Open source software (OSS) vulnerabilities pose significant security risks to downstream applications. While vulnerability databases provide valuable information for mitigation, many security patches are released silently in new commits of OSS repositories without explicit indications of their security impact. This makes it challenging for software maintainers and users to detect and address these vulnerabilities. There are a few approaches for detecting vulnerability-fixing commits (VFCs), but most of these approaches leverage commit messages, which would miss silent VFCs. On the other hand, there are some approaches for detecting silent VFCs based on code change patterns, but they often fail to characterize vulnerability fix patterns, thereby lacking effectiveness. For example, some approaches analyze each hunk in known VFCs, in isolation, to learn vulnerability fix patterns; but vulnerability fixes are often associated with multiple hunks, in which cases correlations of code changes across those hunks are essential for characterizing the vulnerability fixes. To address these problems, we first conduct a large-scale empirical study on 11,900 VFCs across six programming languages, in which we found that over 70% of VFCs involve multiple hunks with various types of correlations. Based on our findings, we propose Fixseeker , a graph-based approach that extracts the various correlations between code changes at the hunk level to detect silent vulnerability fixes. Our evaluation demonstrates that Fixseeker outperforms state-of-the-art approaches across multiple programming languages, achieving a high F1 score of 0.818 on average in balanced datasets and consistently improving F2 score, AUC-ROC, and AUC-PR scores by 10.64%, 5.34%, and 10.34% on imbalanced datasets compared to the best baseline methods. Our evaluation also indicates the generality of Fixseeker across different vulnerability types and repository sizes.

Edge-cloud systems, which bring computing, storage, and networking resources closer to end-users, offer significant advantages in reducing latency and enabling real-time data processing. These systems are increasingly deployed across diverse domains, such as smart manufacturing, autonomous vehicles, and large-scale IoT networks, to support big data-driven services that require continuous analytics and rapid response. Ensuring software reliability in these environments is critical, which has led to growing attention on just-in-time (JIT) defect prediction as an effective technique for prioritizing testing efforts by identifying code changes likely to introduce defects. However, existing techniques struggle to perform accurately on new or low-data projects due to insufficient training data. In this paper, we propose PROPER-SDP, a prompt-based approach that leverages large language models. By incorporating project evolution data directly into prompts, our approach enables LLMs to effectively capture the contextual information essential for accurate JIT defect prediction. By doing so, we effectively address the cold-start problem, allowing accurate JIT defect prediction even in the absence of project-specific training data. Evaluation results demonstrate that our method significantly improves prediction performance, surpassing baseline methods by an average of 19.7% in F1-score. Our approach enables reliable JIT defect prediction even in rapidly evolving, resource-constrained edge-cloud systems.

The International Classification of Diseases for Oncology, 4th Edition (ICD-O-4): An overview.

Individual identification is essential for wildlife population research but commonly relies on invasive methods that may negatively affect animal welfare. This study proposes a safe, simple, and rapid non-invasive identification method for the endangered Mongolian racerunner (Eremias argus) based on coding dorsal spot patterns. We documented 175 individuals using photographic data and assigned unique identification codes derived from two central longitudinal spot lines and overlapping spots, which capture individual-specific traits. No individuals were found to share identical codes during identification. Recaptured individuals showed stable spot patterns without any code changes, confirming the method's reliability for long-term monitoring. This approach requires only standard cameras or smartphones and is thus practical for field surveys and citizen science initiatives. The proposed method minimizes impacts on target species while maintaining high accuracy, offering a valuable alternative for ethical conservation and population studies.

Subgenome-resolved regulatory divergence underlies sympatric ecotype differentiation in allotetraploid Leymus chinensis

In modern software development, ensuring high-quality and error-free systems is a critical challenge. Traditional debugging and testing approaches are often reactive, detecting defects only after they occur, which increases development costs and delays deployment. Machine Learning (ML) techniques offer a proactive solution by analyzing historical software data, identifying patterns, and predicting potential bugs before they manifest. This study explores various ML approaches, including supervised learning, unsupervised learning, and deep learning, for predictive bug detection and software error prevention. By leveraging software metrics, version control histories, and code change data, predictive models can assess the likelihood of defects in different modules. The research highlights the integration of these models into development pipelines to prioritize testing efforts, reduce defect density, and enhance system reliability. Results indicate that ML-driven predictive models significantly improve software quality, optimize resource allocation, and contribute to more robust, error-resilient IT systems.

