Software Engineering for JavaScript
Testing
- K. Sen, S. Kalasapur, T. Brutch, and S. Gibbs, "Jalangi: A Selective Record-Replay and Dynamic Analysis Framework for JavaScript," in Proc. 9th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE'13), 2013. [pdf] [demo] [slides][open source tool]
- K. Sen, S. Kalasapur, T. Brutch, and S. Gibbs, "Jalangi: A Tool Framework for Concolic Testing, Selective Record-Replay, and Dynamic Analysis of JavaScript," in Proc. 9th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE'13), 2013. (Tool Paper) [pdf]
- S. Mirshokraie, A. Mesbah and K. Pattabiraman, “Pythia: Generating Test Cases with Oracles for JavaScript Applications”, in Proceedings of the ACM/IEEE International Conference on Automated Software Engineering (ASE), New Ideas Track, 2013, 610–615, IEEE Computer Society. [pdf][open source tool]
- S. Mirshokraie, A. Mesbah and K. Pattabiraman, “Efficient JavaScript Mutation Testing”, in Proceedings of the International Conference on Software Testing, Verification and Validation (ICST), 2013, 74–83, IEEE Computer Society, [pdf][open source tool]
- S. Mirshokraie and A. Mesbah, “JSART: JavaScript Assertion-based Regression Testing”, in Proceedings of the International Conference on Web Engineering (ICWE), 2012, 238–252, Springer. [pdf][open source tool]
- S. Artzi, J. Dolby, S. H. Jensen, A. M.ller, and F. Tip. A framework for automated testing of javascript web applications. In 33rd International Conference on Software Engineering, ICSE'11, pages 571{580. ACM, 2011. [pdf][open source tool][project web][example applications]
- ] A. Mesbah and A. van Deursen. Invariant-based automatic testing of ajax user interfaces. In 31st International Conference on Software Engineering, ICSE '09, 2009. [pdf]
Debugging
- Frolin S. Ocariza, Jr. Karthik Pattabiraman Ali Mesbah. Vejovis: Suggesting Fixes for JavaScript Faults. ICSE 2014. [pdf][open source tool]
- F. Ocariza Jr., K. Pattabiraman, A. Mesbah, "AutoFLox: An Automatic Fault Localizer for Client-Side JavaScript," In Proceedings of the 5th IEEE International Conference on Software Testing, Verification and Validation (ICST), Montreal, QC, Canada, April 2012. [pdf][open source tool]
- Jeremy Elson, and Jon Howell. Mugshot: Deterministic Capture and Replay for JavaScript Applications James Mickens, NDSI 2010. [pdf][slides and online video]
Refactoring/Program Understanding
- Alimadadi, Saba and Sequeira, Sheldon and Mesbah, Ali and Pattabiraman, Karthik, Understanding JavaScript Event-based Interactions, ICSE 2014. [pdf][open source tool]
- Asger Feldthaus and Anders Møller. Semi-Automatic Rename Refactoring for JavaScript. OOPSLA 2013. [pdf][project web][open source tool]
- J. Lo, E. Wohlstadter and A. Mesbah, “Imagen: Runtime Migration of Browser Sessions for JavaScript Web Applications”, in Proceedings of the International World Wide Web Conference (WWW), 2013, 815–825, [pdf]
- Tool-supported Refactoring for JavaScript. OOPSLA 2011. [pdf][project web][open source tool]
Security
- Christoph Kerschbaumer, Eric Hennigan, Per Larsen, Stefan Brunthaler, and Michael Franz. 2013. Information flow tracking meets just-in-time compilation. ACM Trans. Archit. Code Optim. 10, 4, Article 38 (December 2013). [pdf]
- Meyerovich, Leo A., and Benjamin Livshits. "ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser." Security and Privacy (SP), 2010 IEEE Symposium on. IEEE, 2010. [pdf]
- Yu, Dachuan, et al. "JavaScript instrumentation for browser security." ACM SIGPLAN Notices. Vol. 42. No. 1. ACM, POPL 2007. [pdf]
- Yue, Chuan, and Haining Wang. "Characterizing insecure javascript practices on the web." Proceedings of the 18th international conference on World wide web. ACM, 2009. [pdf]
- Georgiev, Martin, Suman Jana, and Vitaly Shmatikov. "Breaking and Fixing Origin-Based Access Control in Hybrid Web/Mobile Application Frameworks." NDSS 2014. [pdf]
Bug Studies
- F. Ocariza Jr., K. Bajaj, K. Pattabiraman, A. Mesbah, "An Empirical Study of Client-Side JavaScript Bugs," In Proceedings of the 7th IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), Baltimore, MD, USA, October 2013. [pdf]
- F. Ocariza Jr., K. Pattabiraman, B. Zorn, "JavaScript Errors in the Wild: An Empirical Study," In Proceedings of the 22nd IEEE International Symposium on Software Reliability Engineering (ISSRE), Hiroshima, Japan, November 2011. [pdf]
Program Analysis
- A. Milani Fard and A. Mesbah, “JSNose: Detecting JavaScript Code Smells”, in Proceedings of the International Conference on Source Code Analysis and Manipulation (SCAM), 2013, 116–125, IEEE Computer Society. [pdf][open source tool]
- Shiyi Wei and Barbara G. Ryder. 2013. Practical blended taint analysis for JavaScript. In Proceedings of the 2013 International Symposium on Software Testing and Analysis (ISSTA 2013). [pdf]
- Feldthaus, Schäfer, Sridharan, Dolby, and Tip, Efficient Construction of Approximate Call Graphs for JavaScript IDE Services. ICSE 2013 [pdf]
Open Source Infrastructures
- TAJS: Type Analyzer for JavaScript [open source tool][project web]
- CrawlJex: Crawling Ajax-based Web Applications [open source tool][project web]
- Clematis: Understanding JavaScript Event-based Interactions [open source tool]
- MuscalietJS: An Extensible Portable Layered JavaScript Engine [open source tool]
- Jalangi: A Selective Record-Replay and Dynamic Analysis Framework for JavaScript [open source tool]
- Artemis - automated testing of JavaScript applications [open source tool][project web][example applications]
- Reanimator: Capture and replay JavaScript applications [open source tool]
- JSRefactor - refactoring for JavaScript [project web][open source tool]
- Lambda S5 - Symbolic Execution with JavaScript Objects [open source tool]
- querypoint-debugging Querypoint Debugger Implementation [open source tool]
- AutoFLox: Automatic Fault Localization in Ajax-based Web Applications [open source tool]
- JSART: JavaScript Assertion-based Regression Tester [open source tool]
- Pythia: JavaScript Test Case with Oracle Generation [open source tool]
- Vejovis: DOM-Related JavaScript Error Repair Tool [open source tool]
- Mutandis: JavaScript Mutation Testing Tool [open source tool]
- JSNose: JavaScript Code Smell Detector [open source tool]
- Open Source Tools at UBC
- Wala for JavaScript: [open source tool][EventTracer@IBM web site]
- JavaScript Static Checking Tools: JSLint, JavaScript Lint JSure