Accurate topic classification is crucial in the scientific community when it comes to finding relevant journals. However, the efficiency and accuracy of topic classification of publications do not seem to be at its best performance, especially with the fast-paced rise in the quantity of research papers. Our research aims to address this problem by utilizing state-of-the-art (SOTA) methods. We chose the 'April 2022 Crossref' data set for the research, as Alexandria3k, the tool utilized for querying on the open data set, is tested on the same data. We stratified 50,000 data that have title, abstract, and work names, which are the roughly assigned topics. SOTA methods chosen for feature extraction and classification models are OpenAI Embeddings and XGBoost. Our research shows that this combination of SOTA methods has the potential to improve the performance of current topic classification of publications.

The growth of academic publications, heterogeneity of datasets and the absence of a globally accepted organization identifier introduce the challenge of affiliation disambiguation in bibliographic databases. In this paper, we create a baseline using the currently implemented algorithm for author affiliation linkage in Alexandria3k by comparing it to the ground truth. We aim to explore the usage of LLMs (GPT-4) in the Alexandria3k environment to disambiguate author affiliations. The proposed approach extracts the research organization from textual affiliations provided by researchers through their published works and cross-references the organization across the Research Organization Registry. Our process shows promising results and a significant improvement on the existing algorithm in terms of matching rate and identification of multiple affiliations. We discuss the margin of error in LLM results, limitations of the ground truth, and suggest future research directions.

The Alexandria3K library, a versatile Python-based tool, has been expanded to include the integra- tion of the PubMed dataset, enriching its capabil- ities in the analysis of scientific papers. Origi- nally supporting major datasets like Crossref and US patents, and smaller yet significant datasets like ORCID. The addition of PubMed enables in-depth analysis of medical papers, with medical specific data and articles not yet in the Crossref dataset. This research focused on validating the integration of PubMed into Alexandria3K. To achieve this, two literature surveys were replicated using the com- plete PubMed dataset. The first survey involved querying different pathogens in the dataset for three regions. The results were comparable, although some articles were missed by Alexandria3K but two articles were also missed by the original sur- vey. The second survey revolved around software tools used in medical papers. Although fewer ar- ticles were found with Alexandria3K the ratio for most tools was still comparable. Although a thor- ough manual review of all articles could have fur- ther refined the reevaluation, time constraints pre- vented this step. These replicated surveys demon- strate Alexandria3K’s potential in conducting lit- erature surveys, underscoring the need for manual validation to complement its capabilities.

This thesis investigates the prevalence of Pylint warnings in open-source Python projects and evaluates the effectiveness of an AI-driven tool for automatically fixing these warnings. The study also explores how developers perceive automated code suggestions and seeks to streamline consent mechanisms for research-related code changes. The primary research questions addressed are: (1) What is the prevalence of Pylint warnings across open-source Python projects? (2) How effective is the AI tool developed to fix Pylint warnings? (3) How do developers perceive the automated suggestions and (4) how can the process of proposing research-related code changes with developer consent be streamlined?

To address these questions, the research draws on literature related to static code analysis, fault detection, and the increasing use of artificial intelligence (AI) in automated code repair. Previous studies highlight the challenges developers face in maintaining consistent code quality and the role of AI in automating such tasks.

The research follows a mixed-method approach. Quantitatively, a dataset of 205 open-source Python projects was analyzed to identify and address common Pylint warnings. An AI-driven tool was employed to attempt fixing these warnings, achieving a success rate of 88\%. In 60 projects, pull requests were submitted to open source maintainers to assess the effectiveness and reception of the tool. Qualitative feedback from maintainers was collected and analyzed, leading to a shift in the contribution strategy from pull requests to submitting issues first, as this was perceived as less intrusive and more manageable by developers.

The analysis revealed a high prevalence of Pylint warnings, particularly \textit{missing-function-docstring} and \textit{line-too-long}, across projects of all sizes. The AI-driven tool effectively fixed 88\% of the warnings, resulting in 70\% of the projects being fully warning-free. However, developer responses to automated pull requests were mixed, prompting the adoption of a more collaborative issue-first approach. These results suggest that AI tools can significantly improve code quality, but challenges remain to foster developer engagement and integrating such tools into established open source workflows.

