Successfully reported this slideshow.

Technical Lag in Software Ecosystems

0

Share

Nov. 29, 2019
0 likes 253 views
Upcoming SlideShare
Groupe de travail vélocité logicielle - Paris
Groupe de travail vélocité logicielle - Paris
Loading in …3
×
1 of 18
1 of 18

Technical Lag in Software Ecosystems

Nov. 29, 2019
0 likes 253 views

0

Share

Download to read offline

Software

This presentation was given at the BENEVOL 2019 workshop in Brussels.

Abstract:
Reusable Open Source Software (OSS) components for major programming languages are available in package repositories. Developers rely on package management tools to automate deployments, specifying which package releases satisfy the needs of their applications. However, these specifications may lead to deploying package releases that are outdated or otherwise undesirable because they do not include bug fixes, security fixes, or new functionality. In contrast, automatically updating to a more recent release may introduce incompatibility issues. To capture this delicate balance, we formalise a generic framework of technical lag, a concept that quantifies to which extent a deployed collection of components is outdated with respect to the ideal deployment. The framework can be used to assess and reduce the outdatedness, vulnerability and bugginess of software deployments, software projects, software containers and reusable software libraries. We argue that such a metric is very relevant for assessing the health of software (eco)systems, and should be used.

This presentation was given at the BENEVOL 2019 workshop in Brussels.

Abstract:
Reusable Open Source Software (OSS) components for major programming languages are available in package repositories. Developers rely on package management tools to automate deployments, specifying which package releases satisfy the needs of their applications. However, these specifications may lead to deploying package releases that are outdated or otherwise undesirable because they do not include bug fixes, security fixes, or new functionality. In contrast, automatically updating to a more recent release may introduce incompatibility issues. To capture this delicate balance, we formalise a generic framework of technical lag, a concept that quantifies to which extent a deployed collection of components is outdated with respect to the ideal deployment. The framework can be used to assess and reduce the outdatedness, vulnerability and bugginess of software deployments, software projects, software containers and reusable software libraries. We argue that such a metric is very relevant for assessing the health of software (eco)systems, and should be used.

Software

Recommended

More Related Content

Featured

What to Upload to SlideShare
SlideShare
Be A Great Product Leader (Amplify, Oct 2019)
Adam Nash
Trillion Dollar Coach Book (Bill Campbell)
Eric Schmidt
APIdays Paris 2019 - Innovation @ scale, APIs as Digital Factories' New Machi...
apidays
A few thoughts on work life-balance
Wim Vanderbauwhede
Is vc still a thing final
Mark Suster
The GaryVee Content Model
Gary Vaynerchuk
Mammalian Brain Chemistry Explains Everything
Loretta Breuning, PhD
Blockchain + AI + Crypto Economics Are We Creating a Code Tsunami?
Dinis Guarda
The AI Rush
Jean-Baptiste Dumont
AI and Machine Learning Demystified by Carol Smith at Midwest UX 2017
Carol Smith
10 facts about jobs in the future
Pew Research Center's Internet & American Life Project
Harry Surden - Artificial Intelligence and Law Overview
Harry Surden
Inside Google's Numbers in 2017
Rand Fishkin
Pinot: Realtime Distributed OLAP datastore
Kishore Gopalakrishna
How to Become a Thought Leader in Your Niche
Leslie Samuel
Visual Design with Data
Seth Familian
Designing Teams for Emerging Challenges
Aaron Irizarry
UX, ethnography and possibilities: for Libraries, Museums and Archives
Ned Potter
Winners and Losers - All the (Russian) President's Men
Ian Bremmer

Related Books

Free with a 14 day trial from Scribd

See all
The Impulse Economy: Understanding Mobile Shoppers and What Makes Them Buy Gary Schwartz
(4.5/5)
Free
Tubes: A Journey to the Center of the Internet Andrew Blum
(4/5)
Free
Emergence: The Connected Lives of Ants, Brains, Cities, and Software Steven Johnson
(4.5/5)
Free
World Wide Mind: The Coming Integration of Humanity, Machines, and the Internet Michael Chorost
(4/5)
Free
An Army of Davids: How Markets and Technology Empower Ordinary People to Beat Big Media, Big Government, and Other Goliaths Glenn Reynolds
(4/5)
Free
In the Plex: How Google Thinks, Works, and Shapes Our Lives Steven Levy
(4.5/5)
Free
Hamlet's BlackBerry: A Practical Philosophy for Building a Good Life in the Digital Age William Powers
(4/5)
Free
The Thank You Economy Gary Vaynerchuk
(4/5)
Free
Talking Back to Facebook: The Common Sense Guide to Raising Kids in the Digital Age James P. Steyer
(4.5/5)
Free
The Nature of the Future: Dispatches from the Socialstructed World Marina Gorbis
(4/5)
Free
Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live Jeff Jarvis
(3.5/5)
Free
Socialnomics: How Social Media Transforms the Way We Live and Do Business Erik Qualman
(4/5)
Free
The End of Business As Usual: Rewire the Way You Work to Succeed in the Consumer Revolution Brian Solis
(5/5)
Free
Blog Schmog: The Truth About What Blogs Can (and Can't) Do for Your Business Robert W. Bly
(4/5)
Free
From Counterculture to Cyberculture: Stewart Brand, the Whole Earth Network, and the Rise of Digital Utopianism Fred Turner
(2.5/5)
Free
101 Awesome Builds: Minecraft®™ Secrets from the World's Greatest Crafters Triumph Books
(4.5/5)
Free

