1. OSSIntegrity: Collaborative open-source code integrity verification;Computers & Security;2024-09

2. Dependency-Induced Waste in Continuous Integration: An Empirical Study of Unused Dependencies in the npm Ecosystem;Proceedings of the ACM on Software Engineering;2024-07-12

3. Increasing trust in the open source supply chain with reproducible builds and functional package management;Proceedings of the 2024 IEEE/ACM 46th International Conference on Software Engineering: Companion Proceedings;2024-04-14

4. Secure Crowdsource-Based Open-Source Code Verification (SC)^2V;Proceedings of the 39th ACM/SIGAPP Symposium on Applied Computing;2024-04-08

5. What is an app store? The software engineering perspective;Empirical Software Engineering;2024-01