Hi!
Forwarding an inquiry I got, since it appeared to be reasonably serious.
Rgds,
Gunnar
-------- Forwarded Message --------
Subject: Using SAST Tools in gnome-desktop/vte2.91
Date: Tue, 14 Nov 2023 06:46:51 +0000
From: Aravind Kumar Machiry <
amachiry@purdue.edu>
To:
gunnarhj@debian.org <
gunnarhj@debian.org>
Hello Gunnar Hjalmarsson,
I am Aravind Machiry, an Assistant Professor at Purdue's ECE Department.
I work in the area of software security. We are working on a project
(details at the end of this email) related to the use of Static Analysis Security Testing (SAST) tools in Debian packages developed in C/C++.
We noticed that you are one of the owners/maintainers of
gnome-desktop/vte2.91 Debian project.
We want to understand whether you are using any SAST tools as part of
your project and, if not, what are your challenges in incorporating SAST
tools in your project.
We are conducting a short anonymous survey (~2min) for this.
Survey Link:
https://purdue.ca1.qualtrics.com/jfe/form/SV_bsjJScol1rUHzhA
As a participant, you will be asked to answer a few questions related to
the use of SAST tools in your project.
Your participation will greatly help us understand the prevalence of
SAST tools usage in the Debian ecosystem and subsequently provide useful research directions in improving SAST tools usage.
Note that participation is voluntary and required to be at least 18
years old.
-Thank you,
Aravind
DETAILS ABOUT THE STUDY:
STUDY TITLE:
Understanding Developers' Perspective on the Use of Static Analysis
Security Testing
DURATION:
The study would take 1-2 minutes.
CONFIDENTIALITY:
No personal information will be asked in the survey, and individual
responses will only be accessible to the PI and will not be shared.
CONTACT INFORMATION:
The study is led by Dr. Aravind Machiry (
amachiry@purdue.edu), Assistant Professor of the Elmore School of Electrical & Computer Engineering
Department at Purdue University.
IRB INFORMATION:
The Purdue Institutional Review Board, #2023-1695 has reviewed this
study and determined to be an exempted study.
If you have questions about your rights while taking part in the study
or have concerns about the treatment of research participants, please
call the Human Research Protection Program at (765) 494-5942 or email
irb@purdue.edu.
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)