Related Audiobooks

Free with a 14 day trial from Scribd

See all
The New New Thing: A Silicon Valley Story Michael Lewis
(4.5/5)
Free
The History of the Future: Oculus, Facebook, and the Revolution That Swept Virtual Reality Blake J. Harris
(4.5/5)
Free
Ten Arguments for Deleting Your Social Media Accounts Right Now Jaron Lanier
(4/5)
Free
Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz
(4.5/5)
Free
Cognitive Surplus: Creativity and Generosity in a Connected Age Clay Shirky
(4/5)
Free
The Dark Net: Inside the Digital Underworld Jamie Bartlett
(4/5)
Free
The Social Life of Information: Updated, with a New Preface-Revised John Seely Brown
(0/5)
Free
An Introduction to Information Theory: Symbols, Signals and Noise John R. Pierce
(4.5/5)
Free
Who Owns the Future? Jaron Lanier
(4/5)
Free
Algorithms to Live By: The Computer Science of Human Decisions Brian Christian
(4.5/5)
Free
Alone Together: Why We Expect More from Technology and Less from Each Other Sherry Turkle
(4.5/5)
Free
The Death of Expertise: The Campaign Against Established Knowledge and Why it Matters Tom Nichols
(4.5/5)
Free
The Emperor's New Mind: Concerning Computers, Minds, and the Laws of Physics Roger Penrose
(3.5/5)
Free
Blockchain Revolution: How the Technology Behind Bitcoin Is Changing Money, Business, and the World Don Tapscott
(4/5)
Free
New Dark Age: Technology and the End of the Future James Bridle
(4.5/5)
Free
Platform: Get Noticed in a Noisy World Michael Hyatt
(4.5/5)
Free

Technical Lag in Software Ecosystems

  1. 1. Technical Lag in Software Ecosystems Ahmed Zerouali The 18th Belgium-Netherlands Software Evolution Workshop November 28-29, 2019 - VUB, Brussels 1
  2. 2. 2
  3. 3. /background Credits: libraries.io 3
  4. 4. /background Not updateUpdate “If I go there will be trouble, And if I stay it will be double, So come on and let me know: Should I Stay Or Should I Go? ” The Clash 4
  5. 5. /background Technical lag*: the difference between deployed software packages and the ideal available packages. 1.0.1 1.2.0 2.0.12.0.0 2.1.0 Technical lag Deployed Ideal Releases of a used software 5
  6. 6. /background Measurement: bugs, vulnerabilities, version updates, line of code, commits, etc. Gold standard/IDEAL: stability, security, functionality, etc. 6
  7. 7. /example up-to-date 1.0.1 3.6.0 1.2.0 4.0.0 allowed dependent package P required package D 7
  8. 8. /example outdated 1.0.1 1.2.0 2.0.1 3.6.0 4.0.0 2.0.0 allowed 4.1.0 missing updates dependent package P required package D 8
  9. 9. /example package.json 9
  10. 10. /dependency network Credits: https://exploring-data.com/vis/npm-packages-dependencies/ 10
  11. 11. /dependency tree Credits: https://exploring-data.com/vis/npm-packages-dependencies/ 11
  12. 12. /technical lag framework ● is a set of component releases ● is a set of possible lag values ● ideal : → is a function returning the “ideal” component release ● delta : x → is a function computing the difference between two component releases ● agg : is a function aggregating the results of a set of lags 12
  13. 13. /technical lag framework Given a technical lag framework , we define: Technical lag Aggregated Technical lag Let D C be a set of components, then: 13
  14. 14. /case studies - npm packages : the whole registry - Debian-based Docker images Goal: Analyze technical lag in software ecosystems. 14
  15. 15. /results /npm packages - npm packages have a median version lag of 14 versions (2 majors, 2 minors , 10 patches) - Technical lag is increasing over time. - Version constraints (e.g, ^1.0.0), are the main reason behind the technical lag. - Development dependencies have slightly more technical lag than runtime dependencies For direct dependencies versions 15
  16. 16. /results /npm applications For direct dependencies Time lag induced by direct dependencies in GitHub applications: Technical lag in GitHub applications is higher than in npm package releases 16
  17. 17. /results /Docker images - Debian packages have a median version lag of 1 version - Debian-based images have a median version lag of 6 versions. - Technical lag depends on the Debian version used in the image - Different dimensions of technical lag are complementary 17
  18. 18. /conclusion - The technical lag could help open source software developers and deployers to keep their software in a healthy shape. - TL can be a proxy for the effort needed to deploy the ideal version. 18

×