Python Coding Style Compliance on Stack Overflow

Bafatakis, Nikolaos; Boecker, Niels; Boon, Wenjie; Salazar, Martin Cabello; Krinke, Jens; Oznacar, Gazi; White, Robert

doi:10.1109/msr.2019.00042

Cited by 20 publications

(14 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This step is also performed by our analysis tool and concerns running the static code analysis tool Pylint (version 2.6.0) in its default configuration on all pure Python files in each project (but not on any of the dependencies). We choose Pylint for static code analysis as it is widely used and widely accepted in the Python community, as well as being highly configurable [6,10]. It is also well integrated into IDEs such as PyCharm and VS Code.…”

Section: Static Analysismentioning

confidence: 99%

“…II. RELATED WORK Several studies have investigated linting and static code analysis of non-ML projects [8,9,10,11]. Tómasdóttir et al [8] researched why JavaScript (JS) developers use linters and how they tend to configure them.…”

Section: Introductionmentioning

confidence: 99%

“…Omari and Martinez [9] used Pylint to analyse the code quality of a dataset of large Python projects. Furthermore, Bafatakis et al [10] used Pylint to investigate the Python coding style compliance of StackOverflow answers.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

The Prevalence of Code Smells in Machine Learning projects

Oort

Cruz

Aniche

et al. 2021

2021 IEEE/ACM 1st Workshop on AI Engineering - Software Engineering for AI (WAIN)

View full text Add to dashboard Cite

Artificial Intelligence (AI) and Machine Learning (ML) are pervasive in the current computer science landscape. Yet, there still exists a lack of software engineering experience and best practices in this field. One such best practice, static code analysis, can be used to find code smells, i.e., (potential) defects in the source code, refactoring opportunities, and violations of common coding standards. Our research set out to discover the most prevalent code smells in ML projects. We gathered a dataset of 74 open-source ML projects, installed their dependencies and ran Pylint on them. This resulted in a top 20 of all detected code smells, per category. Manual analysis of these smells mainly showed that code duplication is widespread and that the PEP8 convention for identifier naming style may not always be applicable to ML code due to its resemblance with mathematical notation. More interestingly, however, we found several major obstructions to the maintainability and reproducibility of ML projects, primarily related to the dependency management of Python projects. We also found that Pylint cannot reliably check for correct usage of imported dependencies, including prominent ML libraries such as PyTorch.

show abstract

Section: Static Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The Prevalence of Code Smells in Machine Learning projects

Oort

Cruz

Aniche

et al. 2021

2021 IEEE/ACM 1st Workshop on AI Engineering - Software Engineering for AI (WAIN)

View full text Add to dashboard Cite

show abstract

“…The MSR Mining Challenges have been used as student coursework on the MSc Software Systems Engineering programme at UCL Computer Science. Students are asked to work in groups on the challenge in the same way one would work on an actual submission to the challenge and some groups have had work accepted (Bafatakis et al 2019;Wilkie et al 2018).…”

Section: Case 3: Using Msr Mining Challenges For Student Courseworkmentioning

confidence: 99%

Ethics in the mining of software repositories

Gold

Krinke

2021

Empir Software Eng

Self Cite

View full text Add to dashboard Cite

Research in Mining Software Repositories (MSR) is research involving human subjects, as the repositories usually contain data about developers’ and users’ interactions with the repositories and with each other. The ethics issues raised by such research therefore need to be considered before beginning. This paper presents a discussion of ethics issues that can arise in MSR research, using the mining challenges from the years 2006 to 2021 as a case study to identify the kinds of data used. On the basis of contemporary research ethics frameworks we discuss ethics challenges that may be encountered in creating and using repositories and associated datasets. We also report some results from a small community survey of approaches to ethics in MSR research. In addition, we present four case studies illustrating typical ethics issues one encounters in projects and how ethics considerations can shape projects before they commence. Based on our experience, we present some guidelines and practices that can help in considering potential ethics issues and reducing risks.

show abstract

“…Vast number of researches focused on security assessment in different programming languages [22], [2], [31], [21], [28]. Security assessment in languages like Java, C and C++ have established guidelines, standardizations and even recommendations [12], [26], [23].…”

Section: Related Workmentioning

confidence: 99%

On the use of C# Unsafe Code Context

Firouzi

Sami

Khomh

et al. 2020

Proceedings of the 14th ACM / IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)

View full text Add to dashboard Cite

Background. C# maintains type safety and security by not allowing direct dangerous pointer arithmetic. To improve performance for special cases, pointer arithmetic is provided via an unsafe context. Programmers can use the C# unsafe keyword to encapsulate a code block, which can use pointer arithmetic. In the Common Language Runtime (CLR), unsafe code is referred to as unverifiable code. It then becomes the responsibility of the programmer to ensure the encapsulated code snippet is not dangerous. Naturally, this raises concern on whether such trust is misused by programmers when they promote the use of C# unsafe context. Aim. We aim to analyze the prevalence and vulnerabilities of share code examples using C# unsafe keyword in Stack Overflow (SO) code sharing platform. Method. By using some regular expressions and manual checks, we extracted C# unsafe code relevant posts from SO and categorized them into some software development scenarios. Results. In the entire SO data dump of September 2018, we find 2,283 C# snippets with the unsafe keyword. Among those posts, 27% of posts are about Image processing, where unsafe codes are mainly used for performance reasons. The second most popular category by 21% of the codes in the posts is used for 'Interoperability' reasons. That is 'unsafe' is used to enable 'Interoperability' between C# managed codes and unmanaged codes. The 'stackalloc' operator is the third category with 9% of unsafe code posts. The stackalloc operator allocates a block of memory on the stack. Since C# 7.2, Microsoft recommends against using 'stackalloc'in unsafe context whenever possible. Manual inspection shows 67 code snippets with dangerous functions that can introduce vulnerability if not used with caution (e.g., buffer overflow). Finally, 35% of 'Interoperability' posts have 'P/Invoke' tag were used outside NativeMethods class, which is in contrast to Microsoft design suggestion. Conclusion. Our study leads to 7 main findings, and these findings show the importance of cautiously using this feature.

show abstract

Python Coding Style Compliance on Stack Overflow

Cited by 20 publications

References 17 publications

The Prevalence of Code Smells in Machine Learning projects

The Prevalence of Code Smells in Machine Learning projects

Ethics in the mining of software repositories

On the use of C# Unsafe Code Context

Contact Info

Product

Resources

About