It is far from adequate to detect performance regressions in production Java microservices without proper attribution and resolution, especially in large, rapidly changing codebases without wide-ranging human involvement. This is challenging in modern continuous delivery environments, where multiple commits are bundled into a release and the root cause is inferred from heterogeneous streams of performance telemetry, version control, and incident history. In this article, let’s build an end-to-end system for code change analysis with multi-modal feature engineering, gradient-boosted tree classification, SHAP-based explanations, and large language model code generation. And design an ensemble XGBoost model that learns the non-linear mapping from code change to runtime impact. By using SHAP values in order to give theoretically principled, plain-language relevance explanations that ensure engineer trust that these models are calibrated. A LoRA fine-tuned GPT-4 model then writes production-ready code changes through an AI-orchestrated pull request workflow, with human approval and staged deployment verification remaining mandatory as gates. The automation becomes an accelerant to engineering judgment rather than a substitute for it. The system is continuously retrained based on feedback from engineers to accommodate codebase changes.

For production Java microservices, there is an observability gap in tracking infrastructure cost down to the method level of a source code change. Existing Java profilers either have low overhead sampling with short retention for unqueryable flame graph formats or rich events with high overhead that must be manually enabled during production. Neither approach supports automated regression detection workflows that fast-moving engineering teams need. A runtime instrumentation architecture supports (1) configuration-driven bytecode instrumentation, (2) adaptive per-method sampling that calibrates how much telemetry is collected from each application method based on how many times that method is called per second, (3) fail-open streaming telemetry that separates telemetry transport from application execution, and (4) SQL-driven automated regression detection over a columnar data warehouse with extended retention. It provides cost and latency telemetry at the method call level with low overhead, a structured queryable system, and long-term storage. It can automatically detect performance regressions, attribute costs per method, and provide systematic performance governance, without requiring source-level modification or manual profiling of the code under assessment.

Continuous Integration and Continuous Delivery (CI/CD) pipelines drive DevOps automation by integrating code changes frequently and deploying them reliably across environments. Nonstop Integration and nonstop Delivery (CI/CD) channels drive DevOps robotization by integrating law changes constantly and planting them reliably across surroundings. Brigades apply these channels with tools like Azure DevOps, Terraform for structure as Code (IaC), and automated testing fabrics to supportmulti-environment deployments from development to product. Crucial issues include zero- time-out releases, brisk delivery cycles, and enhanced collaboration between development and operations. interpreters manage interpretation control with GitHub, Team Foundation Garçon (TFS), or Subversion. (SVN), while incorporating testing via NUnit, Postman, and Playwright for Test-Driven Development. (TDD) and Test-Driven Development (BDD). DevSecOps practices secure these processes during vital Cloud Foundry (PCF) and OpenShift Container Platform (OCP) migrations. harmonious structure provisioning and monitoring boost nimble haste in containerized, cold-blooded pall setups. Practical significance emerges as associations achieve dependable software delivery, reduced crimes, and scalable operations that align with request demands.

Background: The high rate of user interface (UI) and source code changes in contemporary software development resulted in automated testing failures that augmented maintenance expenses and decreased the usefulness of automated testing. The current tools need regular updating by manual means, which is ineffective and expensive. Purpose: To present the Adaptive Scriptless Behavior-Driven Development (BDD) Automation Framework with Self-Healing Intelligence, which is an artificial intelligence (AI) and machine learning (ML)-driven framework of automatic test failure detection and resolution based on UI drift, broken locators, or timing. Approaches: The framework uses dynamic locator approaches, adaptive test generation, and reinforcement learning to allow updating test scripts in response to application changes. Such a self-healing feature will minimize human intervention and reduce maintenance expenses. An experimental case study was conducted in order to assess the performance of the framework in a practical context. Findings: The framework demonstrated significant advances in automated testing, such as a 30% drop in maintenance speed, reduced number of resources to update tests, a 25 % reduction in total cost of testing since less manual effort is needed, and a 40 % rise in stability of the test suites, which can execute its tests more reliably and with greater accuracy despite the presence of changes to the application. Conclusions: The Adaptive Scriptless BDD Automation Framework with Self-Healing Intelligence goes a long way to improving the flexibility, scalability, and efficiency of automated testing. It enhances the speed of testing, saves costs, and adds confidence in the quality of software, and is therefore valuable for ensuring high-quality standards in dynamic software landscapes.

