{:highlights [{:id #uuid "657b0337-6189-4b88-828a-a4e41e886c07", :page 1, :position {:bounding {:x1 114.22917175292969, :y1 517.03125, :x2 627.5102996826172, :y2 561.6771240234375, :width 1305.6, :height 1689.6}, :rects ({:x1 114.22917175292969, :y1 517.03125, :x2 627.5102996826172, :y2 538.3646240234375, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 540.34375, :x2 470.45664978027344, :y2 561.6771240234375, :width 1305.6, :height 1689.6}), :page 1}, :content {:text "This work investigates the security implications of SATD from a technical and developer-centred perspective."}, :properties {:color "green"}} {:id #uuid "657b034a-6da8-4c4e-9589-da4b20a0d5bc", :page 1, :position {:bounding {:x1 114.10417175292969, :y1 540.34375, :x2 630.6959075927734, :y2 631.96875, :width 1305.6, :height 1689.6}, :rects ({:x1 618.5191040039062, :y1 540.34375, :x2 627.461669921875, :y2 561.6771240234375, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 563.8333740234375, :x2 627.4716033935547, :y2 585.1666870117188, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 587.1458740234375, :x2 630.6959075927734, :y2 608.4791870117188, :width 1305.6, :height 1689.6} {:x1 114.10417175292969, :y1 610.6354370117188, :x2 402.02879333496094, :y2 631.96875, :width 1305.6, :height 1689.6}), :page 1}, :content {:text "it analyses whether security pointers disclosed inside SATD sources can be used to characterise vulnerabilities in Open-Source Software (OSS) projects and repositories"}, :properties {:color "purple"}} {:id #uuid "657b035f-880e-400d-b6bc-52cfc54836df", :page 1, :position {:bounding {:x1 114.76042175292969, :y1 610.6354370117188, :x2 627.5328369140625, :y2 678.59375, :width 1305.6, :height 1689.6}, :rects ({:x1 563.0949096679688, :y1 610.6354370117188, :x2 627.5328369140625, :y2 631.96875, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 633.9479370117188, :x2 626.8239593505859, :y2 655.28125, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 657.2604370117188, :x2 625.4587249755859, :y2 678.59375, :width 1305.6, :height 1689.6}), :page 1}, :content {:text "it delves into developers’ perspectives regarding the motivations behind this practice, its prevalence, and its potential negative consequences"}, :properties {:color "purple"}} {:id #uuid "657b037c-e116-4902-af66-9151ee9ac98e", :page 1, :position {:bounding {:x1 114.76042175292969, :y1 704.0625, :x2 627.5103607177734, :y2 748.71875, :width 1305.6, :height 1689.6}, :rects ({:x1 165.97483825683594, :y1 704.0625, :x2 627.5103607177734, :y2 725.3958740234375, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 727.3854370117188, :x2 188.72341918945312, :y2 748.71875, :width 1305.6, :height 1689.6}), :page 1}, :content {:text "analysis of a preexisting dataset containing 94,455 SATD instances"}, :properties {:color "green"}} {:id #uuid "657b0383-b5ac-4672-a89d-3fa8c3dcdf15", :page 1, :position {:bounding {:x1 271.4266357421875, :y1 727.3854370117188, :x2 591.58349609375, :y2 748.71875, :width 1305.6, :height 1689.6}, :rects ({:x1 271.4266357421875, :y1 727.3854370117188, :x2 591.58349609375, :y2 748.71875, :width 1305.6, :height 1689.6}), :page 1}, :content {:text " online survey with 222 OSS practitioners"}, :properties {:color "green"}} {:id #uuid "657b03d6-fc1a-4889-9316-a0048d186dcf", :page 1, :position {:bounding {:x1 114.22917175292969, :y1 750.8646240234375, :x2 627.5078125, :y2 819, :width 1305.6, :height 1689.6}, :rects ({:x1 164.0858154296875, :y1 750.8646240234375, :x2 627.5078125, :y2 772.1979370117188, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 774.1875, :x2 627.4780120849609, :y2 795.5208740234375, :width 1305.6, :height 