Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Trust of a Library: A Study of the Latency to Adopt the Latest Maven Release

1,697 views

Published on

#IEEE SANER 2015 ERA Paper, Montreal

Published in: Data & Analytics
  • D0WNL0AD FULL ▶ ▶ ▶ ▶ http://1lite.top/SYgUH ◀ ◀ ◀ ◀
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Trust of a Library: A Study of the Latency to Adopt the Latest Maven Release

  1. 1. Trust of a Library: A Study of the Latency to Adopt the Latest Maven Release Raula Gaikovina Kula, Daniel German, Takashi Ishio, Katsuro Inoue Osaka University, Japan SANER2015-ERATrack 3/3/2015 1
  2. 2. SoftwareLibraryReuse NextSystemReleaseDeveloper from Previous SystemVersion Whyadoptlibraries? o extended features o inherited quality o time/effort cost efficient o avoidreinventwheel Adopt3rd partylibraries 3/3/2015 2
  3. 3. Software Systems library System Asthe systemevolves,morelibraries areadded. Asthe systemevolves, dependenciescanbecome complex
  4. 4. Dependency ManagementTools tothe rescue… 3/3/2015 4 Buildtools suchas Mavenand Gradleallowformanagement of librarydependencies
  5. 5. If, Whenand What toupdate?? Asthe systemevolves, dependenciescan become complex At the sametime… Aslibrariesevolve,Library Updatesto fixbugs andnew features 3/3/2015 5
  6. 6. SystemMaintainers arewarybeings… 3/3/2015 6 SystemMaintainer needsto decide`if’,`when’and`what to update?’ But any changesmaydisrupt dependencies:aka breakingchanges Our previouswork+relatedworkssuggestsbreaking changesand systemsstillusing olderversions
  7. 7. NotionofTrust asametric … • Trusted Adoption: When the latest adoption isadopted • Latent Adoption: When previous releases are adopted 3/3/2015 7 Assistwith the `if’,`when’and `what toupdate’ questions…
  8. 8. Fourtypesoftrust 1. ‘Do exactly what it says’ – • Functional and non-functionalspecification Major: Minor: Patch (SemVer) API Documentation 2. ‘Play with others’ – • Volatile to currentsystemenvironment Incompatibilitieswith otherlibrary transitiveandnon-transitivedependencies (Example: asm backward compatibility) 3/3/2015 8
  9. 9. Fourtypesoftrust 3. ‘Prior Engagements’ – • Loyalty to a releaseversionbasedon previousexperiences. Wary of othernew librariesand rather stick to familiar libraries 4. ‘Tried and tested’ – • Common beliefthat thelatestreleasemay contain untestedbugs. Prefertoadopt releaseversions1 or 2 releasesbehindthelatest. 3/3/2015 9
  10. 10. GuidingResearch Questions forthis study 3/3/2015 10 1. How much ‘latent adoption’ exists? 2. What isthe current trend of maintainers trust?
  11. 11. All aboutSystemsandLibraries 3/3/2015 11
  12. 12. ResearchApproach 3/3/2015 12
  13. 13. EmpiricalStudy 3/3/2015 13 pom.xml Maven Dataset Time Period 2005-11-03 ~ 2013-11-24 # of Dependency Relations 188,951 # of Systems 6,374 # of libraries 5,146
  14. 14. Results # of libraries # of dependencies (%) iniTA 4,192 20, 372 (56.63%) iniLA 848 13, 791 (40.37%) introTA 3,064 29,303 (81.16%) introLA 823 6,543 (18.24%) 3/3/2015 14 Trusted Dependency Classifications
  15. 15. AdoptionTrendsovertime 3/3/2015 15
  16. 16. BacktoRQs 3/3/2015 16 1. How much ‘latent adoption’ exists? It is common, almost40%at initialconceptionascomparedto introduced. 2. What isthe current trend of maintainers trust? Over time, maintainersaremore inclinedto adoptthe latestrelease(trusteddependency adoptions).
  17. 17. EndThoughts 3/3/2015 17

×