The study has certain limitations, mainly the focus on Python projects, which may limit the generalizability of the findings to other languages or more complex projects. Furthermore, developer consent and participation were limited, which affected the full implementation of automated changes. Future research should focus on improving the integration of AI tools into developer workflows and expanding the scope of automated code fixes to more diverse and complex projects.

Author name disambiguation, otherwise described as (publication) record linking, is a problem that has had considerable research dedicated to its solv- ing. Author attributions, calculating research met- rics and conducting literature reviews are amongst processes that experience increased difficulty due to ambiguous author names. In this study, a novel approach is presented to disambiguate au- thors related to scientific publications, using Large Language Models (LLMs) in combination with the Alexandria3k software package. LLMs have shown great potential in processing, analysing and drawing conclusions when presented with human- readable data. The approach presented in this study supplies a LLM with known attributes of publica- tion records and authors, such as names, affiliations and co-authors, to determine whether records writ- ten by authors with ambiguous names can be linked to the same real-world person. Using Alexan- dria3k, a dataset of authors and publications with confirmed identities is created to test and validate the approach. Finally, the approach is measured against state-of-the-art methods to disambiguate author names and different configurations are pre- sented and discussed.

The set of regression and integration tests at many modern software companies is huge. It is difficult to run all tests after each code change, so the tests are often run for batches of code changes by different developers, late in the release cycle. This has developers waiting for tests longer than desirable and makes it difficult to link a failed test to a specific code change. To increase developer productivity a subset of high-priority tests can be selected to be run directly after a code change. Tests can furthermore be reordered so that tests reveal faults faster. This field is called test case selection and prioritization (TCS&P). On the flip side the large number of historical test executions can be leveraged to predict test failures. This can be done by training machine learning models on the historical execution data and metrics about the software repository at which these tests were executed. The prediction of failure is then used as the basis for test selection and the confidence of the prediction can be used for prioritization, with higher risk tests being run earlier resulting in tests failing faster on average. This technique is named predictive TCS&P (PTCS&P). This work describes an attempt at PTCS&P by using the historical test executions of Adyen, a financial technology platform. The resulting model has a recall of 95.4% and can be used for three use cases: skipping the tests with a low probability of reveal- ing a fault, which misses 0.6% of faults and saves 34.4% wall clock time, selecting only tests with a high probability of revealing a fault, which saves 94% of time and reveals 39% of faults, and prioritizing based on the chance of failure, which allows for partial left shifting of these tests, which reduces the average time to first fault revealed by 95%.

In (open-source) development, developers routinely rely on other libraries to improve their coding efficiency by reusing code. This reliance on other packages could cause issues when critical dependencies have suddenly have a vulnerability introduced to them. This work analyzes the criticality for NPM. To get an accurate picture of what the most-critical and thus possibly most-vulnerable packages are, the entirety of NPM must be analyzed. However, this proved too big to be able to fit in 500GB of memory. This work therefore examines a small subset of 100 thousand packages. To do the analysis, this paper proposes a novel approach of embedding a time dimension into the package network to provide better accuracy. This papers analysis show that both with and without this time dimension, \texttt{babel} packages are by far the most important in the package graph (as measured by PageRank). We should, however, keep in mind that this came from only analyzing 100 thousand packages. Thus, further research is required to confirm this conclusion. In particular, other importance measures should be used to find out the packages' criticality.

Using open-source packages when developing software applications is the general practice among a vast amount of software developers. However, importing open-source code which may depend on other existing technologies may lead to the appearance of a transitive dependency chain. As a result, failure of packages with a high amount of transitive dependants may have an impact on the performance of all dependant applications. This work focuses on designing a graph data structure which maps the dependency relationship between packages as edges, with nodes representing a single version of a certain package. Moreover, the data structure may perform queries based on time intervals, being able to resolve versions in the same manner as a package distributor would. By constructing such data structure, an analysis of the most critical packages for an ecosystem can be conducted. This paper looks mainly into the Debian ecosystem, and searches for applications which are most critical. Based on this paper criticality evaluation, the package dpkg was found to be both most critical and most used in whole Debian's package main repository.