This paper presents a comprehensive exploration of cycbersecurity aspects for medical devices developed under IEC 62304 and RTOS frameworks. When building software for medical devices, security matters a lot. Following IEC 62304 means planning every stage carefully. Because mistakes can harm patients, each update gets reviewed thoroughly. Instead of treating safety and function separately, they work together from start to finish. With threats always changing, checks happen continuously. Even small code changes follow strict rules. So risks drop when design meets real world demands early. Trustworthiness comes first, then meeting legal standards. The process opens with spotting key risks early One big worry for tiny computers inside medical gear is when bad code sneaks in. Hacking through repeated signals happens too, messing up normal operation. Access without permission opens more doors than it should. These risks change how devices behave in quiet but serious ways. Regular upgrades to device software matter because actual breaches show what happens without strong defenses. This report examines events where weak protection led to serious problems. One example follows another showing how fast threats spread when systems lack updates. Each case reminds us that small gaps invite big risks. Attention to detail grows more critical after seeing repeated failures. What seems minor often becomes major through neglect. Real damage occurs even when warnings were clear beforehand. Building things comes first. Then keeping them running matters just as much. Staying alert for what could go wrong shapes how work moves forward. That part matters inside worldwide rules like those from the FDA or the EU MDR and ISO standards. The paper evaluates the limitations of bare, metal systems. Yet shows what RTOS setups do when problems appear by locking down timing, keeping errors separate, starting up safely, yet connecting each piece tightly. One step back reveals how systems hide complex details. FreeRTOS stands out when looking at approval ratings across industries. Zephyr follows close, tied strongly to safety checks built for hospitals. Security steps up differently under QNX, known more for steady performance than flash. Then there is INTEGRITY, fitting niches where rules are strictest. Each year shifts what matters most, 2025 reshapes priorities again Looking at FDA cybersecurity advice shows what it means for, One part involves firmware setup, along with checking possible risks. Another piece tracks what components are used, making sure records stay up to date. Keeping updates safe while managing risks in how products are delivered. Next up, ways to weave cybersecurity into RTOS work that follows IEC 62304 are laid out in the report. Writing code that stays safe. Making real, time operating systems tougher against threats. Fixing known issues regularly through updates. Yet checking methods include things like static or dynamic review, plus trying out security through penetration tests, along with strict proof using formal verification. Examples drawn from real situations show how these work Folks like Ottobock or Innolitics, then again, actual events show similar patterns. Moments from hospitals, moments from labs, each pointing in one direction without saying it outright. Buzzing machines in hospital rooms can fail when signals twist. Hidden flaws appear through quiet shifts in beeping patterns. Devices meant to protect sometimes open backdoors instead. Weak spots emerge not from design but how pieces connect Finding new paths matters most. Looking ahead shapes what comes next. Some ideas point toward tomorrow. What follows builds on earlier steps. Thoughts turn to what might be. Later sections examine where things could go. Finding threats using smart tools runs alongside cloud and local systems working together. Security logs live on a shared chain so changes show up fast. Trust nothing by default shapes how access gets managed every step of the way. Virtual copies mirror real devices while testing odd behaviors ahead of time. New math guards data when future computers grow too powerful. Secret codes help lock down device software, making tough protection a key part of next, generation surgical and diagnostic systems.

