Data from: A Socio-technical Perspective on Software Vulnerabilities: A Causal Analysis

This data package contains supplemental material data for the under review TSE submission: A Socio-technical Perspective on Software Vulnerabilities: A Causal Analysis. The restricted access requirement will be lifted upon approval of the manuscript. The comprehensive explanation of this dataset can be found at: https://sailuh.github.io/causal_commit_flow_docs The following briefly describes the contents of the folders. The analysis presented in the manuscript requires the following: Git Log Mailing List Software Vulnerabilities (NVD Feed) This data is provided to a mining software repository tool, Kaiaulu. The data specifications and configuration parameters are defined in the OpenSSL project configuration file (.yml), also included in this package. An R notebook in Kaiaulu, taking the dataset above + project configuration file, can then perform the first analysis step: https://github.com/sailuh/kaiaulu/blob/master/vignettes/issue_social_smell_showcase.Rmd The file 1_openssl_social_smells_timeline.csv is generated as an output of this R Notebook, and included in the causal_model folder of this package. The following files in this folder numbered 2 through 16, describe transformation steps using Excel, Python scripts, and Tetrad (also an open source tool). These are described conceptually in the manuscript, but in more detail in the comprehensive explanation of this dataset linked at the start