Präzi: From Package-based to Call-based Dependency Networks
Wed 11 May 2022 13:05 - 13:10 at ICSE room 2-odd hours - Requirements and Reuse Chair(s): Andrea Zisman
Modern programming languages such as Java, JavaScript, and Rust encourage software reuse by hosting diverse and fast-growing repositories of highly interdependent packages (i.e., reusable libraries) for their users. The standard way to study the interdependence between software packages is to infer a package dependency network by parsing manifest data. Such networks help answer questions such as “How many packages have dependencies to packages with known security issues?” or “What are the most used packages?”. However, an overlooked aspect in existing studies is that manifest-inferred relationships do not necessarily examine the actual usage of these dependencies in source code. To better model dependencies between packages, we developed Präzi, an approach combining manifests and call graphs of packages. Präzi constructs a dependency network at the more fine-grained function-level, instead of at the manifest level. This paper discusses a prototypical Präzi implementation for the popular system programming language Rust. We use Präzi to characterize Rust’s package repository, Crates.io, at the function level and perform a comparative study with metadata-based networks. Our results show that metadata-based networks generalize how packages use their dependencies. Using Präzi, we find packages call only 40% of their resolved dependencies, and that manual analysis of 34 cases reveals that not all packages use a depen- dency the same way. We argue that researchers and practitioners interested in understanding how developers or programs use dependencies should account for its context—not the sum of all resolved dependencies.
Wed 11 MayDisplayed time zone: Eastern Time (US & Canada) change
04:00 - 05:00 | Reuse and AgilityJournal-First Papers / Technical Track / SEIP - Software Engineering in Practice at ICSE room 4-even hours Chair(s): Massimiliano Di Penta University of Sannio, Italy | ||
04:00 5mTalk | CodeMatcher: Searching Code Based on Sequential Semantics of Important Query Words Journal-First Papers Chao Liu Chongqing University, Xin Xia Huawei Software Engineering Application Technology Lab, David Lo Singapore Management University, Zhiwei Liu Baidu Inc., Ahmed E. Hassan Queen's University, Shanping Li Zhejiang University Link to publication DOI Pre-print Media Attached | ||
04:05 5mTalk | Präzi: From Package-based to Call-based Dependency Networks Journal-First Papers Joseph Hejderup Endor Labs & Delft University of Technology, Moritz Beller Facebook, USA, Konstantinos Triantafyllou University of Athens, Georgios Gousios Endor Labs & Delft University of Technology DOI Pre-print Media Attached | ||
04:10 5mTalk | The Agile Success Model: A Mixed-methods Study of a Large-scale Agile Transformation Journal-First Papers Daniel Russo Department of Computer Science, Aalborg University Link to publication DOI Pre-print | ||
04:15 5mTalk | Factors Affecting On-Time Delivery in Large-Scale Agile Software Development Journal-First Papers Elvan Kula Delft University of Technology, Eric Greuter ING, Arie van Deursen Delft University of Technology, Netherlands, Georgios Gousios Endor Labs & Delft University of Technology DOI Pre-print Media Attached | ||
04:20 5mTalk | Issues in the Adoption of the Scaled Agile Framework SEIP - Software Engineering in Practice Paolo Ciancarini University of Bologna / Innopolis University, Artem Kruglov Innopolis University, Witold Pedrycz University of Alberta, Dilshat Salikhov Innopolis University, Giancarlo Succi | ||
04:25 5mTalk | Cross-Domain Deep Code Search with Few-Shot Learning Technical Track Yitian Chai School of Software, Shanghai Jiao Tong University, Hongyu Zhang University of Newcastle, Beijun Shen School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Xiaodong Gu Shanghai Jiao Tong University, China DOI Pre-print Media Attached File Attached | ||
13:00 - 14:00 | Requirements and ReuseTechnical Track / Journal-First Papers at ICSE room 2-odd hours Chair(s): Andrea Zisman The Open University | ||
13:00 5mTalk | On Systematically Building a CNL for Functional Requirements Journal-First Papers Alvaro Veizaga Interdisciplinary Centre for Security, Reliability and Trust (SnT), University of Luxembourg, Luxembourg, Mauricio Alferez Interdisciplinary Centre for Security, Reliability and Trust (SnT), University of Luxembourg, Damiano Torre University of Luxembourg, Mehrdad Sabetzadeh University of Ottawa, Lionel Briand University of Luxembourg; University of Ottawa Link to publication DOI Pre-print Media Attached | ||
13:05 5mTalk | Präzi: From Package-based to Call-based Dependency Networks Journal-First Papers Joseph Hejderup Endor Labs & Delft University of Technology, Moritz Beller Facebook, USA, Konstantinos Triantafyllou University of Athens, Georgios Gousios Endor Labs & Delft University of Technology DOI Pre-print Media Attached | ||
13:10 5mTalk | Automated Handling of Anaphoric Ambiguity in Requirements: A Multi-solution Study Technical Track Saad Ezzini University of Luxembourg, Sallam Abualhaija University of Luxembourg, Chetan Arora Deakin University, Mehrdad Sabetzadeh University of Ottawa Pre-print Media Attached | ||
13:15 5mTalk | DeepSTL - From English Requirements to Signal Temporal Logic Technical Track Jie He Technische Universität Wien, Ezio Bartocci , Dejan Nickovic Austrian Institute of Technology, Haris Isakovic Technische Universität Wien, Radu Grosu Vienna University of Technology DOI Pre-print Media Attached | ||
13:20 5mTalk | SnR: Constraint-Based Type Inference for Incomplete Java Code Snippets Technical Track Yiwen Dong University of Waterloo, Tianxiao Gu Tiktok Inc., Yongqiang Tian University of Waterloo, Chengnian Sun University of Waterloo Pre-print Media Attached | ||