Vulnerability Prevalence, Documentation Delays, and Fix Analysis in the Maven Ecosystem

Following query gives the total number of releases who have vulnerabilities (one at least)MATCH (r)-[e:addedValues]-&gt;(av) WHERE av.type = 'CVE' AND av.value CONTAINS 'cwe’ RETURN COUNT(r)Then I saved that into a csv file. From that, I find unique artifacts and saved that in unique_artifacts.csv file.<br><br>LOAD CSV WITH HEADERS FROM 'file:///unique_artifacts.csv' AS rowMATCH (a:Artifact)-[:relationship_AR]-&gt;(r:Release) WHERE a.id = row.artifact_id MATCH (r)-[:addedValues]- (av:AddedValue), (r)-[:addedValues]-&gt;(av1:AddedValue), (r)-[:addedValues]-&gt;(av2:AddedValue) WHERE av.type='CVE' AND av1.type='FRESHNESS' AND av2.type='POPULARITY_1_YEAR' RETURN a.id AS ArtifactID, r.id AS ReleaseID, r.timestamp AS ReleaseTime, av.value AS CVE, av1.value AS Freshness, av2.value AS Popularity ORDER BY a.id, r.timestamp ASC;The above query gives release info details from unique artifacts and I saved that into unique_artifacts_detailed_info.csv file.<br>The .ipynb files contain the scripts used to find the results, the .csv files are required in the .ipynb files for analysis, and the .pdf files show the outcomes.