1689.6} {:x1 114.22917175292969, :y1 797.6666870117188, :x2 254.36236572265625, :y2 819, :width 1305.6, :height 1689.6}), :page 1}, :content {:text "We gathered 201 SATD instances through the dataset analysis and mapped them to different Common Weakness Enumeration(CWE) identifiers. "}, :properties {:color "blue"}} {:id #uuid "657b03f5-da8f-43b9-b6f9-f9dd4ac56d3a", :page 1, :position {:bounding {:x1 114.76042175292969, :y1 797.6666870117188, :x2 630.3765106201172, :y2 889.125, :width 1305.6, :height 1689.6}, :rects ({:x1 318.6688537597656, :y1 797.6666870117188, :x2 627.5242919921875, :y2 819, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 820.9896240234375, :x2 627.4748382568359, :y2 842.3229370117188, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 844.3021240234375, :x2 630.3765106201172, :y2 865.6354370117188, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 867.7916870117188, :x2 214.3110809326172, :y2 889.125, :width 1305.6, :height 1689.6}), :page 1}, :content {:text "25 different types of CWEs were spotted across commit messages, pull requests, code comments, and issue sections, from which 8 appear among MITRE’s Top-25 most dangerous ones"}, :properties {:color "blue"}} {:id #uuid "657b0418-e290-4295-b8ea-881eb58074ad", :page 1, :position {:bounding {:x1 114.76042175292969, :y1 867.7916870117188, :x2 629.5842132568359, :y2 959.2396240234375, :width 1305.6, :height 1689.6}, :rects ({:x1 224.0298309326172, :y1 867.7916870117188, :x2 627.1461029052734, :y2 889.125, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 891.1041870117188, :x2 627.9604339599609, :y2 912.4375, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 914.4166870117188, :x2 629.5842132568359, :y2 935.75, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 937.90625, :x2 282.4364013671875, :y2 959.2396240234375, :width 1305.6, :height 1689.6}), :page 1}, :content {:text "The survey shows that software practitioners often place security pointers across SATD artefacts to promote a security culture among their peers and help them spot flaky code sections, among other motives."}, :properties {:color "yellow"}} {:id #uuid "657b046c-1931-43c5-a9bc-86d76e4e5c78", :page 1, :position {:bounding {:x1 114.76042175292969, :y1 961.21875, :x2 627.9556732177734, :y2 1052.6771240234375, :width 1305.6, :height 1689.6}, :rects ({:x1 592.866943359375, :y1 961.21875, :x2 627.62060546875, :y2 982.5521240234375, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 984.5416870117188, :x2 627.9556732177734, :y2 1005.875, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 1008.0208740234375, :x2 627.4692230224609, :y2 1029.354248046875, :width 1305.6, :height 1689.6} {:x1 114.76042175292969, :y1 1031.34375, :x2 589.8331146240234, :y2 1052.6771240234375, :width 1305.6, :height 1689.6}), :page 1}, :content {:text " Our findings suggest that preserving the contextual integrity of security pointers disseminated across SATD artefacts is critical to safeguard both commercial and OSS solutions against zero-day attacks."}, :properties {:color "yellow"}} {:id #uuid "657dc10b-c38b-4a52-b157-494912c8d7c5", :page 1, :position {:bounding {:x1 550.546875, :y1 410.96875, :x2 967.6505126953125, :y2 447.5546875, :width 1060.8, :height 1372.8}, :rects ({:x1 753.9152221679688, :y1 410.96875, :x2 967.6505126953125, :y2 428.46875, :width 1060.8, :height 1372.8} {:x1 550.546875, :y1 430.0546875, :x2 848.4317626953125, :y2 447.5546875, :width 1060.8, :height 1372.8}), :page 1}, :content {:text "circumvent with spurious design workarounds and sub-optimal implementations"}, :properties {:color "green"}} {:id #uuid "657dc119-1283-4d18-a8eb-7ef4e1eaaa4b", :page 