j.cosrev.2025.100732_b37 doi: 10.1145/2804360.2804364 – year: 2024 ident: 10.1016/j.cosrev.2025.100732_b144 article-title: The use of large language models for program repair publication-title: Comput. Stand. Interfaces – year: 2014 ident: 10.1016/j.cosrev.2025.100732_b9
SSID	ssj0070056
Score	2.3772905
SecondaryResourceType	review_article
Snippet	API use has become prevalent in current times and its purposeful management is of foremost importance to avoid undesired effects on client code. A plethora of...
SourceID	crossref elsevier
SourceType	Enrichment Source Index Database Publisher
StartPage	100732
SubjectTerms	Application Programming Interface (API) Client repair Harmful API use Program repair Survey Systematic literature review
Title	Characterising harmful API uses and repair techniques: Insights from a systematic review
URI	https://dx.doi.org/10.1016/j.cosrev.2025.100732
Volume	57
WOSCitedRecordID	wos001444049000001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVESC databaseName: Elsevier SD Freedom Collection Journals 2021 issn: 1574-0137 databaseCode: AIEXJ dateStart: 20070801 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://www.sciencedirect.com omitProxy: false ssIdentifier: ssj0070056 providerName: Elsevier
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV07b9swECZcp0OX9I0mfYBDN0OFJVGi2M0JUtRFm2ZIC28CRZGo00QJJDvJ3F-eO5GU7LpIm6GLIOhxFvx9OvJOdx8JeZvFqlQyFoEcGxWwqAgDGScxvHhhKUVqYtY20n7_zA8Ps9lMHA0Gv3wvzOUpr6rs-lpc_Feo4RiAja2zd4C7MwoHYB9Ahy3ADtt_An6_l2DGNABKU2Md8uRoOlo22koy1zAIzetRJ-Da1sVNqwYj9ca2nMgNkeer1YmsXw1i5PuC6rWPDF_Bq0oX88vey52dWUZ9Wf5o97vqn3ktbcsMfrjfS-ufLqPc5lgBdzyHp0SKzTirqYoo6QrlOu_KseTFqrx492v1qZ3_xJoNm-_ccO02y3ACyDS4Og_af9dfvq6k_dsI19Ud-pK2k9xaydFKbq3cI1sRT0Q2JFuT6cHskx_POaqltqq77uF9A2ZbJbj5NH-e4KxMWo4fkW0XbdCJZcljMtDVE_LQY0edY39KZuukoY40FEhDkTQUSEMtaWhPmvfUU4YiZaikPWWo5cMz8u3DwfH-x8CtuREoCB4XgSnTlBeRlonKhE4VrglrZKRFbLTOxlqyQspEwkRfZ4wZlqLLN2HBdBnpUrH4ORlW55V-QajiUaoUC5XKxsxIKRJtIL6QRRwVZcjHOyT2f1SunCA9rotymt8G0w4JursurCDLX67nHoPcvRF2spgDsW69c_eOv_SSPOhJ_4oMF_VSvyb31eVi3tRvHKtuAGqsm3A
linkProvider	Elsevier
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Characterising+harmful+API+uses+and+repair+techniques%3A+Insights+from+a+systematic+review&rft.jtitle=Computer+science+review&rft.au=Ochoa%2C+Lina&rft.au=Hammad%2C+Muhammad&rft.au=Giray%2C+G%C3%B6rkem&rft.au=Babur%2C+%C3%96nder&rft.date=2025-08-01&rft.issn=1574-0137&rft.volume=57&rft.spage=100732&rft_id=info:doi/10.1016%2Fj.cosrev.2025.100732&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_cosrev_2025_100732
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1574-0137&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1574-0137&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1574-0137&client=summon