The Eclipse framework is a popular and widely used framework that has been evolving for over a decade. The framework provides both stable interfaces (APIs) and unstable interfaces (non-APIs). Despite being discouraged by Eclipse, client developers often use non-APIs which may cause their systems to fail when ported to new framework releases. To overcome this problem, Eclipse interface producers may promote unstable interfaces to APIs. However, client developers have no assistance to aid them to identify the promoted unstable interfaces in the Eclipse framework. We aim to help API users identify promoted unstable interfaces. We used the clone detection technique to identify promoted unstable interfaces as the framework evolves. Our empirical investigation on 16 Eclipse major releases presents the following observations. First, we have discovered that there exists over 60% non-API methods of the total interfaces in each of the analyzed 16 Eclipse releases. Second, we have discovered that the percentage of promoted non-APIs identified through clone detection ranges from 0.20% to 10.38%.
This is the slides for the talk of ICSE 2019 paper "PIVOT: Learning API-Device Correlations to Facilitate Android Compatibility Issue Detection". A link to the paper is available at: http://sccpu2.cse.ust.hk/liliwei/ICSE-main-350-CR.pdf
ASE 2016 Taming Android Fragmentation: Characterizing and Detecting Compatibi...Lili Wei
The slides are used in ASE 2016 for presentation of paper Taming Android Fragmentation: Characterizing and Detecting Compatibility Issues for Android Apps
How Virtual Compilation Transforms Static Code AnalysisCheckmarx
Many assume that code analysis requires code compilation as a prerequisite. Today, all major static code analyzers are built on this assumption and only scan post compilation - requiring buildable code. The reliance on compilation has major and negative implications for all stake holders: developers, auditors, CISOs, as well as the organizations that hope to build a secure development lifecycle (SDLC). Historically, static code analysis required a complete and buildable project to run against, which made the logical place to do the analysis at the build server and in-line with the entire build process. The “buildable” requirement also forced the execution of the scan nearer the end of the development process, making security repairs to code more expensive and greatly reducing any benefits.
The document provides details about the candidate's career objective, professional experience, technical skills, qualifications, and personal details. The candidate has over 4 years of experience in software testing and has worked on several projects as a test engineer. He has expertise in test automation using Selenium and experience testing both web and mobile applications.
This document summarizes a review paper on online Java compilers. It discusses how online Java compilers allow users to write, compile, and debug Java programs in their web browser without needing to install development software locally. The document covers the basic workings of compilers, characteristics of online Java compilers like device independence and security, and advantages like easier updating and cross-platform compatibility. It also reviews some disadvantages, like code only running on systems it was compiled for. Overall, the document evaluates online Java compilers as a way to eliminate the need to install compilers individually on each machine.
Online java compiler with security editorIRJET Journal
This document describes an online Java compiler with a security editor. The system allows users to write, compile, and debug Java programs online without needing to install a Java development kit locally. The system also includes a security editor that can encrypt and decrypt files using the MD5 algorithm. The goals of the project are to make Java programming more accessible and provide security for files. It uses a client-server architecture where the server runs the Java compiler and encryption/decryption and the client can access these features through a web interface.
COVERT is a tool that analyzes Android applications in a compositional manner to detect security vulnerabilities that occur due to the interaction of apps. It extracts models of individual apps and the Android framework and uses the Alloy analyzer to check the models for vulnerabilities. An evaluation on over 500 real-world apps found that COVERT can effectively detect inter-app vulnerabilities in minutes and does not require source code. It was implemented with desktop, mobile, and web-based front-ends to facilitate end-user analysis of apps.
International journal of applied sciences and innovation vol 2015 - no 1 - ...sophiabelthome
This document discusses web-based programming languages that support Selenium testing. It begins by introducing Selenium and describing its core components and architecture. Selenium can be used to test web applications built with languages like C#, Java, PHP, Python, JavaScript, XML, and Ruby. The document then discusses how Selenium can be used for mobile web application testing on Android and iOS. It concludes by stating that Selenium is a dynamic testing tool that supports testing in many languages and allows for quality assurance of web applications.
This is the slides for the talk of ICSE 2019 paper "PIVOT: Learning API-Device Correlations to Facilitate Android Compatibility Issue Detection". A link to the paper is available at: http://sccpu2.cse.ust.hk/liliwei/ICSE-main-350-CR.pdf
ASE 2016 Taming Android Fragmentation: Characterizing and Detecting Compatibi...Lili Wei
The slides are used in ASE 2016 for presentation of paper Taming Android Fragmentation: Characterizing and Detecting Compatibility Issues for Android Apps
How Virtual Compilation Transforms Static Code AnalysisCheckmarx
Many assume that code analysis requires code compilation as a prerequisite. Today, all major static code analyzers are built on this assumption and only scan post compilation - requiring buildable code. The reliance on compilation has major and negative implications for all stake holders: developers, auditors, CISOs, as well as the organizations that hope to build a secure development lifecycle (SDLC). Historically, static code analysis required a complete and buildable project to run against, which made the logical place to do the analysis at the build server and in-line with the entire build process. The “buildable” requirement also forced the execution of the scan nearer the end of the development process, making security repairs to code more expensive and greatly reducing any benefits.
The document provides details about the candidate's career objective, professional experience, technical skills, qualifications, and personal details. The candidate has over 4 years of experience in software testing and has worked on several projects as a test engineer. He has expertise in test automation using Selenium and experience testing both web and mobile applications.
This document summarizes a review paper on online Java compilers. It discusses how online Java compilers allow users to write, compile, and debug Java programs in their web browser without needing to install development software locally. The document covers the basic workings of compilers, characteristics of online Java compilers like device independence and security, and advantages like easier updating and cross-platform compatibility. It also reviews some disadvantages, like code only running on systems it was compiled for. Overall, the document evaluates online Java compilers as a way to eliminate the need to install compilers individually on each machine.
Online java compiler with security editorIRJET Journal
This document describes an online Java compiler with a security editor. The system allows users to write, compile, and debug Java programs online without needing to install a Java development kit locally. The system also includes a security editor that can encrypt and decrypt files using the MD5 algorithm. The goals of the project are to make Java programming more accessible and provide security for files. It uses a client-server architecture where the server runs the Java compiler and encryption/decryption and the client can access these features through a web interface.
COVERT is a tool that analyzes Android applications in a compositional manner to detect security vulnerabilities that occur due to the interaction of apps. It extracts models of individual apps and the Android framework and uses the Alloy analyzer to check the models for vulnerabilities. An evaluation on over 500 real-world apps found that COVERT can effectively detect inter-app vulnerabilities in minutes and does not require source code. It was implemented with desktop, mobile, and web-based front-ends to facilitate end-user analysis of apps.
International journal of applied sciences and innovation vol 2015 - no 1 - ...sophiabelthome
This document discusses web-based programming languages that support Selenium testing. It begins by introducing Selenium and describing its core components and architecture. Selenium can be used to test web applications built with languages like C#, Java, PHP, Python, JavaScript, XML, and Ruby. The document then discusses how Selenium can be used for mobile web application testing on Android and iOS. It concludes by stating that Selenium is a dynamic testing tool that supports testing in many languages and allows for quality assurance of web applications.
GREATFREE: THE JAVA APIS AND IDIOMS TO PROGRAM LARGE-SCALE DISTRIBUTED SYSTEMSijait
This document introduces GreatFree, a set of Java APIs and idioms for programming large-scale distributed systems from scratch without using third-party frameworks. GreatFree aims to make distributed system programming more approachable by providing high-level abstractions while still requiring developers to understand underlying distributed computing issues. It contains APIs and patterns for common tasks like communication, serialization, concurrency, and more. The document discusses how GreatFree differs from configuring existing frameworks or using low-level languages alone. It argues GreatFree can help developers both program novel distributed systems and improve their distributed programming skills.