Increased levels of α-tubulin and its post-translational modifications (PTMs) are found in human heart failure and could initiate diastolic dysfunction by modulating cardiomyocyte stiffness. How these modifications occur and how they may underlie cardiac dysfunction remains unknown. Upstream kinases may play a critical role, but this has not been explored. Here we address this question by, for the first time ever, determining levels of the enzymes involved in microtubule (MT) detyrosination and acetylation (αTAT1, HDAC6) in a well-characterized cohort of patients with hypertrophic cardiomyopathy (HCM). In HCM patients (N=10-11), protein levels of detyrosination enzymes remain unaltered, whilst levels of αTAT1 and HDAC6 were decreased and increased, respectively. Phosphoproteomics in HCM (N=24) and control (N=8) myocardium identified significant differences in over 1900 serine/threonine and 160 tyrosine phosphosites, in addition to increased EGFR/IGF1R-MAPK signaling in HCM. We subsequently showed that MT repolymerization was increased in HCM MYBPC3 Arg943X hiPSC-CMs. Isoprenaline-mediated PKA activation decreased MT repolymerization in hiPSC-CMs and revealed CLASP1 , MAST4 and MAP1A as potential MT modifiers in HCM. We show that the altered HCM MT code cannot be attributed to levels of key MT-modifying enzymes. By combining kinome analyses in human HCM hearts with hiPSC-CM studies on MT dynamics, PTMs and contractility we unveiled a regulatory role for MTs in the cardiomyocyte response to beta-adrenergic receptor stimulation. Disease-mediated changes in the MT code thereby exert both a direct, and indirect effect on cardiac function via mediating the response to adrenergic activation. Graphical Abstract created with BioRender.com.

The Indian Insolvency and Bankruptcy Code (IBC) implicitly intends to change the issue of misallocated capital that has historically caused Non-Performing Assets (NPA) and protracted processes for resolution by establishing reliable credit markets for entrepreneurs, along with a comprehensive mechanism for resolving troubled assets. This will also make the economy better and more dependable for all sectors. Yet, with judicial adjustments to the Code and legislative changes, significant constitutional questions arose at the heart of the Code's core application, more so with regard to Article 14. Article 14 lays down the right to equality before the law and prohibits arbitrary, discriminatory, or unreasonable conduct by the state. Certain provisions in the IBC designed with noble purposes of enhancing the economy or for the promotion of egalitar in fair process or providing some elements of prioritising others. Amongst some of the most notable and controversial provisions include Section 29A, which prohibits certain classes of persons (including defaulting promoters) from submitting resolution plans; Section 32A, which exculpates the corporate debtor and its new management from criminal liability arising from past management; along with the 2018 Amendment to Section 7, which added a 10%/100allottees filing threshold on homebuyers raising the procedural barrier to a specific class of financi ianism have come under fire for potentially creating unequal classifications or diluting principles al creditors. Judicial decisions in cases like Swiss Ribbons v. Union of India, Committee of Creditors of Essar Steel v. Satish Kumar Gupta, and Manish Kumar v. Union of India have upheld the constitutionality of most provisions, but not without identifying gaps, tensions, and unresolved doctrinal inconsistencies. The courts in India have sought to reconcile the constitutional dictates with considerations of economic policy in these types of cases. A common approach used by the courts in these cases is often referred to as the doctrine of "deference to economic legislation. In this context, the doctrinal inquiry will include an analysis of whether these provisions have passed (or could pass) the tests set out in Article 14 for reasonable classification, non-arbitrariness, and proportionality. The doctrinal analysis will determine the constitutional basis for these provisions, the impact on the affected parties, and their implications for insolvency law and economic governance in India in the broader sense. Although sections 32A and 29A of the IBC may have various other constitutional issues, this doctrinal work confines its analysis to the over- inclusive disqualification under section 29A, immunity vs accountability under section 32A and the issue of home buyer threshold, considering the points of maximum constitutional friction and its direct impact on the stakeholders, where courts heavily rely on economic deference. Also, article 14 is more rigorous in the place where a legislation creates exclusion, avails immunity and places a restriction on access to remedies. On the other hand, this delimitation is adopted to maintain doctrinal depth and to assess how judicial deference operates at times when IBC mostly directly intersects with equality-based constitutional review.

