Ecosystem-scale measurement shows commit signing on GitHub is rarely deliberate or sustained by developers, with rising lapse rates and unrevoked expired keys, so supply-chain security frameworks relying on it do not hold in practice.
Title resolution pending
3 Pith papers cite this work. Polarity classification is still indexing.
3
Pith papers citing it
citation-role summary
background 1
citation-polarity summary
fields
cs.SE 3roles
background 1polarities
background 1representative citing papers
False-positive bug reports in the Linux kernel consume effort comparable to real bugs and can be filtered by LLMs using retrieval-augmented generation at 88% F1.
GenLoc integrates semantic retrieval and LLM-based iterative code exploration to outperform prior IRBL and LLM methods on Java and Python bug localization benchmarks.
citing papers explorer
-
Analysis of Commit Signing on Github
Ecosystem-scale measurement shows commit signing on GitHub is rarely deliberate or sustained by developers, with rising lapse rates and unrevoked expired keys, so supply-chain security frameworks relying on it do not hold in practice.
-
Characterizing and Mitigating False-Positive Bug Reports in the Linux Kernel
False-positive bug reports in the Linux kernel consume effort comparable to real bugs and can be filtered by LLMs using retrieval-augmented generation at 88% F1.
-
Towards Explorative IRBL: Combining Semantic Retrieval with LLM-driven Iterative Code Exploration
GenLoc integrates semantic retrieval and LLM-based iterative code exploration to outperform prior IRBL and LLM methods on Java and Python bug localization benchmarks.