Tilli Buchanan is applying for a B.S. in Software Development. She has over 5 years of experience in QA engineering and testing roles. Her experience includes designing and writing automated tests in C#, maintaining over 400 automated UI tests, tracking defects, reviewing code, and working in agile environments with 2-3 week sprints. She is proficient in tools like Visual Studio, SQL Server, Hyper-V, Selenium, and has experience testing desktop, web, and mobile applications.
This document discusses APIs and summarizes several studies on API usage:
1. It introduces APIs and common approaches used to analyze them like text matching and bytecode analysis.
2. It summarizes four studies: a) a client lag time study finding clients do not often upgrade API versions, b) an API usage study finding small portions are used, c) a popularity and bug relationship study finding popular parts are better tested, and d) an API deprecation study finding clients rarely react to deprecated artifacts.
3. The API deprecation study is discussed in more detail, presenting example clients and findings such as the time frame of reaction and that clients tend to delete rather than replace deprecated references.
Pratyush Prakash Srivastava is a software quality analyst with over 8 years of experience in manual and automation testing on mobile and web platforms. He has worked on projects for companies like Honeywell, GlobalLogic, and Pure Testing. His technical skills include testing Android, iOS, and Windows mobile applications as well as web services, databases, and automation tools like JIRA, Rally, and TestLink. He is ISTQB certified and has achieved exceptional performer ratings at Honeywell.
This document proposes a method to automatically migrate C programs to equivalent Java programs. It involves a two phase process: 1) Converting the C program to C++ intermediate representation to leverage similarities in syntax between C and C++. 2) Converting the C++ representation to Java by matching statements and keywords between the languages (e.g. replacing C "printf" with Java "System.out.println"). The method was implemented in a tool that successfully converted some C programs to working Java code. It aims to reduce the manual effort required for language migration compared to rewriting code from scratch.
- The document is a resume for Piyush Jain detailing his work experience and qualifications.
- It outlines his over 2 years of experience as a Senior QA at Ecoinsight Building Software Solutions, where he has worked on various projects testing software.
- It also lists his technical skills and tools used, education background of a BE in Computer Science, and personal details.
Analyzing the Eclipse API Usage: Putting the Developer in the LoopAlexander Serebrenik
The document describes a survey conducted to understand why developers use unstable "bad" Eclipse APIs. The survey found that more experienced developers are willing to use bad APIs despite instability for benefits like avoiding reinventing functionality, while less experienced developers avoid them due to instability concerns. No significant differences were found between proprietary and open-source Eclipse plugin developers based on factors like experience and team size. Including developers provides insights into why certain API choices are made in practice.
A Review Paper on Cross Platform Mobile Application Development IDEIOSR Journals
This document provides a review of cross-platform mobile application development. It discusses several approaches including PhoneGap and Titanium. These approaches allow developing applications using common code that can be deployed across platforms like Android and iOS. The document also proposes a mathematical model for a cross-platform development environment. The model represents the system as having inputs, functions for code conversion, a translator, and outputs in the form of executable apps for different platforms. This would allow developing an app using a single codebase that can generate both Android and iOS versions.
Regular use of static code analysis in team developmentPVS-Studio
Static code analysis technologies are used in companies with mature software development processes. However, there might be different levels of using and introducing code analysis tools into a development process: from manual launch of an analyzer "from time to time" or when searching for hard-to-find errors to everyday automatic launch or launch of a tool when adding new source code into the version control system.
This document contains the resume of Neha Arora summarizing her experience as a software tester. She has over 5 years of experience in manual testing, creating test cases, and executing tests. She is proficient in various testing techniques and has experience testing both web and desktop applications. She is knowledgeable in defect tracking tools like JIRA and Mantis. Her testing experience includes projects in various domains like automobiles, banking, and e-learning.
The document describes a proposed system called Code-a-Maze that aims to obfuscate source code through various transformations to deter software reverse engineering. Code-a-Maze works by taking source code as input and applying different obfuscation techniques depending on the path taken through an abstract "maze" represented by the code. The transformations include pointless allocation and deallocation of memory, insertion of dummy method calls, addition of bogus code and trampoline functions, flipping of conditional branches, and modification of variable and function names. The goal is to complicate the code and transfer control flow in unpredictable ways, making it difficult for attackers to analyze the code without affecting its functionality or performance.
Check out this blog to find out the top 10 automation testing tools in 2020, that is open-source, free, and commercial. These tools can help your business conduct quality software testing.
Comparative Study on Different Mobile Application FrameworksIRJET Journal
The document discusses and compares several frameworks for automating mobile application testing, including Robotium, Appium, Espresso, Calabash, and UI Automator. It provides brief descriptions of each framework, highlighting their key features and limitations. A table compares the frameworks across different parameters. The document concludes that while each framework has its uses, Appium stands out for its platform independence, support for both native and hybrid applications, and ability to work across multiple programming languages. Automated testing frameworks are important for thoroughly testing mobile applications and ensuring quality and stability.
Abhishek Shrivastava has over 4.8 years of experience as an IT analyst for Apple working on software quality assurance and core DevOps activities. He has skills in technologies like Java, Splunk, and automation tools like Autopilot and Radar. Currently working as a Quality Engineer for Apple's Point of Sale application, his roles include requirements analysis, test case development, defect tracking, and maintaining automation frameworks. He previously served as a DevOps Engineer where he configured servers and load testing. Abhishek holds certifications in programming and testing and has received several awards for his work.
- Ankit Sharma is a software testing engineer with over 1 year of experience in testing mobile applications and web applications.
- He has experience in test automation using tools like MonkeyTalk, Selenium WebDriver, and Python scripting.
- Some of the key projects he has worked on include testing the VG Smart attendance application, Videocon e-commerce application, and VG Punch web-based attendance application for Videocon Industries.
An independent and comparative evaluation of the representativeness of four Android app vulnerability benchmark suites: DroidBench, Ghera, IccBench, and UBCBench.
The document provides a summary of a software tester's professional experience including 5+ years of experience in manual and automation testing using Selenium and Silk Test. It lists the tester's technical skills and experience with various projects testing applications for banking, mobility, smart cities, and cloud. The tester has experience leading a team of 8 test engineers and is proficient in all phases of the SDLC and testing methodologies.
Software testing is a main part of Software Development Life Cycle and one of the important aspects of Software Engineering. There is a wide variety of testing tools which require or not the user experience in testing software products. According to the daily use, Mobile and Web applications take the first place in development and testing. Testing automation enables developers and testers to easily automate the entire process of testing in software development saving time and costs. This paper provide a feasibility study for commercial and open source web testing tools helping developers or users to pick the suitable tool based on their requirements.
As the number of external APIs integrated into a business process increases, so does complexity. Learn how automated end to end testing and Service Virtualization enable organizations to test smarter and faster.
This document discusses using aspect-oriented programming (AOP) to make the Eclipse integrated development environment (IDE) and other Eclipse applications accessible through speech. It describes how AOP can be used to modularize accessibility enhancements as cross-cutting concerns, allowing different accessibility add-ons to be deployed without modifying the core application code. This approach makes developing and deploying accessible software more manageable. The document provides background on AOP and accessibility as a cross-cutting concern, and explains how the Eclipse platform is well-suited for an AOP-based accessibility approach.
SBGC provides IEEE software projects for students in various domains including Java, J2ME, J2EE, .NET and MATLAB. It offers two categories of projects - projects with new ideas/papers and selecting from their project list. They ensure projects are implemented satisfactorily and students understand all aspects. SBGC provides latest 2012-2013 projects for various engineering and technology students as well as MBA students. It offers project support including abstracts, reports, presentations and certificates.
The document provides an overview of API tooling features in Eclipse. It discusses the need for tooling to define, document, and enforce API contracts. The tooling can detect binary incompatibilities, illegal API usage, missing documentation, and inconsistent version numbers. It generates reports and provides integrated IDE support to help developers design, use and evolve APIs while avoiding breaking changes. The tooling enforces rules for public APIs through configurable descriptions and checks APIs are used as intended.