The main principle of Open Source development is that developers can reuse different libraries over and over again to make their lives easier. That is why this practice has gained a lot of popularity. However, libraries usually depend on other already existing pieces of code. This means that whenever some small piece of code fails, the whole application may crash due to its dependencies. Since Debian is considered as one of the largest community run distributions, it is important to have a good tool to analyse these dependencies to help in avoiding such crashes. That is why this research will focus on building a dependency graph for Debian's package manager and finding out which are the most widely used packages. What separates this research from previous related works, is the addition of a time component to the graph. This will be in the form of a timestamp of the release date for each version of a package. This allows for extensive traversal of the graph, which can also be based on time periods. By doing so, no transitive dependencies should be missed. The paper concludes with defining most widely used as the packages which achieve the highest PageRank score when put into the graph. The top 3 ones are "libc6", "libgcc1" and "multiarch-support".

Developers rely on different software to improve their efficiency as to reuse parts of code and be able to maintain it with ease, which is why open source software libraries have gained much pop- ularity over the past years. This paper analyzes what are the most used packages from Apache Maven, which is a build automation tool used primarily for Java projects. In order to do an accurate analysis, it is necessary to collect all the packages and their dependencies from the Maven Central Repository. But, as of 5th of May 2022, analyzing the whole repository proves to be an extreme challenge, as the repository has 9M of indexed artifacts, which contain metadata such as the version and a list of dependencies. Besides, there are many more other repositories that also contain such artifacts. Thus, this pa- per examines only a small subset of artifacts and provides a data structure that is able to take into consideration the time dependency between li- braries, which can be also scaled to suit a much bigger input. The paper concludes with the most used software on given time-frames, but with- out specifying any time frames, the popular junit package comes out first.

The use of open-source packages is a common practice among developers. It decreases the development time and improves maintainability. But adding a dependency to a project comes with inherit risks such as introducing vulnerabilities. A few solutions that help visualize all of the dependencies of a project exist already. However, none provide the capability of selecting a moment in time for analyzing the generated structure. This research paper formalizes a time-based dependency graph that can be generalized to any ecosystem and then showcases its usefulness by analyzing the Python ecosystem throughout time. The results indicate that the Python ecosystem does have a subset of packages that are the most used - such as numpy and requests - but overall it is well balanced, meaning that it is able to withstand the removal of one of its most used packages. The data structure also provides satisfactory results, having a 89.6% accuracy when compared to the Python resolver. The findings of this study can be used to improve existing dependency networks.

This research studies the symptoms, root causes, impact, triggers, fixes, and system dependency of bugs in the Puppet configuration management system. Puppet is a widely used open-source configuration management system that performs various administrative tasks on machines based on a central specification. This paper aims to fill the research gap and help improve the understanding of these systems. 2146 registered bugs and fixes are collected and a random sample of 100 is analyzed to answer the research questions. The most common bug types have the symptom of unexpected runtime behavior. The root cause is generally incorrect target machine operations. The impact severity is typically medium and the impact consequence of most bugs is target configuration failure. Bug fixes tend to be small method code changes and usually occur in the execution component. Bugs are generally system-independent and are caused by logic errors that can be triggered by specifically executing an erroneous module. The analysis shows that applying automated bug discovery methods to the most error-prone execution and parser components of the system would lead to the largest improvement in the system’s quality.

Configuration management systems are a class of software used to automate system administrative tasks, one of which is the configuration of software systems. Although the automation is less error-prone than manual configuration done by a human, bugs in the source code can still cause configuration errors. This can result into unwanted consequences for the managed software system, some examples are performance degradation, downtime and security breaches.

Bug studies are conducted on previously reported bugs to find out their characteristics. Such findings help with preventing, detecting and fixing bugs, which ultimately causes software to become more reliable. This paper aims to fill in a research gap in the literature surrounding bug studies conducted on configuration management systems. From Salt, a widely used open-source configuration management system, a data-set of 5,896 bugs with fixes was collected. The main research question answered by this paper is ``What are the common patterns can be extracted from bugs found in Salt?'' To answer this, 100 bugs were randomly sampled from this data-set to analyze their symptoms, root causes, impact, fixes, system-dependence and triggers.

Research that focuses on examining software bugs is critical when developing tools for preventing and for fixing software issues. Previous work in this area has explored other types of systems, such as bugs of compilers and security issues stemming from open source systems hosted on public repositories. This paper explores the bugs within the Ansible software provisioning and configuration management system. The main question this paper seeks to answer is "What common patterns can be extracted from the bugs found and what are the root causes, symptoms, triggers, system-dependence factors, fixes, and the impact of the most frequent types of bugs in the Ansible configuration management system". This study defines a data pipeline and custom tools to extract and analyze 100 Ansible bugs. Common classifications are determined, and the bugs are manually classified, revealing common patters within the bugs. Insights are drawn from the aggregated data, and recommendations are made for addressing bug-prone areas of execution and connectivity components, and expanding the test suite with input fuzzing and a genetic algorithms test solution, in order to improve the overall code quality of the Ansible code base.