1, :position {:bounding {:x1 551.078125, :y1 468.078125, :x2 970.3164672851562, :y2 504.5234375, :width 1060.8, :height 1372.8}, :rects ({:x1 634.2393188476562, :y1 468.078125, :x2 970.3164672851562, :y2 485.578125, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 487.0234375, :x2 903.294189453125, :y2 504.5234375, :width 1060.8, :height 1372.8}), :page 1}, :content {:text " low-quality artefacts that can impair the future maintenance and evolution of the system being developed"}, :properties {:color "green"}} {:id #uuid "657dc13b-c9f7-4126-b876-5ad92d0bbc4f", :page 1, :position {:bounding {:x1 551.078125, :y1 544, :x2 970.0072631835938, :y2 580.4375, :width 1060.8, :height 1372.8}, :rects ({:x1 739.9590454101562, :y1 544, :x2 970.0072631835938, :y2 561.5, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 562.9375, :x2 782.6049194335938, :y2 580.4375, :width 1060.8, :height 1372.8}), :page 1}, :content {:text " TD can incur extra work in the longterm, not to mention additional costs."}, :properties {:color "green"}} {:id #uuid "657dc145-ed1e-4fea-b3d7-f08c4c30fe94", :page 1, :position {:bounding {:x1 551.078125, :y1 562.9375, :x2 967.6495361328125, :y2 618.46875, :width 1060.8, :height 1372.8}, :rects ({:x1 831.4208984375, :y1 562.9375, :x2 967.6441040039062, :y2 580.4375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 582.0234375, :x2 967.6495361328125, :y2 599.5234375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 600.96875, :x2 844.7333984375, :y2 618.46875, :width 1060.8, :height 1372.8}), :page 1}, :content {:text " it is deemed a critical issue for software development and considered ubiquitous to most software projects across all industry segments"}, :properties {:color "purple"}} {:id #uuid "657dc170-7bea-4bff-bae2-a4de42595c02", :page 1, :position {:bounding {:x1 551.078125, :y1 705.4375, :x2 967.64892578125, :y2 760.9609375, :width 1060.8, :height 1372.8}, :rects ({:x1 800.6972045898438, :y1 705.4375, :x2 967.39697265625, :y2 722.9375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 724.515625, :x2 967.64892578125, :y2 742.015625, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 743.4609375, :x2 847.0096435546875, :y2 760.9609375, :width 1060.8, :height 1372.8}), :page 1}, :content {:text "security incurs extra costs as it is frequently seen as an “after-thought” instead of an actual priority in the software development life cycle"}, :properties {:color "green"}} {:id #uuid "657dc187-f390-45fe-986f-312a1ccc2ab6", :page 1, :position {:bounding {:x1 551.078125, :y1 762.40625, :x2 967.3717041015625, :y2 798.9921875, :width 1060.8, :height 1372.8}, :rects ({:x1 805.4207763671875, :y1 762.40625, :x2 967.3717041015625, :y2 779.90625, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 781.4921875, :x2 631.2735595703125, :y2 798.9921875, :width 1060.8, :height 1372.8}), :page 1}, :content {:text " intersection between TD and security"}, :properties {:color "blue"}} {:id #uuid "657dc1ad-caf0-4cff-8619-2ae58d6fbd8a", :page 1, :position {:bounding {:x1 551.078125, :y1 895.4296875, :x2 969.2659912109375, :y2 950.9609375, :width 1060.8, :height 1372.8}, :rects ({:x1 580.91455078125, :y1 895.4296875, :x2 969.2659912109375, :y2 912.9296875, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 914.375, :x2 967.6387329101562, :y2 931.875, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 933.4609375, :x2 751.0281982421875, :y2 950.9609375, :width 1060.8, :height 1372.8}), :page 1}, :content {:text "significant part of TD is explicitly reported by developers themselves in the form of “self-admissions”, namely through software artefacts such as code comments"}, :properties {:color "blue"}} {:id #uuid "657dc1e2-9695-46ff-b97d-1149ee389da5", :page 1, :position {:bounding {:x1 551.078125, :y1 1047.3984375, :x2 970.2335205078125, :y2 1140.8203125, :width 1060.8, :height 1372.8}, :rects ({:x1 890.374267578125, :y1 1047.3984375, :x2 969.359375, :y2 1064.8984375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 1066.34375, :x2 970.207275390625, :y2 1083.84375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 1085.4296875, :x2 967.5057373046875, :y2 1102.9296875, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 1105.609375, :x2 970.2335205078125, :y2 1123.109375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 1123.3203125, :x2 876.2894897460938, :y2 1140.8203125, :width 1060.8, :height 1372.8}), :page 1}, :content {:text "Particularly, an attacker could take advantage of security pointers disclosed inside these sources (e.g., a code comment like “TODO: Make it thread-safe”) to spot exploitable weaknesses in the system threatening its availability, confidentiality and integrity. "}, :properties {:color "purple"}} {:id #uuid "657dc427-af89-4c6b-bce5-4cb9d1a4c390", :page 1, :position {:bounding {:x1 551.078125, :y1 1142.3984375, :x2 967.6470947265625, :y2 1197.7890625, :width 1060.8, :height 1372.8}, :rects ({:x1 721.1380615234375, :y1 1142.3984375, :x2 967.6424560546875, :y2 1159.8984375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 1161.34375, :x2 967.6470947265625, :y2 1178.84375, :width 1060.8, :height 1372.8} {:x1 551.078125, :y1 1180.2890625, :x2 682.3818359375, :y2 1197.7890625, :width 1060.8, :height 1372.8}), :page 1}, :content {:text " the security implications of SATD have not been investigated nor documented throughout the literature up to our knowledge"}, :properties {:color "blue"}} {:id #uuid "657dc6fb-e377-4918-99cb-750ab2872eaa", :page 2, :position {:bounding {:x1 107.5859375, :y1 193.0078125, :x2 588.353759765625, :y2 235.03125, :width 1224, :height 1584}, :rects ({:x1 130.5911865234375, :y1 193.0078125, :x2 588.353759765625, :y2 213.0078125, :width 1224, :height 1584} {:x1 107.5859375, :y1 215.03125, :x2 227.69491577148438, :y2 235.03125, :width 1224, :height 1584}), :page 2}, :content {:text " implications of security pointers inside SATD instances across multiple sources"}, :properties {:color "purple"}} {:id #uuid "657dc710-9843-4cbd-ac68-61370542bd06", :page 2, :position {:bounding {:x1 106.9765625, :y1 215.03125, :x2 591.3734130859375, :y2 300.765625, :width 1224, :height 1584}, :rects ({:x1 432.4708557128906, :y1 215.03125, :x2 591.3734130859375, :y2 235.03125, :width 1224, :height 1584} {:x1 107.5859375, :y1 236.890625, :x2 590.332275390625, :y2 256.890625, :width 1224, :height 1584} {:x1 107.5859375, :y1 258.75, :x2 588.356689453125, :y2 278.75, :width 1224, :height 1584} {:x1 106.9765625, :y1 280.765625, :x2 459.8996887207031, :y2 300.765625, :width 1224, :height 1584}), :page 2}, :content {:text "whether explicit references to security vulnerabilities inside code comments, commits, issue reports, and pull requests can help characterise exploitable weaknesses inside Open-Source Software (OSS"}, :properties {:color "blue"}} {:id #uuid "657dc74f-1a59-490f-89d9-dd3bd5143987", :page 2, :position {:bounding {:x1 107.5859375, :y1 302.625, :x2 588.35498046875, :y2 366.5, :width 1224, :height 1584}, :rects ({:x1 167.35498046875, :y1 302.625, :x2 588.35498046875, :y2 322.625, :width 1224, :height 1584} {:x1 107.5859375, :y1 324.484375, :x2 588.34912109375, :y2 344.484375, :width 1224, :height 1584} {:x1 107.5859375, :y1 346.5, :x2 260.7581787109375, :y2 366.5, :width 1224, :height 1584}), :page 2}, :content {:text " OSS