This paper summarizes achievements in the development of advanced technology utilizing RELAP5-3D for both real-time training simulators and highly detailed simulation-assisted engineering models for different reactor types, including small modular and liquid metal–cooled reactors. Code improvements were made to address major challenges in real-time nuclear power plant simulators to enable high performance, stability, and accuracy concurrently. The code changes, which were accumulated over 3 decades of code applications, include implementation of a smooth transition between different heat transfer and flow regime conditions, Dalton-Gibbs mixture equation solver corrections, and numerical scheme improvements to avoid code aborts and unphysical spikes when transitioning from one-phase to two-phase flow conditions and vice versa. To support training simulator functions, dynamic change of fouling factors, form loss coefficients, and material heat capacity values were implemented. The model development studio is supported by the functionality of interactive changes to Time-Dependent component parameters and constant-type control variable values. The graphical editor has been added to the framework with rich visualization capabilities, multidimensional components, a XML-based user input deck editor with thermodynamic value validation, and version control functionality. The performance improvements were achieved by means of parallelization techniques when a neutronics code (typically NESTLE) and separate hydraulic systems are running on different computer processors, with the results exchanging functionality support every time advancement step. Engineering simulators are supported by the addition of turbulent mixing code capability in the lateral direction between adjacent reactor core channels. The limitation of a three-digit component number gas been relaxed to enable greater flexibility in deck composition. Supporting software functionality has been added to the 3KEYMASTERTM platform for multidimensional flow simulations and user input deck generation, which uses the outstanding utility of cross-sectional area calculations between the reactor plenum’s cylindrical planar noding and the reactor core cartesian structure utilizing the Greiner-Hormann algorithm. Proposed further code enhancements for multidimensional simulations include the addition of an uneven mesh feature for the cylindrical coordinate system in the planar direction and enabling seamless integration of multidimensional heat structures with hydrodynamic components.

Reaching for and grasping an object seems a continuous process, yet somatosensory signals undergo dramatic state changes near the time of object contact. Tactile afferents start conveying contact forces, while on-going proprioceptive signals are altered as hand shape stops changing. How cortex maintains object identity in the presence of changing, multi-modal signals remains unknown. We quantified object-specific information in neurons of the primary motor cortex (M1) and somatosensory areas 3a, 3b/1, and 2 in male macaque monkeys. Surprisingly, despite the decrease in activity in each area immediately after contact, object identity information increased across sensorimotor cortex, particularly in purely cutaneous areas 3b/1, but also in multi-modal area 2. Uniquely among sensorimotor areas, object-specific information was present in M1 and 3a throughout grasp, although identity was encoded differently before and after contact. These shifts highlight the profound change in the complex coding of object identity in the sensorimotor cortex during grasp.

Dermatologic conditions are a significant reason for pediatric hospitalizations in the United States. A prior analysis of the 2012 Kids' Inpatient Database (KID) established a national benchmark for this burden, but changes in medical coding, healthcare delivery, and demographics necessitate an updated assessment. This study aimed to quantify the current inpatient burden of pediatric dermatology and to identify associated demographic risk factors, financial costs, and mortality using a recent, nationally representative database. A cross-sectional study was conducted using the 2022 KID. Pediatric hospitalizations with a primary dermatology diagnosis (ICD-10-CM) were identified. Survey weights were used to generate national estimates of admission counts, costs, and mortality. Multivariable logistic regression was used to identify independent risk factors for a primary dermatology hospitalization. In 2022, there were an estimated 29,766 pediatric dermatology hospitalizations, representing 2.3% of all pediatric admissions and a decline from 4.2% in 2012. These admissions generated a total national cost of $449.3 million. After adjusting for covariates, factors associated with higher odds of a dermatology admission included age 2-5 years (OR: 1.35; 95% CI: 1.21-1.52), Asian/Pacific Islander race (OR: 1.49; 95% CI: 1.32-1.69), Native American race (OR: 1.17; 95% CI: 1.00-1.36), Hispanic ethnicity (OR: 1.07; 95% CI: 1.01-1.14), lowest income quartile (OR: 1.06; 95% CI: 1.01-1.12), and Medicaid coverage (OR: 1.09; 95% CI: 1.04-1.14). Female sex was associated with lower odds (OR: 0.95; 95% CI: 0.92-0.98). In-hospital mortality was 0.1%. The national burden of inpatient pediatric dermatology has decreased over the past decade. However, significant disparities related to socioeconomic status and race/ethnicity persist and have evolved. These findings underscore the continued need for interventions aimed at improving access to outpatient dermatologic care for underserved pediatric populations.