The study of bugs can provide important information to understand their nature in the context of complex software systems as well as supporting developers in their detection, fix and prevention. Previous studies focused on analyzing bugs under different perspectives such as changes at code level, frequency, semantics, symptoms, root causes and reproducibility through test cases. Although these studies offer valid methodologies that can be applied in different areas of bugs analysis, literature suggests that very little focus has been aimed towards configuration management systems.

This research has the goal to provide a characterization of bugs in the Moby configuration management system, an open framework used to create container systems. A random sample of 100 collected Moby bugs is manually inspected and categorized by their (1) symptoms, (2) root causes, (3) impact, (4) fixes, (5) system dependency and (6) triggers. Some representative takeaways suggest that: bugs symptoms are mostly linked to a specific root cause, which means that bugs occur in certain areas of the system; the modular nature of Moby drives up the criticality of the bugs as each component needs to work correctly; bugs are overall hard to reproduce as only 24.5\% of the fixes included a test case; developing an automatic tool that provides a historical distribution of bugs can support maintainers in their work by enhancing bugs prevention.

The research provides an analysis and categorization of bugs in the Moby configuration management system. The work adds a new perspective to the literature on the topics of both bugs analysis and configuration management systems and can be used as a starting point for further studies.

There are many valid reasons for someone to choose to stay anonymous online, not least of which is the fact that online privacy is a human right. However, discrimination against users of anonymity networks from web-servers and content distribution networks on the grounds of defense against malicious users often means that genuine users are faced with excessive challenge-response tests and differentiated content, or even blocked altogether. This study has investigated the extent to which users of Mullvad VPN are blocked when accessing popular websites and it has also explored the nature of these blocks. No statistically significant difference was found when requesting only home pages from 3,000 domains, but this changed when classifying 1,000 domains and considering content beyond the home page. This impact on the user's experience is also reflected on the categories of website that most engage in blocking, with some essential services such as health and government presenting high blocking ratios. Given that more discerning ways of preventing access from malicious users without affecting genuine ones exist, this generalised blocking of Mullvad VPN users is unjustifiable.

Tor is an anonymity network used by a vast number of users in order to protect their privacy on the internet. It should not come as a surprise that this service is also used for abuse such as Denial of service attacks and other malicious activities because of the anonymity it provides. For protecting themselves from this abuse, websites block Tor in various ways. We investigate the extent and frequency of this kind of blocking by requesting the Alexa top 1000 websites with and without Tor with the objective of highlighting the differential treatment observed by privacy-minded users. We build upon existing studies by using diverse metrics to measure discrimination and by extending our search to three sub pages of websites for detecting sophisticated blocking. We find at least 25.8% of the Alexa top 1000 websites discriminating on the home page against Tor users as opposed to 20.03% observed in previous studies. This number rises to 31.7% after including the three sub pages. We also discover new types of blocks such as Tor users being served old or different versions of websites. We categorize the blocked websites and find that Online Shopping and Finance/ Banking categories discriminate most against Tor while Social Networking sites and Search Engines discriminate the least.

The Lightning Network (LN) is a second-layer solution built on top of the Bitcoin protocol, allowing faster and cheaper transactions without compromising on decentralization. LN is also designed to be more anonymous, since less information has to be shared with the entire network. This should, in theory, improve privacy as well. However, recent works have shown that this is not quite true: due to the deterministic nature of contemporary routing protocols, an adversarial node on a payment path is able to uniquely identify at least one sender or recipient for about 70% of observed transactions. To combat this breach of anonymity, we propose a new routing algorithm that makes use of multiple path segments. By splitting the routing problem into multiple routing sub-problems and forming the final route by joining these sub-routes together, we introduce a degree of randomness which nullifies this kind of adversarial attack. Even when designing a counterattack, we still get a substantial improvement in anonymity, roughly tripling the number of source/destination pairs per attack. However, the protocol is also very costly, doubling the average fee and increasing the average hop count by more than 60%. This shows that the proposed protocol is not strictly superior to the current implementation, meaning that other (less drastic) protocol proposals are likely to give better cost/anonymity trade-offs.