Abstract is missing.
- The Knockout of the Century: Cyber Resiliency through the ArtsYesenia Yser. 1 [doi]
- Open Source Supply Chain Security at GoogleRuss Cox. 3 [doi]
- An Empirical Study on Using Large Language Models to Analyze Software Supply Chain Security FailuresTanmay Singla, Dharun Anandayuvaraj, Kelechi G. Kalu, Taylor R. Schorlemmer, James C. Davis 0001. 5-15 [doi]
- Distinguishing AI- and Human-Generated Code: A Case StudySufiyan Bukhari, Benjamin Tan, Lorenzo De Carli. 17-25 [doi]
- What Does it Look Like to Code-sign for an Entire Packaging Ecosystem?William Woodruff. 27 [doi]
- Macaron: A Logic-based Framework for Software Supply Chain Security AssuranceBehnaz Hassanshahi, Trong Nhan Mai, Alistair Michael, Benjamin Selwyn-Smith, Sophie Bates, Padmanabhan Krishnan. 29-37 [doi]
- Scalable Policies for Supply Chain SecurityThomas Hennen. 39 [doi]
- Differential Static Analysis for Detecting Malicious Updates to Open Source PackagesFabian Niklas Froh, Matías Federico Gobbi, Johannes Kinder. 41-49 [doi]
- Estimating Security Risk Through Repository MiningTamas K. Lengyel. 51-52 [doi]
- (Nothing But) Many Eyes Make All Bugs ShallowElizabeth Wyss, Lorenzo De Carli, Drew Davidson. 53-63 [doi]
- The Hitchhiker's Guide to Malicious Third-Party DependenciesPiergiorgio Ladisa, Merve Sahin, Serena Elisa Ponta, Marco Rosa, Matias Martinez, Olivier Barais. 65-74 [doi]
- Software Bill of Materials in JavaMusard Balliu, Benoit Baudry, Sofia Bobadilla, Mathias Ekstedt, Martin Monperrus, Javier Ron, Aman Sharma, Gabriel Skoglund, César Soto-Valero, Martin Wittlinger. 75-76 [doi]
- Enforcing SBOMs through the Linux kernel with eBPF and IMAAlex Crawford, Eugene Yakubovich, Rob Szumski. 77-78 [doi]