Msc Marco Brack

MSc defense Marco Brack


  • Date: 3 April 2017 (Monday)
  • Time: 18.15
  • Room: B 233
  • Presenter: Marco Brack
  • Supervisor: Ralf Lämmel
  • 2nd reviewer: Hakan Aksu


OSS Vulnerabilities Through Islands of Knowledge


This thesis proposes the use of MSR (Mining Software Repositories) techniques to identify software developers with exclusive expertise about specific APIs and programming domains in software repositories. A pilot Tool for finding such “Islands of Knowledge” in Node.js projects is presented and applied in a case study to the 180 most popular npm packages. It is found that on average each package has 2.3 Islands of Knowledge, which is possibly explained by the finding that npm packages tend to have only one main contributor. In a survey, the maintainers of 50 packages are contacted and asked for opinions on the results produced by the Tool. Together with their responses, this thesis reports on experiences made with the pilot Tool and how future iterations could produce even more accurate statements about programming expertise distribution in developer teams.