projects and repositories as they become easy targets of security attacks by making their artefacts visible and available to the public in general "}, :properties {:color "green"}} {:id #uuid "657dc794-12d3-4c51-91b8-77e5a5ef87d4", :page 2, :position {:bounding {:x1 126.4375, :y1 416.0390625, :x2 590.2296142578125, :y2 457.8984375, :width 1224, :height 1584}, :rects ({:x1 126.4375, :y1 416.0390625, :x2 590.2296142578125, :y2 436.0390625, :width 1224, :height 1584} {:x1 126.4375, :y1 437.8984375, :x2 510.3699951171875, :y2 457.8984375, :width 1224, :height 1584}), :page 2}, :content {:text "RQ1: Can SATD sources contain pointers to security weaknesses and vulnerabilities inside OSS repositories?"}, :properties {:color "blue"}} {:id #uuid "657dc7a1-e7f0-4bcc-af73-58094e6608af", :page 2, :position {:bounding {:x1 126.4375, :y1 503.7890625, :x2 591.34326171875, :y2 567.5078125, :width 1224, :height 1584}, :rects ({:x1 436.77423095703125, :y1 503.7890625, :x2 588.3168334960938, :y2 523.7890625, :width 1224, :height 1584} {:x1 126.4375, :y1 525.6484375, :x2 591.34326171875, :y2 545.6484375, :width 1224, :height 1584} {:x1 126.4375, :y1 547.5078125, :x2 148.34214782714844, :y2 567.5078125, :width 1224, :height 1584}), :page 2}, :content {:text "546 security-relevant SATD candidates and inspected them manually for security pointers"}, :properties {:color "green"}} {:id #uuid "657dc7ac-5da8-4f6f-b13d-53927c27ef57", :page 2, :position {:bounding {:x1 126.4375, :y1 547.5078125, :x2 591.34326171875, :y2 611.390625, :width 1224, :height 1584}, :rects ({:x1 326.2711181640625, :y1 547.5078125, :x2 587.1630859375, :y2 567.5078125, :width 1224, :height 1584} {:x1 126.4375, :y1 569.53125, :x2 591.34326171875, :y2 589.53125, :width 1224, :height 1584} {:x1 126.4375, :y1 591.390625, :x2 145.0221710205078, :y2 611.390625, :width 1224, :height 1584}), :page 2}, :content {:text " 201 Security Self-Admitted Technical Debt (SSATD) observations that we considered for further analysis"}, :properties {:color "yellow"}} {:id #uuid "657dc7d0-92a6-4e6b-af25-a2a30bff0079", :page 2, :position {:bounding {:x1 126.4375, :y1 613.25, :x2 588.3197021484375, :y2 655.265625, :width 1224, :height 1584}, :rects ({:x1 126.4375, :y1 613.25, :x2 588.3197021484375, :y2 633.25, :width 1224, :height 1584} {:x1 126.4375, :y1 635.265625, :x2 527.8638305664062, :y2 655.265625, :width 1224, :height 1584}), :page 2}, :content {:text "RQ2: Which particular weakness and vulnerabilities are frequently exposed through different SATD sources?"}, :properties {:color "blue"}} {:id #uuid "657dc806-5f06-4633-a890-e5639a826fa5", :page 2, :position {:bounding {:x1 126.4375, :y1 701, :x2 591.3416137695312, :y2 786.734375, :width 1224, :height 1584}, :rects ({:x1 292.75909423828125, :y1 701, :x2 588.3223876953125, :y2 721, :width 1224, :height 1584} {:x1 126.4375, :y1 722.859375, :x2 591.3416137695312, :y2 742.859375, :width 1224, :height 1584} {:x1 126.4375, :y1 744.875, :x2 588.01806640625, :y2 764.875, :width 1224, :height 1584} {:x1 126.4375, :y1 766.734375, :x2 461.6142272949219, :y2 786.734375, :width 1224, :height 1584}), :page 2}, :content {:text "25 different CWE types across commit messages, code comments, pull requests, and issue reports. Moreover, 8 of these 25 CWEs appear listed among MITRE’s Top-25 most dangerous software weaknesses in 2023."}, :properties {:color "green"}} {:id #uuid "657dc80c-3168-4d1e-a104-2ae61b0ce9b4", :page 2, :position {:bounding {:x1 126.4375, :y1 788.59375, :x2 587.6395263671875, :y2 830.609375, :width 1224, :height 1584}, :rects ({:x1 126.4375, :y1 788.59375, :x2 587.6395263671875, :y2 808.59375, :width 1224, :height 1584} {:x1 126.4375, :y1 810.609375, :x2 333.0499267578125, :y2 830.609375, :width 1224, :height 1584}), :page 2}, :content {:text "RQ3: What is developers’ perspective on security-related SATD in OSS repositories?"