GREATFREE: THE JAVA APIS AND IDIOMS TO PROGRAM LARGE-SCALE DISTRIBUTED SYSTEMSijait
This document introduces GreatFree, a set of Java APIs and idioms for programming large-scale distributed systems from scratch without using third-party frameworks. GreatFree aims to make distributed system programming more approachable by providing high-level abstractions while still requiring developers to understand underlying distributed computing issues. It contains APIs and patterns for common tasks like communication, serialization, concurrency, and more. The document discusses how GreatFree differs from configuring existing frameworks or using low-level languages alone. It argues GreatFree can help developers both program novel distributed systems and improve their distributed programming skills.
Tilli Buchanan is applying for a B.S. in Software Development. She has over 5 years of experience in QA engineering and testing roles. Her experience includes designing and writing automated tests in C#, maintaining over 400 automated UI tests, tracking defects, reviewing code, and working in agile environments with 2-3 week sprints. She is proficient in tools like Visual Studio, SQL Server, Hyper-V, Selenium, and has experience testing desktop, web, and mobile applications.
This document discusses APIs and summarizes several studies on API usage:
1. It introduces APIs and common approaches used to analyze them like text matching and bytecode analysis.
2. It summarizes four studies: a) a client lag time study finding clients do not often upgrade API versions, b) an API usage study finding small portions are used, c) a popularity and bug relationship study finding popular parts are better tested, and d) an API deprecation study finding clients rarely react to deprecated artifacts.
3. The API deprecation study is discussed in more detail, presenting example clients and findings such as the time frame of reaction and that clients tend to delete rather than replace deprecated references.
Pratyush Prakash Srivastava is a software quality analyst with over 8 years of experience in manual and automation testing on mobile and web platforms. He has worked on projects for companies like Honeywell, GlobalLogic, and Pure Testing. His technical skills include testing Android, iOS, and Windows mobile applications as well as web services, databases, and automation tools like JIRA, Rally, and TestLink. He is ISTQB certified and has achieved exceptional performer ratings at Honeywell.
This document proposes a method to automatically migrate C programs to equivalent Java programs. It involves a two phase process: 1) Converting the C program to C++ intermediate representation to leverage similarities in syntax between C and C++. 2) Converting the C++ representation to Java by matching statements and keywords between the languages (e.g. replacing C "printf" with Java "System.out.println"). The method was implemented in a tool that successfully converted some C programs to working Java code. It aims to reduce the manual effort required for language migration compared to rewriting code from scratch.
- The document is a resume for Piyush Jain detailing his work experience and qualifications.
- It outlines his over 2 years of experience as a Senior QA at Ecoinsight Building Software Solutions, where he has worked on various projects testing software.
- It also lists his technical skills and tools used, education background of a BE in Computer Science, and personal details.
Analyzing the Eclipse API Usage: Putting the Developer in the LoopAlexander Serebrenik
The document describes a survey conducted to understand why developers use unstable "bad" Eclipse APIs. The survey found that more experienced developers are willing to use bad APIs despite instability for benefits like avoiding reinventing functionality, while less experienced developers avoid them due to instability concerns. No significant differences were found between proprietary and open-source Eclipse plugin developers based on factors like experience and team size. Including developers provides insights into why certain API choices are made in practice.
A Review Paper on Cross Platform Mobile Application Development IDEIOSR Journals
This document provides a review of cross-platform mobile application development. It discusses several approaches including PhoneGap and Titanium. These approaches allow developing applications using common code that can be deployed across platforms like Android and iOS. The document also proposes a mathematical model for a cross-platform development environment. The model represents the system as having inputs, functions for code conversion, a translator, and outputs in the form of executable apps for different platforms. This would allow developing an app using a single codebase that can generate both Android and iOS versions.
Regular use of static code analysis in team developmentPVS-Studio
Static code analysis technologies are used in companies with mature software development processes. However, there might be different levels of using and introducing code analysis tools into a development process: from manual launch of an analyzer "from time to time" or when searching for hard-to-find errors to everyday automatic launch or launch of a tool when adding new source code into the version control system.
This document contains the resume of Neha Arora summarizing her experience as a software tester. She has over 5 years of experience in manual testing, creating test cases, and executing tests. She is proficient in various testing techniques and has experience testing both web and desktop applications. She is knowledgeable in defect tracking tools like JIRA and Mantis. Her testing experience includes projects in various domains like automobiles, banking, and e-learning.
The document describes a proposed system called Code-a-Maze that aims to obfuscate source code through various transformations to deter software reverse engineering. Code-a-Maze works by taking source code as input and applying different obfuscation techniques depending on the path taken through an abstract "maze" represented by the code. The transformations include pointless allocation and deallocation of memory, insertion of dummy method calls, addition of bogus code and trampoline functions, flipping of conditional branches, and modification of variable and function names. The goal is to complicate the code and transfer control flow in unpredictable ways, making it difficult for attackers to analyze the code without affecting its functionality or performance.
Check out this blog to find out the top 10 automation testing tools in 2020, that is open-source, free, and commercial. These tools can help your business conduct quality software testing.
Comparative Study on Different Mobile Application FrameworksIRJET Journal
The document discusses and compares several frameworks for automating mobile application testing, including Robotium, Appium, Espresso, Calabash, and UI Automator. It provides brief descriptions of each framework, highlighting their key features and limitations. A table compares the frameworks across different parameters. The document concludes that while each framework has its uses, Appium stands out for its platform independence, support for both native and hybrid applications, and ability to work across multiple programming languages. Automated testing frameworks are important for thoroughly testing mobile applications and ensuring quality and stability.
Abhishek Shrivastava has over 4.8 years of experience as an IT analyst for Apple working on software quality assurance and core DevOps activities. He has skills in technologies like Java, Splunk, and automation tools like Autopilot and Radar. Currently working as a Quality Engineer for Apple's Point of Sale application, his roles include requirements analysis, test case development, defect tracking, and maintaining automation frameworks. He previously served as a DevOps Engineer where he configured servers and load testing. Abhishek holds certifications in programming and testing and has received several awards for his work.
- Ankit Sharma is a software testing engineer with over 1 year of experience in testing mobile applications and web applications.
- He has experience in test automation using tools like MonkeyTalk, Selenium WebDriver, and Python scripting.
- Some of the key projects he has worked on include testing the VG Smart attendance application, Videocon e-commerce application, and VG Punch web-based attendance application for Videocon Industries.
An independent and comparative evaluation of the representativeness of four Android app vulnerability benchmark suites: DroidBench, Ghera, IccBench, and UBCBench.
The document provides a summary of a software tester's professional experience including 5+ years of experience in manual and automation testing using Selenium and Silk Test. It lists the tester's technical skills and experience with various projects testing applications for banking, mobility, smart cities, and cloud. The tester has experience leading a team of 8 test engineers and is proficient in all phases of the SDLC and testing methodologies.
Software testing is a main part of Software Development Life Cycle and one of the important aspects of Software Engineering. There is a wide variety of testing tools which require or not the user experience in testing software products. According to the daily use, Mobile and Web applications take the first place in development and testing. Testing automation enables developers and testers to easily automate the entire process of testing in software development saving time and costs. This paper provide a feasibility study for commercial and open source web testing tools helping developers or users to pick the suitable tool based on their requirements.
As the number of external APIs integrated into a business process increases, so does complexity. Learn how automated end to end testing and Service Virtualization enable organizations to test smarter and faster.
This document discusses using aspect-oriented programming (AOP) to make the Eclipse integrated development environment (IDE) and other Eclipse applications accessible through speech. It describes how AOP can be used to modularize accessibility enhancements as cross-cutting concerns, allowing different accessibility add-ons to be deployed without modifying the core application code. This approach makes developing and deploying accessible software more manageable. The document provides background on AOP and accessibility as a cross-cutting concern, and explains how the Eclipse platform is well-suited for an AOP-based accessibility approach.
