ASE 2023
Mon 11 - Fri 15 September 2023 Kirchberg, Luxembourg
Thu 14 Sep 2023 15:30 - 15:42 at Room D - Configuration and Version Management Chair(s): Shahar Maoz

Third-party libraries (TPLs) have become an essential component of software, accelerating development and reducing maintenance costs. However, breaking changes often occur during the upgrades of TPLs and prevent client programs from moving forward. Semantic versioning (SemVer) has been applied to standardize the versions of releases according to compatibility, but not all releases follow SemVer compliance. Lots of work focuses on SemVer compliance in ecosystems such as Java and JavaScript beyond Golang (Go for short). Due to the lack of tools to detect breaking changes and dataset for Go, developers of TPLs do not know if breaking changes occur and affect client programs, and developers of client programs may hesitate to upgrade dependencies in terms of breaking changes. To bridge this gap, we conduct the first large-scale empirical study in the Go ecosystem to study SemVer compliance in terms of breaking changes and their impact. In detail, we purpose GoSVI (Go Semantic Versioning Insight) to detect breaking changes and analyze their impact by resolving identifiers in client programs and comparing their types with breaking changes. Moreover, we collect the first large-scale Go dataset with a dependency graph from GitHub, including 124K TPLs and 532K client programs. Based on the dataset, our results show that 86.3% of library upgrades follow SemVer compliance and 28.6% of no-major upgrades introduce breaking changes. Furthermore, the tendency to comply with SemVer has improved over time from 63.7% in 2018/09 to 92.2% in 2023/03. Finally, we find 33.3% of downstream client programs may be affected by breaking changes. These findings provide developers and users of TPLs with valuable insights to help make decisions related to SemVer.

Thu 14 Sep

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

15:30 - 17:00
Configuration and Version ManagementResearch Papers at Room D
Chair(s): Shahar Maoz Tel Aviv University
15:30
12m
Talk
A Large-Scale Empirical Study on Semantic Versioning in Golang Ecosystem
Research Papers
Wenke Li Huazhong University of Science and Technology, Feng Wu Tencent Technology (Shenzhen) Co. Ltd, Cai Fu Huazhong University of Science and Technology, Fan Zhou Tencent Technology (Shenzhen) Co. Ltd
Link to publication DOI Pre-print
15:42
12m
Talk
Where to Go Now? Finding Alternatives for Declining Packages in the npm Ecosystem
Research Papers
Suhaib Mujahid Mozilla, Diego Costa Concordia University, Canada, Rabe Abdalkareem Omar Al-Mukhtar University, Emad Shihab Concordia Univeristy
Pre-print
15:55
12m
Talk
ESRO: Experience Assisted Service Reliability against Outages
Research Papers
Sarthak Chakraborty Adobe Research, Shubham Agarwal Adobe Research, Shaddy Garg Adobe, Abhimanyu Sethia Indian Institute of Technology Kanpur, Udit Narayan Pandey Indian Institute of Technology Kanpur, Videh Aggarwal Indian Institute of Technology Kanpur, Shiv Saini Adobe Research
File Attached
16:08
12m
Talk
Fixing Privilege Escalations in Cloud Access Control with MaxSAT and Graph Neural Networks
Research Papers
Yang Hu University of Texas at Austin, Wenxi Wang University of Texas at Austin, Sarfraz Khurshid University of Texas at Austin, Kenneth L. McMillan University of Texas at Austin, Mohit Tiwari University of Texas at Austin
File Attached
16:21
12m
Talk
Merge Conflict Resolution: Classification or Generation?
Research Papers
Jinhao Dong Peking University, Qihao Zhu Peking University, Zeyu Sun Zhongguancun Laboratory, Yiling Lou Fudan University, Dan Hao Peking University
Pre-print File Attached
16:34
12m
Talk
Repeated Builds During Code Review: An Empirical Study of the OpenStack Community
Research Papers
Rungroj Maipradit University of Waterloo, Dong Wang Kyushu University, Japan, Patanamon Thongtanunam University of Melbourne, Raula Gaikovina Kula Nara Institute of Science and Technology, Yasutaka Kamei Kyushu University, Shane McIntosh University of Waterloo
Pre-print File Attached
16:47
12m
Talk
Automated Software Entity Matching Between Successive VersionsRecorded talk
Research Papers
Bo Liu Beijing Institute of Technology, Hui Liu Beijing Institute of Technology, Nan Niu University of Cincinnati, Yuxia Zhang Beijing Institute of Technology, Guangjie Li National Innovation Institute of Defense Technology, Yanjie Jiang Beijing Institute of Technology
DOI Media Attached