Score
A distributed version control system used to track changes, create branches, perform merges and rebases, and manage remotes; practical use involves commits, branching strategies, resolving merge conflicts, tags, and using the git CLI or GUI clients for history inspection and collaboration.
This study presents the first large-scale empirical analysis of Git history rewriting and its threats to software supply chain integrity and reproducibility. Addressing risks—including push conflicts, broken provenance, and malicious code injection—arising from history-altering operations (e.g., rebase, filter-branch) in public repositories, the authors analyze 111 million open-source projects archived by Software Heritage. Leveraging static analysis and two in-depth case studies, they propose the first evidence-driven taxonomy of Git history rewriting and develop GitHistorian, an automated detection tool. Applied at scale, the methodology identifies 1.22 million projects exhibiting history rewriting (8.7 million operations total), revealing prevalent legitimate use cases such as license updates and sensitive information removal. The work establishes a novel, scalable methodology for supply chain security assessment and delivers an open, extensible infrastructure for detecting and characterizing historical tampering.
This study investigates the contextual applicability of Trunk-Based Development (TBD) versus Branch-Based Development (BBD) workflows to optimize developer productivity and software quality across diverse team settings. Method: We conducted a mixed-methods empirical study with 127 practitioners in Brazil, comprising semi-structured interviews (n=15) and an online survey (n=112), analyzed via qualitative coding and quantitative statistical methods. Contribution/Results: To our knowledge, this is the first systematic, industry-based comparison of TBD and BBD practices. We identify team size and developer experience as critical moderating factors: TBD significantly improves delivery efficiency in small, experienced teams, whereas BBD better accommodates large-scale or junior-heavy teams—at the cost of higher process management overhead. The findings yield a data-driven decision framework to guide workflow selection based on organizational context.
This study addresses the challenge novice learners face in understanding Git’s distributed collaboration model, as existing tools predominantly emphasize individual operations and lack intuitive representations of collaborative states. To bridge this gap, we propose GitAcademy, a novel platform featuring an innovative “split-screen awareness” design that serves as a temporary scaffold within a fully functional, browser-embedded Git environment. This design enables a dual-view collaboration mode, allowing learners to perform local repository operations while simultaneously observing their partner’s actions in real time. By integrating a synchronized remote repository with a mirrored representation of collaborative states, the system significantly enhances social presence and peer learning effects. In an experiment with 13 learner pairs, participants consistently preferred this mode, confirming its effectiveness in improving collaborative understanding, although gains in task performance were modest.
This work proposes the first deep integration of Git-style version control into MatrixOne, a cloud-native relational database, to overcome the limitations of existing version control systems in managing large-scale data and the lack of native support for branching, diffing, and merging in traditional databases. Leveraging MatrixOne’s immutable storage architecture and multi-version concurrency control (MVCC), the system enables near real-time cloning, branching/tagging, differencing, merging, and rollback operations on terabyte-scale datasets. It supports atomic deployments, isolation between development and production environments, and seamless integration into CI/CD pipelines. By ensuring strong consistency without service interruption, the approach significantly enhances collaboration efficiency and reliability in data engineering workflows.
This work addresses the limitations of traditional line-based merging algorithms, which often generate spurious conflicts during code refactoring or concurrent editing, and existing syntax- or semantics-aware approaches that suffer from language specificity, formatting loss, and poor cross-file adaptability. The paper proposes Summer, a document-format-agnostic, token-level merging algorithm that decomposes text into universal tokens and models branch changes as string rewrite and move operations. Without relying on language-specific parsers, Summer supports structured edits such as function extraction and inlining. Evaluated on the ConflictBench benchmark, Summer achieves 36% accuracy—the highest among evaluated tools—in precisely reproducing developers’ actual merge outcomes across both Java and non-Java files, while ranking second in semantic correctness, thereby demonstrating the first text-level merging approach that effectively balances generality with semantic awareness.
Existing automated code review approaches often suffer from diminished relevance, increased redundancy, and ambiguous prioritization in repository-scale settings due to the conflation of multidimensional tasks. This work proposes a locality-first, modular multi-agent architecture that decomposes the review process into five distinct stages: repository ingestion, context synthesis, file-level analysis, issue prioritization, and summary generation. Implemented with Python CLI, FastAPI, LangGraph, and Next.js, the system delivers end-to-end localized code review capabilities and includes reusable infrastructure for evaluation and reporting. Beyond presenting a practical system design, this study explicitly articulates key architectural trade-offs, developer-facing interfaces, and common failure modes, thereby establishing a foundational platform for future empirical research in automated code review.
This work addresses the absence of Git-like data versioning in existing lakehouse architectures, which hinders collaborative development among multiple agents and human-in-the-loop review workflows. To bridge this gap, the paper introduces Git semantics into lakehouse systems by extending Apache Iceberg to support lakehouse-wide commits, branches, and merges—elevating single-table snapshots to a unified versioning model. This enables agents to operate on isolated branches while ensuring atomic, cross-table changes during release. The core abstractions are formally modeled and verified using Alloy to guarantee semantic correctness. The proposed system has been deployed in production, demonstrating the feasibility and effectiveness of the collaborative workflow it enables.
This work addresses the complexity of hard fork management in collaborative blockchain ecosystems and their reliance on inter-blockchain communication (IBC). To overcome these challenges, the authors propose a tree-based ledger blockchain architecture that extends the conventional linear chain into a unified tree topology, enabling efficient access to and coordinated governance of multiple hard-forked chains within a single process. By employing a depth-first search algorithm for block navigation, the approach eliminates the need for IBC and significantly enhances multi-fork coordination efficiency. A prototype implementation demonstrates that the proposed architecture securely and effectively manages multi-chain data, offering a viable new paradigm for collaborative fork ecosystems.
This study addresses the lack of systematic understanding regarding how GitHub Actions workflows are used in real-world scenarios, how developers respond to workflow failures, and how these practices relate to project characteristics. Combining large-scale quantitative analysis of 258,300 workflow runs with qualitative case studies across 21 diverse repositories, this work identifies three typical patterns developers employ to handle workflow failures and uncovers a “configuration–usage gap”—where YAML configurations exist but workflows remain effectively unused. Furthermore, the study empirically validates five hypotheses linking project features to workflow usage intensity, revealing a significant positive correlation between high usage intensity and low failure rates. These findings provide actionable empirical evidence for improving CI/CD practices.
This study addresses the lack of systematic understanding in the configuration and maintenance of CI/CD caching, which imposes a significant burden on developers despite its benefits for build efficiency. Through a large-scale empirical analysis of 952 repositories on GitHub Actions—encompassing 1,556 workflow files and over ten thousand cache-related changes—the authors employ code mining, configuration analysis, commit tracing, and statistical modeling to uncover real-world caching practices, evolutionary patterns, and human-bot collaboration in maintenance. The findings reveal that cache adopters are more active, caching strategies are diverse and frequently adjusted, and build- and test-related tasks evolve rapidly. Manual interventions primarily address misconfigurations, whereas version upgrades are predominantly automated by bots. The work quantifies the maintenance overhead of caching and provides empirical foundations for improving developer tooling.