SBGC provides IEEE software projects for students in various domains including Java, J2ME, J2EE, .NET and MATLAB. It offers two categories of projects - projects with new ideas/papers and selecting from their project list. They ensure projects are implemented satisfactorily and students understand all aspects. SBGC provides latest 2012-2013 projects for various engineering and technology students as well as MBA students. It offers project support including abstracts, reports, presentations and certificates.
The document provides an overview of API tooling features in Eclipse. It discusses the need for tooling to define, document, and enforce API contracts. The tooling can detect binary incompatibilities, illegal API usage, missing documentation, and inconsistent version numbers. It generates reports and provides integrated IDE support to help developers design, use and evolve APIs while avoiding breaking changes. The tooling enforces rules for public APIs through configurable descriptions and checks APIs are used as intended.
Aliens in Your Apps! Are You Using Components With Known Vulnerabilities?Sonatype
This presentation was given by Ryan Berg, Sonatype CSO, at the All Things Open conference in Raleigh, NC.
We all know that Open Source brings speed, innovation, cost savings and more to our development efforts. It also brings risk. Bash, Heartbleed, Struts – anyone? Join this session to hear the latest research on the most risky open source component types – the alien invaders hiding in your software. And learn best practices to manage your risk based on the 11,000 people who shared their experiences in the 4 year industry-wide study on open source development and application security. Among the surprising results…
- 1-in-3 organizations had or suspected an open source breach in the last 12 months
- Only 16% of participants must prove they are not using components with known vulnerabilities
- 64% don’t track changes in open source vulnerability data
Implementation and Evaluation of a Component-Based framework for Internet App...ITIIIndustries
This document summarizes a component-based framework for building internet applications. It describes key components of the system like the application bootstrapper, component locality service, and component loader service. These system-level components handle tasks like loading application definitions, resolving component locations, downloading components, and instantiating them. The framework allows components to be developed independently and executed across different environments. It provides inter-component communication through a service bus. The document outlines how applications and components are defined and developed using this framework to provide flexibility in deployment and efficient use of resources.
The document discusses the results of a survey on open source software usage and security practices. Some key findings include:
- Over half of organizations have an open source policy but only two-thirds follow the policies. Top challenges are lack of enforcement and unclear expectations.
- Most organizations do not have meaningful controls over the components used in applications and many have an incomplete view of license risks.
- Few organizations actively monitor components for vulnerability changes or maintain an inventory of components used in production applications. Responsibilities for security are often unclear.
- Application security practices often lag development speeds, with security analysis rarely performed early in the process. Training availability and developer interest in security is limited.
API testing has established a trend for automated testing as software development teams become more technologically oriented. More tools will be developed to meet these requirements. Regardless of how difficult it is to find a tool that can do everything, adopting a toolset that meets a company’s needs while increasing revenue is critical. Before choosing one, consider how each API testing tool may be better suited for specific purposes and what features are essential for your software development workflows.
A Deep Dive into Android App Development 2.0.pdflubnayasminsebl
Welcome To
A Deep Dive into Android App Development 2.0
As a strong and adaptable framework, ASP.NET stands out in the constantly changing world of online development. With origins in the early 2000s, ASP.NET has continually changed with the internet's evolving environment, evolving into a foundational technology for creating reliable, scalable, and secure web applications. The world of ASP.NET web development, its evolution, important components, recommended practices, and its influence on the digital world are all covered in this thorough reference.
Understanding ASP.NET in Chapter 1
Microsoft's ASP.NET is a framework for Android App Development 2 server-side web applications that gives programmers the tools, libraries, and technologies they need to develop dynamic web applications. With numerous editions and modifications that have added new features, expanded performance, and increased security, it has a long history.
1. A Synopsis of ASP.NET's History
The history of ASP.NET started in 2002 with the introduction of ASP.NET 1.0. It has undergone a number of revisions over time, including ASP.NET 2.0, 3.5, 4.0, 4.5, and Core, each of which introduced new features and enhancements. An SEO Expate Bangladesh Ltd important step towards open-source, cross-platform development was made with the introduction of ASP.NET Core, which was eventually rebranded as.NET 5 and beyond.
Key Characteristics of ASP.NET Server-Side Development: ASP.NET enables programmers to create server-side web applications, which are more dependable and secure than client-side alternatives. Integration with the.NET Ecosystem: The. NET framework and ASP.NET are strongly connected, giving users access to a variety of libraries and tools. Model-View-Controller (MVC): The MVC design, which encourages the separation of concerns and code organization, is supported by ASP.NET. Cross-Platform Capability: Since the release of.NET Core, ASP.NET can now be utilized on a variety of platforms in addition to Windows. Scalability:
Applications built with ASP.NET can be readily scaled to manage rising traffic and workloads. Security: ASP.NET provides strong security features like data protection, authentication, and authorization. Extensibility: Custom controls, modules, and libraries can be used by developers to expand ASPNET.
Technologies ASP.NET in Chapter
Web development requires a number of different technologies and tools, many of which are included in ASP.NET. Let's explore a few of the foundational elements of the ASP.NET ecosystem.
Web forms for ASP.NET
A framework for creating dynamic web applications is called ASP.NET Web Forms. It makes use of a component-based design, enabling programmers to build reusable UI components and communicate with them via server-side events. Although ASP.NET MVC and Razor Pages have mostly replaced Web Forms in recent years, many legacy applications still use Web Forms.
ASP.NET MVC
A design pattern and framework called ASP.NET MVC (Model-Vi
PI's are fundamental for designing and maintaining quality components. Eclipse currently has little tooling to support the design, implementation and maintenance of APIs. As part of the Ganymede release, PDE provides tools to support binary compatibility checking, API usage scanning and plug-in version numbering management. This talk details the technology available in Ganymede, supported usecases and outlines directions for future development. We will also discuss the challenges of proper version management in the bundle world.
SECURITY FOR DEVOPS DEPLOYMENT PROCESSES: DEFENSES, RISKS, RESEARCH DIRECTIONSijseajournal
DevOps is an emerging collection of software management practices intended to shorten time to market for
new software features and to reduce the risk of costly deployment errors. In this paper we examine the security implications of two of the key DevOps practices, automation of the deployment pipeline using a deployment toolchain and infrastructure-as-code to specify the environment of the eployed software. We focus on identifying what changes when an organization moves from manual deployments to DevOps
automated deployment processes.We reviewed the literature and conducted three case studies using simple configurations of common DevOps tools. This allowed us to identify specific:
• Positive influences on security where automation enhances defenses.
• Negative influences, where automation enables different kinds of attacks and increases the attack
surface.
• Research directions that look promising to support this new approach to software management.
• Recommendations for DevOps adopters
API testing is a critical component of the software testing process. Programmers, developers, and software analysts who collaborate to create a stable software product use a variety of tools to ensure the product’s quality.
In such a case, getting API testing right is one of the most important factors in determining whether a software item will be a success or a failure. From this list of recently reviewed web API testing tools, one can compare the tools to choose the best and get the best ROI by selecting an ideal tool for API testing.
Automated server-side model for recognition of security vulnerabilities in sc...IJECEIAES
With the increase of global accessibility of web applications, maintaining a reasonable security level for both user data and server resources has become an extremely challenging issue. Therefore, static code analysis systems can help web developers to reduce time and cost. In this paper, a new static analysis model is proposed. This model is designed to discover the security problems in scripting languages. The proposed model is implemented in a prototype SCAT, which is a static code analysis tool. SCAT applies the phases of the proposed model to catch security vulnerabilities in PHP 5.3. Empirical results attest that the proposed prototype is feasible and is able to contribute to the security of real-world web applications. SCAT managed to detect 94% of security vulnerabilities found in the testing benchmarks; this clearly indicates that the proposed model is able to provide an effective solution to complicated web systems by offering benefits of securing private data for users and maintaining web application stability for web applications providers.
