Filters








28 Hits in 4.1 sec

A Comprehensive Study of Bloated Dependencies in the Maven Ecosystem [article]

César Soto-Valero, Nicolas Harrand, Martin Monperrus, Benoit Baudry
2020 arXiv   pre-print
We propose a tool, called DepClean, to analyze the presence of bloated dependencies in Maven artifacts.  ...  In this paper, we propose an original study of one such challenge: the emergence of bloated dependencies.  ...  We performed a quantitative and qualitative study of bloated dependencies in the Maven ecosystem.  ... 
arXiv:2001.07808v1 fatcat:kxmgpell5fbrjjb53pporoogcy

A comprehensive study of bloated dependencies in the Maven ecosystem

César Soto-Valero, Nicolas Harrand, Martin Monperrus, Benoit Baudry
2021 Empirical Software Engineering  
In this paper, we propose an original study of one such challenge: the emergence of bloated dependencies.  ...  They artificially grow the size of the built binary and increase maintenance effort. We propose DepClean, a tool to determine the presence of bloated dependencies in Maven artifacts.  ...  The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material.  ... 
doi:10.1007/s10664-020-09914-8 fatcat:e2gcg7ftuja7pa74fbasyzwlmm

Coverage-Based Debloating for Java Bytecode

César Soto-Valero, Thomas Durieux, Nicolas Harrand, Benoit Baudry
2022 ACM Transactions on Software Engineering and Methodology  
We leverage a combination of state-of-the-art Java bytecode coverage tools to precisely capture what parts of a project and its dependencies are used when running with a specific workload.  ...  The presence of software bloat is an issue for security, for performance, and for maintenance. In this paper, we introduce a novel technique for debloating, which we call coverage-based debloating.  ...  Bobby Bruce and all the authors of JShrink for sharing the source code and providing valuable feedback during our reproduction of their experiments.  ... 
doi:10.1145/3546948 fatcat:zxb4p57sgbel7csvojket265v4

Coverage-Based Debloating for Java Bytecode [article]

César Soto-Valero, Thomas Durieux, Nicolas Harrand, Benoit Baudry
2022 arXiv   pre-print
We leverage a combination of state-of-the-art Java bytecode coverage tools to precisely capture what parts of a project and its dependencies are used when running with a specific workload.  ...  The presence of software bloat is an issue for security, for performance, and for maintenance. In this paper, we introduce a novel technique for debloating, which we call coverage-based debloating.  ...  Bobby Bruce and all the authors of JShrink for sharing the source code and providing valuable feedback during our reproduction of their experiments.  ... 
arXiv:2008.08401v4 fatcat:o7b2putlz5gw3no7jqxzy6xrba

API Beauty is in the eye of the Clients: 2.2 Million Maven Dependencies reveal the Spectrum of Client-API Usages [article]

Nicolas Harrand, Amine Benelallam, César Soto-Valero, François Bettega, Olivier Barais, Benoit Baudry
2021 arXiv   pre-print
We investigate this seeming paradox between the observations in industry and the research literature, with a large scale empirical study of client API relationships in one single ecosystem: Maven Central  ...  We study the 94 most popular libraries in Maven Central, as well as the 829,410 client artifacts that declare a dependency to these libraries and that are available in Maven Central, summing up to 2.2M  ...  We discuss other topics such as bloated dependencies and propose the use of extinction sequences to describe API usages. API recommendation and comprehension.  ... 
arXiv:1908.09757v2 fatcat:qfdntyfolbebfnwlbs4xkbdsaa

Measuring the degree of library dependency

Nuria Bruch Tarrega, Ana-Maria Oprescu, Lodewijk Bergmans, Miroslav Zivkovic
2020 Zenodo  
We additionally implemented a proof-of-concept tool that, given a library from the Maven Central Repository, calculates the metrics of the model for each of the dependencies using bytecode analysis.  ...  The usage of these libraries allows developers to avoid duplicating code by reusing it instead. However, when a developer uses a library in a software product, this creates a dependency.  ...  Comprehensive Study of Bloated Dependencies in the Maven Ecosystem [7] Soto-Valero et al. conducted a study of the unused dependencies included in other libraries' dependency tree in the Maven ecosystem  ... 
doi:10.5281/zenodo.4280882 fatcat:krfz47lczzak3brub3xlyu3q6y

An Empirical Study of Usages, Updates and Risks of Third-Party Libraries in Java Projects [article]

Ying Wang, Bihuan Chen, Kaifeng Huang, Bowen Shi, Congying Xu, Xin Peng, Yang Liu, Yijian Wu
2020 arXiv   pre-print
In this paper, we conduct such a study in the Java ecosystem.  ...  Therefore, a quantitative and holistic study on usages, updates and risks of third-party libraries can provide practical insights to improve the ecosystem sustainably.  ...  Similar studies also exist in the npm [85] and Android [27, 48] ecosystem.  ... 
arXiv:2002.11028v1 fatcat:nbt7ywyi6faaximrjbcq3wysly

Taxonomy of Attacks on Open-Source Software Supply Chains [article]

Piergiorgio Ladisa, Henrik Plate, Matias Martinez, Olivier Barais
2022 arXiv   pre-print
The complexity of today's open-source supply chains results in a significant attack surface, giving attackers numerous opportunities to reach the goal of injecting malicious code into open-source artifacts  ...  The widespread dependency on open-source software makes it a fruitful target for malicious actors, as demonstrated by recurring attacks.  ...  We would like to thank all survey participants for their time and the constructive and insightful feedback. This work is partly funded by EU grant No. 830892 (SPARTA).  ... 
arXiv:2204.04008v2 fatcat:6by7jtz7crbr5drtxkylzgh52a