}, :properties {:color "blue"}} {:id #uuid "657dc827-0c7e-4b4b-8852-afdd509477af", :page 2, :position {:bounding {:x1 126.4375, :y1 920.2265625, :x2 591.3485107421875, :y2 962.0859375, :width 1224, :height 1584}, :rects ({:x1 288.17401123046875, :y1 920.2265625, :x2 591.3485107421875, :y2 940.2265625, :width 1224, :height 1584} {:x1 126.4375, :y1 942.0859375, :x2 506.4214782714844, :y2 962.0859375, :width 1224, :height 1584}), :page 2}, :content {:text "many practitioners engage with this practice, although they recognise it as potentially risky. "}, :properties {:color "green"}} {:id #uuid "657dc8b7-d222-40d5-8d66-705aaaccff4b", :page 2, :position {:bounding {:x1 107.5859375, :y1 1278.6875, :x2 591.2879638671875, :y2 1342.5625, :width 1224, :height 1584}, :rects ({:x1 504.496826171875, :y1 1278.6875, :x2 591.2879638671875, :y2 1298.6875, :width 1224, :height 1584} {:x1 107.5859375, :y1 1300.546875, :x2 588.3570556640625, :y2 1320.546875, :width 1224, :height 1584} {:x1 107.5859375, :y1 1322.5625, :x2 299.4558410644531, :y2 1342.5625, :width 1224, :height 1584}), :page 2}, :content {:text " a few publications in the current literature explore the interface between software security and TD"}, :properties {:color "green"}} {:id #uuid "657dc8ed-8198-455d-b95c-6e3f183b7401", :page 2, :position {:bounding {:x1 635.8671875, :y1 215.03125, :x2 1119.671142578125, :y2 300.765625, :width 1224, :height 1584}, :rects ({:x1 892.2384033203125, :y1 215.03125, :x2 1116.63623046875, :y2 235.03125, :width 1224, :height 1584} {:x1 635.8671875, :y1 236.890625, :x2 1119.671142578125, :y2 256.890625, :width 1224, :height 1584} {:x1 635.8671875, :y1 258.75, :x2 1118.60107421875, :y2 278.75, :width 1224, :height 1584} {:x1 635.8671875, :y1 280.765625, :x2 718.1690063476562, :y2 300.765625, :width 1224, :height 1584}), :page 2}, :content {:text " they suggest that tools/methods such as code reviews and threat modelling are suitable to spot internal quality issues in software requirements, coding, architecture, and testing"}, :properties {:color "green"}} {:id #uuid "657dca95-443e-4a10-8e43-8bca892cb0ba", :page 2, :position {:bounding {:x1 635.8671875, :y1 609.4453125, :x2 1118.9429931640625, :y2 673.3203125, :width 1224, :height 1584}, :rects ({:x1 900.6593627929688, :y1 609.4453125, :x2 1118.9429931640625, :y2 629.4453125, :width 1224, :height 1584} {:x1 635.8671875, :y1 631.4609375, :x2 1117.703369140625, :y2 651.4609375, :width 1224, :height 1584} {:x1 635.8671875, :y1 653.3203125, :x2 887.8391723632812, :y2 673.3203125, :width 1224, :height 1584}), :page 2}, :content {:text "They conclude that TD pointers can help improve the performance of Machine Learning (ML) models for vulnerability prediction."}, :properties {:color "green"}} {:id #uuid "657dcabf-d2aa-4545-b8ea-0ce2982bda30", :page 2, :position {:bounding {:x1 635.8671875, :y1 1058.828125, :x2 1119.6539306640625, :y2 1122.703125, :width 1224, :height 1584}, :rects ({:x1 843.0870361328125, :y1 1058.828125, :x2 1116.635986328125, :y2 1078.828125, :width 1224, :height 1584} {:x1 635.8671875, :y1 1080.6875, :x2 1119.6539306640625, :y2 1100.6875, :width 1224, :height 1584} {:x1 635.8671875, :y1 1102.703125, :x2 738.2830200195312, :y2 1122.703125, :width 1224, :height 1584}), :page 2}, :content {:text "more than 55% of self-admissions in the form of code comments correspond to insecure implementations/snippets"}, :properties {:color "blue"}}], :extra {:page 7}}