GENERATING SOFTWARE PRODUCT LINE MODEL BY RESOLVING CODE SMELLS IN THE PRODUC...ijseajournal
Software Product Lines (SPLs) refer to some software engineering methods, tools and techniques for creating a collection of similar software systems from a shared set of software assets using a common means of production. This concept is recognized as a successful approach to reuse in software development. Its purpose is to reduce production costs by reusing existing features and managing the variability between the different products with respect of particular constraints. Software Product Line engineering is the production process in product lines and the development of a family of systems by reusing core assets. It exploits the commonalities between software products and preserves the ability to vary the functionalities and features between these products. The adopted strategy for building SPL can be a top-down or bottom-up. Depending from the selected strategy, it is possible to face an inappropriate implementation in the SPL Model or the derived products during this process. The code can contain code smells or code anomalies. Code smells are considered as problems in source code which can have an impact on the quality of the derived products of an SPL. The same problem can be present in many derived products from an SPL due to reuse or in the obtained product line when the bottom-up strategy is selected. A possible solution to this problem can be the refactoring which can improve the internal structure of source code without altering external behavior. This paper proposes an approach for building SPL from source code using the bottom-up strategy. Its purpose is to reduce code smells in the obtained SPL using refactoring source code. This approach proposes a possible solution using reverse engineering to obtain the feature model of the SPL
GENERATING SOFTWARE PRODUCT LINE MODEL BY RESOLVING CODE SMELLS IN THE PRODUC...ijseajournal
The document discusses an approach for building a software product line (SPL) model by resolving code smells in the source code of existing products. It proposes using reverse engineering to analyze the source code of product variants to detect and refactor code smells. This improves the quality of the source code, allowing features to then be identified and used to generate an SPL model with common core and customizable assets. The goal is to reduce code smells when constructing an SPL using an existing set of products via the bottom-up strategy.
Generating Software Product Line Model by Resolving Code Smells in the Produc...ijseajournal
Software Product Lines (SPLs) refer to some software engineering methods, tools and techniques for
creating a collection of similar software systems from a shared set of software assets using a common
means of production. This concept is recognized as a successful approach to reuse in software
development. Its purpose is to reduce production costs by reusing existing features and managing the
variability between the different products with respect of particular constraints. Software Product Line
engineering is the production process in product lines and the development of a family of systems by
reusing core assets. It exploits the commonalities between software products and preserves the ability to
vary the functionalities and features between these products. The adopted strategy for building SPL can be
a top-down or bottom-up. Depending from the selected strategy, it is possible to face an inappropriate
implementation in the SPL Model or the derived products during this process. The code can contain code
smells or code anomalies. Code smells are considered as problems in source code which can have an
impact on the quality of the derived products of an SPL. The same problem can be present in many derived
products from an SPL due to reuse or in the obtained product line when the bottom-up strategy is selected.
A possible solution to this problem can be the refactoring which can improve the internal structure of
source code without altering external behavior. This paper proposes an approach for building SPL from
source code using the bottom-up strategy. Its purpose is to reduce code smells in the obtained SPL using
refactoring source code. This approach proposes a possible solution using reverse engineering to obtain
the feature model of the SPL.
Challenges of React Native App Development_ Effective Mitigation Strategies.pdfAndolasoft Inc
React Native stands as a beacon of cross-platform efficiency and developer-friendly app development. It helps in building applications for multiple platforms with a single codebase and has propelled it to the forefront of the development world.
Hybrid apps allow you to reach the user base of both Android and iOS devices. But developing an app that seamlessly performs on different operating systems needs adequate efficiency. Check out the best practices of hybrid app development and build a superb app in no time. https://www.webguru-india.com/blog/how-to-build-a-hybrid-app-a-detailed-outline/
Web Programming - 11 SweetAlert2, DataTables, and WYSIWYG APIAndiNurkholis1
Material for this slide includes:
1. What is API (Application Programming Interface)?
2. Advantage of API for web development
3. What is SweetAlert2 API?
4. How to use SweetAlert2 API?
5. Example of SweetAlert2 API
6. What is DataTables API?
7. How to use DataTables API?
8. Example of DataTables API
9. What is WYSIWYG (CKEditor 4) API?
10. How to use CKEditor 4 API?
11. Example of CKEditor 4 API
Similar to IDENTIFICATION OF PROMOTED ECLIPSE UNSTABLE INTERFACES USING CLONE DETECTION TECHNIQUE (20)
Beyond Degrees - Empowering the Workforce in the Context of Skills-First.pptxEduSkills OECD
Iván Bornacelly, Policy Analyst at the OECD Centre for Skills, OECD, presents at the webinar 'Tackling job market gaps with a skills-first approach' on 12 June 2024
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPRAHUL
This Dissertation explores the particular circumstances of Mirzapur, a region located in the
core of India. Mirzapur, with its varied terrains and abundant biodiversity, offers an optimal
environment for investigating the changes in vegetation cover dynamics. Our study utilizes
advanced technologies such as GIS (Geographic Information Systems) and Remote sensing to
analyze the transformations that have taken place over the course of a decade.
The complex relationship between human activities and the environment has been the focus
of extensive research and worry. As the global community grapples with swift urbanization,
population expansion, and economic progress, the effects on natural ecosystems are becoming
more evident. A crucial element of this impact is the alteration of vegetation cover, which plays a
significant role in maintaining the ecological equilibrium of our planet.Land serves as the foundation for all human activities and provides the necessary materials for
these activities. As the most crucial natural resource, its utilization by humans results in different
'Land uses,' which are determined by both human activities and the physical characteristics of the
land.
The utilization of land is impacted by human needs and environmental factors. In countries
like India, rapid population growth and the emphasis on extensive resource exploitation can lead
to significant land degradation, adversely affecting the region's land cover.
Therefore, human intervention has significantly influenced land use patterns over many
centuries, evolving its structure over time and space. In the present era, these changes have
accelerated due to factors such as agriculture and urbanization. Information regarding land use and
cover is essential for various planning and management tasks related to the Earth's surface,
providing crucial environmental data for scientific, resource management, policy purposes, and
diverse human activities.
Accurate understanding of land use and cover is imperative for the development planning
of any area. Consequently, a wide range of professionals, including earth system scientists, land
and water managers, and urban planners, are interested in obtaining data on land use and cover
changes, conversion trends, and other related patterns. The spatial dimensions of land use and
cover support policymakers and scientists in making well-informed decisions, as alterations in
these patterns indicate shifts in economic and social conditions. Monitoring such changes with the
help of Advanced technologies like Remote Sensing and Geographic Information Systems is
crucial for coordinated efforts across different administrative levels. Advanced technologies like
Remote Sensing and Geographic Information Systems
9
Changes in vegetation cover refer to variations in the distribution, composition, and overall
structure of plant communities across different temporal and spatial scales. These changes can
occur natural.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
हिंदी वर्णमाला पीपीटी, hindi alphabet PPT presentation, hindi varnamala PPT, Hindi Varnamala pdf, हिंदी स्वर, हिंदी व्यंजन, sikhiye hindi varnmala, dr. mulla adam ali, hindi language and literature, hindi alphabet with drawing, hindi alphabet pdf, hindi varnamala for childrens, hindi language, hindi varnamala practice for kids, https://www.drmullaadamali.com
Walmart Business+ and Spark Good for Nonprofits.pdfTechSoup
"Learn about all the ways Walmart supports nonprofit organizations.
You will hear from Liz Willett, the Head of Nonprofits, and hear about what Walmart is doing to help nonprofits, including Walmart Business and Spark Good. Walmart Business+ is a new offer for nonprofits that offers discounts and also streamlines nonprofits order and expense tracking, saving time and money.
