Internal Vulnerabilities, External Threats: A Grounded Framework for Enterprise Open Source Risk Governance

Published in arXiv (Major Revision at TOSEM), 2025