ABSTRACT Objective Changes in the functionality of a software product line (SPL) can generate various issues in the SPL source code. Their complexity depends primarily on the amount of changes in the SPL source code and the internal mechanisms for managing variability. Further, modern development frameworks rely on a variety of artefacts besides source code. SPL developers need tools that can consistently search, segment, and analyse the SPL source code, to minimise undesired behaviours and reduce the time to implement new functionalities. Methods We introduce a novel approach and tool to manage SPLs source code. This approach streamlines the search and segmentation processes during source‐code changes. To demonstrate its feasibility, we apply it as a proof of concept to two concrete SPLs: an implementation of the Elevator SPL from FeatureIDE; and a new SPL that includes generic textual artefacts. Further, we position our tool with respect to other existing approaches. Result The results demonstrated the feasibility of our approach. Differently from other tools for variability management, our approach supports both variability in time and variability in space, and supports generic textual artefacts, offering a similar flexibility as conditional compilation. Conclusion We proposed a new approach and tool for managing variability in SPLs. Our proposal leverages the concepts of blocks, features, and fragments to organise variability in textual artefacts, including, but not limited to, source code, A key characteristic of the approach is that it does not rely on any specific IDE, making it broadly applicable across different development contexts.

How knowledge of cycling practice and changes to the British Highway Code relate to perceptions of cyclist discourtesy

Within the realm of software engineering, specialized tasks on code, such as program repair, present unique challenges, necessitating fine-tuning Large language models (LLMs) to unlock state-of-the-art performance. Fine-tuning approaches proposed in the literature for LLMs on program repair tasks generally overlook the need to reason about the logic behind code changes, beyond syntactic patterns in the data. High-performing fine-tuning experiments also usually come at very high computational costs. With MORepair , we propose a novel perspective on the learning focus of LLM fine-tuning for program repair: we not only adapt the LLM parameters to the syntactic nuances of the task of code transformation (objective ➊), but we also specifically fine-tune the LLM with respect to the logical reason behind the code change in the training data (objective ➋). Such a multi-objective fine-tuning will instruct LLMs to generate high-quality patches. We apply MORepair to fine-tune four open-source LLMs with different sizes and architectures. Experimental results on function-level and repository-level repair benchmarks show that the implemented fine-tuning effectively boosts LLM repair performance by 11.4% to 56.0%. We further show that our fine-tuning strategy yields superior performance compared to the state-of-the-art approaches, including standard fine-tuning, Fine-tune-CoT, and RepairLLaMA.

BackgroundAntibiotic overuse for viral respiratory conditions that never require antibiotics is common in the outpatient setting, especially walk-in clinics. We evaluated the effect of a multifaceted stewardship intervention, which included sending providers individualized peer comparison feedback reports on their antibiotic use for conditions that do not benefit from antibiotics (“never-events”).MethodsWe used mixed-methods to evaluate the intervention (Figure 1) in 8 walk-in clinics during a baseline period (Jan 2018-Oct 2021) and an intervention period (Nov 2021-Dec 2023). To analyze whether the intervention was associated with changes in antibiotic-prescribing across all visits (regardless of the diagnosis), we fit a generalized linear mixed model using a Poisson distribution and a log link, including random intercepts for physicians and adjustment for practice changes that occurred during the COVID-19 pandemic. Secondary outcomes included changes in the use of never-event diagnostic codes. In 2023, we conducted 17 semi-structured interviews with 10 providers about the acceptability of the metric in comparison to a new metric for all respiratory diagnoses.ResultsThere were 445,349 visits; median age was 27 (IQR 18-44), and 61% were female (Table 1). After implementation of the intervention, the frequency of antibiotic-prescribing for all visits changed from 23.1% to 23.7% (p< 0.001), and the use of never-event codes changed from 12.0% to 8.5% (p< 0.001). In the adjusted analysis, the frequency of antibiotic-prescribing across all visits was 11% lower compared to before the intervention (RR 0.89, 95% CI 0.85-0.94), and the use of never-event diagnostic codes decreased by 24% relative to baseline (RR 0.76, 95% CI 0.70-0.82) (Table 2). Some providers valued receiving feedback on the metric while others admitted to shifting their codes to avoid metric detection (Table 3).ConclusionDelivering feedback to walk-in clinics providers on their antibiotic use was associated with reductions in antibiotic-prescribing across all visits but also changes in diagnostic coding (i.e., “gaming”). Antibiotic stewardship programs should monitor for changes in both when implementing new outpatient metrics.DisclosuresAll Authors: No reported disclosures