The webinar may also give some examples on how nonprofits can best leverage Walmart Business+.
The event will cover the following::
Walmart Business + (https://business.walmart.com/plus) is a new shopping experience for nonprofits, schools, and local business customers that connects an exclusive online shopping experience to stores. Benefits include free delivery and shipping, a 'Spend Analytics” feature, special discounts, deals and tax-exempt shopping.
Special TechSoup offer for a free 180 days membership, and up to $150 in discounts on eligible orders.
Spark Good (walmart.com/sparkgood) is a charitable platform that enables nonprofits to receive donations directly from customers and associates.
Answers about how you can do more with Walmart!"
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
IDENTIFICATION OF PROMOTED ECLIPSE UNSTABLE INTERFACES USING CLONE DETECTION TECHNIQUE
1. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.5, September 2018
DOI:10.5121/ijsea.2018.9502 15
IDENTIFICATION OF PROMOTED ECLIPSE
UNSTABLE INTERFACES USING CLONE
DETECTION TECHNIQUE
Simon Kawuma1
and Evarist Nabaasa2
1
Department of Computer Engineering, Mbarara University of Science and Technology,
Mbarara, Uganda
2
Department of Computer Science, Mbarara University of Science and Technology,
Mbarara, Uganda
ABSTRACT
The Eclipse framework is a popular and widely used framework that has been evolving for over a decade.
The framework provides both stable interfaces (APIs) and unstable interfaces (non-APIs). Despite being
discouraged by Eclipse, client developers often use non-APIs which may cause their systems to fail when
ported to new framework releases. To overcome this problem, Eclipse interface producers may promote
unstable interfaces to APIs. However, client developers have no assistance to aid them to identify the
promoted unstable interfaces in the Eclipse framework. We aim to help API users identify promoted
unstable interfaces. We used the clone detection technique to identify promoted unstable interfaces as the
framework evolves. Our empirical investigation on 16 Eclipse major releases presents the following
observations. First, we have discovered that there exists over 60% non-API methods of the total interfaces
in each of the analyzed 16 Eclipse releases. Second, we have discovered that the percentage of promoted
non-APIs identified through clone detection ranges from 0.20% to 10.38%.
KEYWORDS
Eclipse, Unstable Interfaces, non-APIs, Promotion, Evolution
1. INTRODUCTION
Today, developers build their software application on top of frameworks. This has advantages
such as the production of good quality software and reduced software development time since the
application developer reuses the functionality provided by the framework [1] and increased
productivity [2]. Eclipse is a widely used and adopted framework. It is a large and complex open
source software system used by thousands of software developers. Eclipse framework provides
two types of Application Programming interfaces to application developers namely; stable
interfaces (APIs) and unstable Interfaces (non-APIs). Eclipse framework developers discourage
the use of non-APIs because they are immature, unsupported, undocumented and subject to be
changed or removed from the framework without notice [3].
2. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
16
Despite being discouraged, the usage of non-APIs is common. From previous studies, Businge et
al. made a number of observations: First, they found out that about 44% of 512 analyzed Eclipse
plug-in use non-APIs [4]. Second, they discovered that as Eclipse interface providers state, APIs
are indeed stable as they do not cause compatibility failures to applications that solely depend on
them [5]. Third, they also observed that indeed non-APIs cause compatibility failures to
applications that use them in new framework releases[5] [6]. Fourth, they discovered that the
major reason why application developers use non-APIs is that they claim that they cannot find
APIs with the functionality they require among stable APIs and therefore compelled to use non-
APIs [7]. Indeed, Kawuma et al. showed that less than 1% APIs offer the same or similar
functionality as non-APIs in the 18 Eclipse major releases[8].
Furthermore, in our previous study, Kawuma et al. observed that there were twice as many fully
qualified non-API methods compared to APIs [8]. Still, from the same, we also observed that
both non-API and API methods are growing although the rate at which new non-API methods are
introduced in new Eclipse version is much higher compared to the rate at which APIs are
introduced. This implies that more new non-API files are introduced instead of graduating the
already existing old non-API file to API files. It is possible that there is a very low promotion rate
of non-APIs to APIs. To overcome the problem of compatibility failures caused by using unstable
interfaces, interface producers should expedite graduation of unstable interfaces to stable
interfaces, however; application developers who use the framework have no assistance to identify
the promoted unstable interfaces. To this end, we propose to use the clone detection technique to
identify and recommended the promoted unstable interfaces to Application developers. We
carried out an investigation on 16 Major Eclipse releases; first to establish the number of non-
APIs in different Eclipse releases. Secondly to establish the number of unstable interfaces
promoted to stable interfaces. We aim to recommend the identified promoted unstable interfaces
to application developers. We formulate two research questions to guide the study as follows:
RQ1: What percentage of non-API methods exists in the different Eclipse releases? From the
analysis, we have discovered that there exist over 60% unstable interfaces in all the analyzed 16
Eclipse releases.
RQ2: What is the percentage of non-API methods promoted to API methods? We have
discovered that the percentage of identified promoted unstable interfaces for all the analyzed 16
Eclipse releases ranges from 0.20% to 10.38 %. The identify promoted unstable interface would
be recommended to the application developer.
The remainder of this paper is organized as follows: Section 2 presents the background
information on Eclipse interfaces and software clones. Section 3 discusses the experimental setup
of our study. Section 4 presents the results and findings of our study. Section 5 presents threats to
the validity of our study. Finally, Section 6 presents the conclusion and future work.
2. BACKGROUND
2.1. ECLIPSE UNSTABLE INTERFACES (NON-APIS)
Non-APIs are internal implementation artifacts that according to Eclipse naming convention [9]
are found in packages with the substring internal in the fully qualified name. These internal
implementation artifacts include public Java classes or interfaces, or public or protected methods,
3. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
17
or fields in such a class or interface. Usage of non-APIs is strongly discouraged since they may be
unstable. Eclipse clearly states that clients who think they must use these non-APIs do it at their
own risk as non-APIs are subject to arbitrary change or removal without notice. Eclipse does not
usually provide documentation and support to these non-APIs.
2.2. ECLIPSE STABLE INTERFACES (APIS)
These are public Java classes or interfaces that can be found in packages that do not contain the
segment internal in the fully qualified package name, a public or protected method, or field in
such a class or interface [9]. Eclipse states that the APIs are considered to be stable and therefore
can be used by any application developer without any risk. Furthermore, Eclipse also provides
documentation and support for these APIs. APIs which are well designed ease program
comprehension, reduced software complexity and maintainability [10].
2.3. UNSTABLE INTERFACES USAGE AND PROMOTION
Businge et al. [4-7]performed several empirical investigations on the usage of unstable, interfaces
of the Eclipse platform, they discovered that 44% of 512 analyzed eclipse plugins depended on
internal interfaces. Hora et al. [11] replicated their analysis at an ultra-large scale level and found
out that 23.5% of 9702 Eclipse client project on Github depended on internal interfaces. Wu.W et
al. [12] analyzed and classified API changes and usage in 22 framework releases from the
Apache, ecosystems and their client programs. They discovered that framework APIs are used on
average in 35% of client classes and interfaces and that about 11% of APIs usages could cause
ripple effects in client programs when these APIs change. Mastrangelo et al. [13] discovered that
client projects often use internal interfaces provided by JDK. Hani Abdeen et al. [10] evaluated
the impact of interface clone on interface design quality and discovered that interface clones are
reliable symptoms of poor interface design.
Andre Hora et al. [11] investigated the transition from internal to public interfaces. They carried
out their investigation on Eclipse (JDT), JUnit, Hibernate, jB-PM, and ElasticSearch. They
discovered that 7% of 2,277 of internal interfaces are promoted to public interfaces. They also
found that the promoted interfaces have more clients. Furthermore, they predicted internal
interface promotion with a precision and recall between 50%-80% and 26%-82% respectively.
