This repository contains the replication package for the paper "Why Not Mitigate Vulnerabilities in Helm Charts?" submitted to Empirical Software Engineering (EMSE).
Repository structure:
rq1contains the data collection, analysis, and misc scripts for RQ1rq2contains the data collection, analysis, and misc scripts for RQ2data-explorercontainers the data collection/conversion scripts for the paper.
Actual database is large (8GB) and stored in a sqlite database, it will be open-sourced to a dedicated repository. The data explorer folder scripts can be used to reconstruct the sqlite database since core data is available in a pickled form.
The constructed database should be named cve2023.sqlite and placed in the cve folder.
To run and reproduce the paper metrics, first we need to download the cve2023.sqlite original data from the cloud provider.
- Run poetry install to install the required dependencies.
- Run correspoding python script in the RQ1 and RQ2 folder to reproduce the metrics in the paper.
Note: some scripts may need manual adjustments to uncomment some operations (i.e., alternative aggregations and persistence to database).