Präzi: From Package-based to Call-based Dependency Networks [article]

Joseph Hejderup, Moritz Beller, Konstantinos Triantafyllou, Georgios Gousios
2021 arXiv   pre-print
However, an overlooked aspect in existing studies is that manifest-inferred relationships do not necessarily examine the actual usage of these dependencies in source code.  ...  The standard way to study the interdependence between software packages is to infer a package dependency network by parsing manifest data.  ...  Acknowledgments: The work in this paper was partially funded by NWO grant 628.008.001 (CodeFeedr) and H2020 grant 825328 (FASTEN).  ... 
arXiv:2101.09563v5 fatcat:xqrtrcjow5hnnpqfwq5hfcl6jy

Automating Dependency Updates in Practice: An Exploratory Study on GitHub Dependabot [article]

Runzhi He, Hao He, Yuxia Zhang, Minghui Zhou
2022 arXiv   pre-print
We use exploratory data analysis and a developer survey to evaluate the effectiveness of Dependabot in keeping dependencies up-to-date, reducing update suspicion, and reducing notification fatigue.  ...  of projects have deprecated Dependabot in favor of other alternatives.  ...  We would like to sincerely thank the open source developers who have participated in our survey.  ... 
arXiv:2206.07230v2 fatcat:gjpustbmwjdnxfxlumu2huyqbq

Dependency Smells in JavaScript Projects [article]

Abbas Javan Jafari, Diego Elias Costa, Rabe Abdalkareem, Emad Shihab, Nikolaos Tsantalis
2021 arXiv   pre-print
Our findings indicate that dependency smells are prevalent in JavaScript projects with two or more distinct smells appearing in 80% of the projects, but they generally infect a minority of a project's  ...  These smells are generally introduced as developers react to dependency misbehaviour and the shortcomings of the npm ecosystem.  ...  The involvement of human participants in this study was approved by Concordia University's Faculty Research & Ethics Advisory Committee (summary protocol form number: 30004729).  ... 
arXiv:2010.14573v2 fatcat:cseajar64fbjfiqtezhs55hm2y

Advantages and Disadvantages of (Dedicated) Model Transformation Languages A Qualitative Interview Study [article]

Stefan Höppner, Yves Haas, Matthias Tichy, Katharina Juhnke
2022 arXiv   pre-print
Our data suggests, that much needs to be done in order to convey the viability of model transformation languages.  ...  We suggest several approaches for this that can be based on the results of the presented study.  ...  A comprehensive categorisation and listing of factors resulting in advantages or disadvantages of MTLs in the properties studied. .  ... 
arXiv:2201.13348v2 fatcat:dkc56mlkqfd4dfglre4vovn3li

Why are Features Deprecated? An Investigation Into the Motivation Behind Deprecation

Anand Ashok Sawant, Guangzhe Huang, Gabriel Vilen, Stefan Stojkovski, Alberto Bacchelli
2018 2018 IEEE International Conference on Software Maintenance and Evolution (ICSME)  
ACKNOWLEDGEMENTS The authors would like to thank the anonymous reviewers for their thorough feedback. A.  ...  Bacchelli gratefully acknowledges the support of the Swiss National Science Foundation through the SNF Project No. PP00P2 170529.  ...  This study aims to produce a comprehensive set of documentation that is mined from a variety of sources such as developer blogs, StackOverflow and mailing lists, all in one place.  ... 
doi:10.1109/icsme.2018.00011 dblp:conf/icsm/SawantHVSB18 fatcat:dmtj2arq7vcyddv5wrst65ffqu

Developing Microservice-Based Applications Using the Silvera Domain-Specific Language

Alen Suljkanović, Branko Milosavljević, Vladimir Inđić, Igor Dejanović
2022 Applied Sciences  
However, the results of recent studies show that there are several important challenges in the adoption of microservices such as finding the right decomposition approach, heterogeneous technology stacks  ...  We present a case study that illustrates the use of Silvera and also discuss some current limitations and development directions.  ...  MAGMA (Maven Archetype for Generating Microservice Architectures) is a tool that is based on the Maven build management system.  ... 
doi:10.3390/app12136679 doaj:4c545b474c4346e3b75c03ded0823e13 fatcat:cgsoy44qkrfotigbt7kzmvqsjy

The Dichotomy in between Ecocentrism & Anthropocentrism: An Ecocritical Rendering of Two Indian English Poets

Goutam Karmakar, Shri Krishan Rai, Sanjukta Banerjee
2017 International Journal of Applied Linguistics and English Literature  
One of the plebeian environmental moral dilemmas that are noticed in third world nations are the dialectical assimilation in between anthropocentrism and ecocentrism.  ...  Working within the peripheries of environmentalism their aeonian verse paves a way through which a solution within this third world environmentalism can be made possible.  ...  Introduction While mulling over on the mode and approach of above mentioned Indian English poets, it is comprehensibly perspicuous that these poets are writing in English in an Indian backdrop with Indian  ... 
doi:10.7575/aiac.ijalel.v.6n.3p.15 fatcat:bdqyt724qbdbxibczxysqnap7i
« Previous Showing results 1 — 15 out of 28 results