Using their predictor on the analyzed systems, they found 382 public interface candidates. Hora et
al. [14, 15] propose tools to keep track of API evolution by mining fine-grained code changes
Comparing several studies with ours, we use clone detection technique to identify the promoted
unstable interfaces.
2.4. CLONE TERMINOLOGY
Software clone detection is a well-established research area [16] in the remainder of the section
we briefly introduce notions related to clone detection.
Code Fragment: A code fragment is a sequence of code lines with or without comments[16]. A
code fragment is identified by its file name and begin-end line numbers in the original code base.
4. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
18
Code Clone: A code fragment CF2 is a clone of another code fragment CF1 if they are similar by
some given definition of similarity. (CF1; CF2) then form a clone pair. If multiple fragments are
similar, they form a clone class or clone group[16]
Clone Types: Depending on the definition of similarity, different clone types can be
distinguished. In this study we consider code clones of Types I, II and III as defined by Roy and
Cordy as follows:
• Type-I clones are identical code fragments except for variations in white space, layout,
and comments.
• Type-II clones are structurally and syntactically identical except for variations in
identifiers, literals, types, layout, and comments.
• Type III code clones are copies with further modifications, statements can be changed,
added, or removed in addition to variations in identifiers, literals, types, layout, and
comments.
3. EXPERIMENTAL SETUP
This section details the experimental setup of how the data for the research questions was
collected.
3.1. DATA COLLECTION
In this section, we explain the data sources of our study. Our study is based on all the 16 Eclipse
SDK major releases from Eclipse project Archive website [17] until Eclipse 4.6. Table 1 presents
all the Eclipse major releases with their corresponding release dates.
Table 1: Eclipse major releases and their corresponding release dates.
5. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
19
We used the NiCad clone detection tool [18] to extract the data for all RQs. In addition to the
NiCad being suitable for extracting the data for our research questions, the tool has also been
extensively validated by previous researchers [19, 20].
3.2 DATA EXTRACTION FOR A NUMBER OF NON-APIS IN DIFFERENT ECLIPSE
RELEASES
When an Eclipse release source directory is subjected to the NiCad tool to extract clones, the tool
first extracts and generates an XML output report file containing a list of all methods in any given
Eclipse release. For example in Figure 1 below, we show a representation of the XML report
generated by subjecting Eclipse-1.0 to the tool.
Figure 1: Nicad Extracted Method Report
We used this report to obtain the total number of non-API methods in each Eclipse release. To
determine the percentage of non-APIs in a given eclipse release, we counted the number of
methods with a sub-string internal in the XML report divided by the total number of methods in
that particular Eclipse release.
3.4. DATA EXTRACTION FOR PROMOTED NON-API
To extract data for RQ2 we used NiCad cross-clone detection tool, a component of the NiCad
clone detection tool [18], to extract Type-I, Type-II and Type-III clones that exist between two
Eclipse releases E_old and E_new. The tool takes as input the two source directories of the
Eclipse releases and produces an output report that contains only clones of fragments of E_old in
E_new. We run the source files using the following NiCad configuration files type1.cfg,
type2.cfg and type3.cfg for Type-I, Type-II and Type-III clones respectfully. When carrying out
the experiments, we are aware that in the new Eclipse releases, there exist non-APIs which were
introduced in the earlier Eclipse releases. Therefore, before carrying out the NiCad cross-clone,
we first eliminate the old non-APIs in the new Eclipse release by locating the unchanged non-API
in E_new that were previously introduced E_old. This leaves only newly introduced non-APIs in
E_new.
6. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
20
For example, if we are going to carry out a NiCad cross-clone between Eclipse-3.0 and the later
Eclipse-3.1, 3.2, 3.3, etc, this is how we would proceed with the experiments: 1) We extract sets
of all the fully qualified names of the non-API methods in earlier Eclipse releases (i.e., 1.0, 2.0,
and 2.1). 2) We then extract a set with all the fully qualified names of the non-APIs methods in
the current Eclipse release of interest Eclipse 3.0. 3) Using set differencing, we eliminate all the
old non-APIs methods of all earlier releases from Eclipse 3.0. 4) After obtaining the newly
introduced non-API methods, we renamed this set with a new name called Eclipse-3.0-new. We
then carry out NiCad cross-clone between Eclipse-3.0-new and the later Eclipse releases and we
examine the existence of clones in each of the successive Eclipse releases. In figure 2 below, we
show a representation of the XML clone report generated by subjecting Eclipse-1.0 and Eclipse-
4.6 to the NiCad cross-clone tool.
Figure 2: NiCad Cross Clone Report
From figure 2, one can tell that a method in a clone pair is a non-API if it has a substring internal
in the source file path. For example, the first and second clone pairs in figure 1 belong to API and
non-APIs respectively. Whereas the third clone pair have the first and its second source file path
originating from non-API and API respectively. It should be noted that in the last clone pair, a
non-API from Eclipse-1.0 was promoted to API in Eclipse-4.6. To determine the percentage of
non-APIs that were promoted to APIs, we count the number of clone pairs in the output report
with the similar characteristic as the last clone pair in figure 1 divided by the total number of non-
API methods in the old.
4. RESULTS AND DISCUSSION
In this section, we present the results and analysis of the extracted data in Section 2 to address
RQ1 and RQ2.
7. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
21
4.1. PERCENTAGE OF NON-APIS IN DIFFERENT ECLIPSE RELEASES
Figure 3: Percentage of non-APIs in the different Eclipse releases
Figure 3 shows the percentage of non-APIs present in each Eclipse release. We observe from
Figure 3 that we have over 60% non-API methods of the total interfaces in each of the analyzed
16 Eclipse releases. The Eclipse framework has evolved for over 15 years producing a major
release every year with the aim of providing new interfaces and improving on the quality of
existing interfaces to application developers, one would expect that interfaces labeled unstable to
be at least reducing. However, from our observations, the rate at which the non-API methods are
reducing seems to be very slow. The observation tells us that this is a considerably a large amount
of non-API methods in the different Eclipse releases.
From the discussion of results in this section, we have indeed confirmed our earlier preliminary
observation in Kawuma et al [8], that indeed the introduction of non-APIs in the Eclipse releases
is much higher than that of APIs. The findings of this research question gave us a very good
motivation to investigate research question RQ2 as presented in the next section.
8. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
22
4.2. PERCENTAGE OF NON-APIS PROMOTED TO APIS
Table 2 present the percentage of promoted non-APIs in successive Eclipse releases with respect to the
newly introduced non-APIs.
The Promoted non-APIs in Table 2 were identified through cross clone detection. The first row of
Table 2 shows the different Eclipse old releases E_old where we carried NiCad cross clone
detection with the corresponding successive Eclipse new releases E_new in the first column. The
second row labeled New shows the number of newly introduced non-API methods in the different
Eclipse releases e.g. E-3.0 has a total of 32,634 newly introduced non-API methods at the time of
its release.
The numbers presented in the matrix of Table 2 show the percentage of promoted non-APIs of
old Eclipse release (i.e. E-1.0 to E-3.6) in successive new Eclipse releases in the first column.
Each value in the matrix of Table 2 show the sum of Type1, Type2 and Type3 promoted non-
APIs. For example, the values in column E-3.0 show the percentages of non-API methods of
32,634 that were promoted to API methods in successive Eclipse releases (E-3.1, E-3.2, E-3.3,
etc.). Looking at the value in cell (column E-3.2, row E-3.6) = 10.38 means that 10.38% of
21,245 non-API methods introduced in E-3.2 were promoted to API method in E-3.6. The last
three rows of Table 2 present the descriptive statistics of promoted non-API to API methods.
Looking at the last three rows specifically rows labeled min and max, the percentage of promoted
non-API methods identified through cross clone detection range from 0.20% to 10.38% for all
studied Eclipse releases.
The low percentage values in Table 2 indicate that there are few non-API methods that are
promoted to API. We found out in section 4.1 that the rate at which the non-API methods are
reducing was very slow across different Eclipse releases so one would expect to see high
promotion rate of the already existing non-API methods however the rate at which non-API
9. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
23
methods are promoted to API method is slow. Focusing on the value in the cell (column-E-1.0,
row-4.6)=0.97% in Table 2 and looking at the release date of Eclipse-1.0 (Nov 2001) and
Eclipse-4.6 (June 2016) in Table 1 the value in the later cell indicates that 0.97% of 30,766 of the
newly introduced non-APIs was promoted after 15 years during the evolution of Eclipse
Framework. A similar explanation can be used to describe how long it takes to promote non-APIs
of a given Eclipse releases.
5. THREATS TO VALIDITY
5.1. CONSTRUCT VALIDITY
The methodology used to determine the number of non-API methods and promoted non-APIs in
Eclipse releases may be slightly subjected to construct validity. The reason being that we only
used methods in our computations yet there are other objects we have ignored, for example,
variable declarations. However, it should be noted that users of the framework call methods while
developing their applications
5.2. INTERNAL VALIDITY
Internal validity related to the NiCad tool used to extract the data used in our experiments. It is
possible that results could differ if a different tool was used. Like any other static analysis tool,
the NiCad tool we used does not have a 100% precision. However other studies that have
compared NiCad tool with other clone detection tools have observed that NiCad tool has the
highest precision and recall of any existing code clone detector tools [19, 20].
5.3. EXTERNAL VALIDITY
We focused on the analysis of widely adopted and large-scale Eclipse framework. It is therefore,
a credible and representative case study. The framework is open source and thus its source code is
easily accessible. Our findings can be directly generalized to other systems, for example, the
Netbeans framework
6. CONCLUSIONS
In this research study, we have investigated Eclipse unstable (non-API) interfaces for the entire
16 major releases Using NiCad cross-clone detection tool. First, we have discovered that there
exists over 60% non-API methods of the total interfaces in each of the analyzed 16 Eclipse
releases. We have also discovered that in all the analyzed Eclipse releases, the percentage of
promoted non-API identified through cross clone detection ranges from 0.20% to 10.38% for all
studied Eclipse Release. The low percentage values of these results indicate that there is a slow
rate at which non-APIs are promoted to APIs methods between Eclipse releases.
In our follow up study, we would like to carry out a qualitative survey with the Eclipse
framework developers to establish why some non-API methods were promoted and why it takes
longer to promote some non-APIs. Furthermore, we will also build an Eclipse plugin that will be
integrated into Eclipse IDE to aid application developers to identify Promoted non-API
interfaces.
10. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
24
ACKNOWLEDGMENTS
We would like to thanks Dr. James R. Cordy for providing the latest version of the NiCad tool
and also answering our inquiries regarding NiCad.
REFERENCES
[1] D. Konstantopoulos, J. Marien, M. Pinkerton, and E. Braude, "Best principles in the design of shared
software," in 2009 33rd Annual IEEE International Computer Software and Applications Conference,
2009, pp. 287-292.
[2] S. Moser and O. Nierstrasz, "The effect of object-oriented frameworks on developer productivity,"
Computer, vol. 29, pp. 45-51, 1996.
[3] J.desRivières,"Howto use the Eclipse API," http:www.eclipse.org/articles/article.php?file=Article-
API-Use/index.html, consulted January, 2018.
[4] J. Businge, A. Serebrenik, and M. G. van den Brand, "Eclipse API usage: the good and the bad,"
Software Quality Journal, vol. 23, pp. 107-141, 2015.
[5] J. Businge, A. Serebrenik, and M. van den Brand, "Survival of Eclipse third-party plug-ins," in
Software Maintenance (ICSM), 2012 28th IEEE International Conference on, 2012, pp. 368-377.
[6] J. Businge, A. Serebrenik, and M. van den Brand, "Compatibility prediction of Eclipse third-party
plug-ins in new Eclipse releases," in Source Code Analysis and Manipulation (SCAM), 2012 IEEE
12th International Working Conference on, 2012, pp. 164-173.
[7] J. Businge, A. Serebrenik, and M. van den Brand, "Analyzing the Eclipse API usage: Putting the
developer in the loop," in Software Maintenance and Reengineering (CSMR), 2013 17th European
Conference on, 2013, pp. 37-46.
[8] S. Kawuma, J. Businge, and E. Bainomugisha, "Can we find stable alternatives for unstable Eclipse
interfaces?," in Program Comprehension (ICPC), 2016 IEEE 24th International Conference on, 2016,
pp. 1-10.
[9] J. des Rivières, "Evolving Java-based APIs," http://wiki.eclipse.org/Evolving_Java-based_APIs,
consulted January, 2018.
[10] H. Abdeen and O. Shata, "Characterizing and evaluating the impact of software interface clones,"
International Journal of Software Engineering & Applications (IJSEA), vol. Vol.4, January 2013.
[11] A. Hora, M. T. Valente, R. Robbes, and N. Anquetil, "When should internal interfaces be promoted to
public?," in Proceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations
of Software Engineering, 2016, pp. 278-289.
[12] W. Wu, F. Khomh, B. Adams, Y.-G. Guéhéneuc, and G. Antoniol, "An exploratory study of api
changes and usages based on apache and eclipse ecosystems," Empirical Software Engineering, vol.
21, pp. 2366-2412, 2016.
[13] L. Mastrangelo, L. Ponzanelli, A. Mocci, M. Lanza, M. Hauswirth, and N. Nystrom, "Use at your
own risk: the Java unsafe API in the wild," in ACM Sigplan Notices, 2015, pp. 695-710.
11. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
25
[14] A. Hora, A. Etien, N. Anquetil, S. Ducasse, and M. T. Valente, "Apievolutionminer: Keeping api
evolution under control," in Software Evolution Week (European Conference on Software
Maintenance and Working Conference on Reverse Engineering), 2014.
[15] A. Hora and M. T. Valente, "apiwave: Keeping track of API popularity and migration," in 2015 IEEE
International Conference on Software Maintenance and Evolution (ICSME), 2015, pp. 321-323.
[16] C. K. Roy and J. R. Cordy, "A survey on software clone detection research," Queen’s School of
Computing TR, vol. 541, pp. 64-68, 2007.
[17] E. Project, "Eclipse Project Archived download,"
http://archive.eclipse.org/eclipse/downloads/index.php, Consulted January, 2018.
[18] J. R. Cordy and C. K. Roy, "The NiCad clone detector," in Program Comprehension (ICPC), 2011
IEEE 19th International Conference on, 2011, pp. 219-220.
[19] J. Svajlenko and C. K. Roy, "Evaluating modern clone detection tools," in Software Maintenance and
Evolution (ICSME), 2014 IEEE International Conference on, 2014, pp. 321-330.
[20] J. Svajlenko and C. K. Roy, "Evaluating clone detection tools with bigclonebench," in Software
Maintenance and Evolution (ICSME), 2015 IEEE International Conference on, 2015, pp. 131-140.
AUTHORS
Simon Kawuma received his MSc degree in Embedded Computing System at Norwegian University of
Science and Technology Norway and University of Southampton United Kingdom in 2013. He is currently
a Ph.D. student at Mbarara University of Science and Technology. His research interests include software
engineering, software maintenance, and Evolution.
Evarist Nabaasa is a senior lecturer and Dean Faculty of Computing and Informatics at Mbarara University
of Science and Technology. He earned his Ph.D. in Computer Science from Mbarara University of Science
and Technology in 2015. His research interests include software engineering, Computer Networks, and
algorithms.
12. International Journal of Software Engineering & Applications (IJSEA), Vol.9, No.4, September 2018
26
INTENTIONAL BLANK