Write a Blog >>
ICSE 2023
Sun 14 - Sat 20 May 2023 Melbourne, Australia
Thu 18 May 2023 14:00 - 14:15 at Level G - Plenary Room 1 - Recommender systems Chair(s): Kevin Moran

Package managers such as NPM have become essential for software development. The NPM repository hosts over 2 million packages and serves over 43 billion downloads every week. Unfortunately, the NPM dependency solver has several shortcomings. 1) NPM is greedy and often fails to installs the newest versions of dependencies; 2) NPM’s algorithm leads to duplicated dependencies and bloated code, which is particularly bad for web applications that need to minimize code size; 3) NPM’s vulnerability fixing algorithm is also greedy, and can even introduce new vulnerabilities; and 4) NPM’s ability to duplicate dependencies can break stateful frameworks and requires a lot of care to workaround. Although existing tools try to address these problems they are either brittle, rely on post hoc changes to the dependency tree, do not guarantee optimality, and are not composable.

We present PacSolve, a unifying framework and implementation for dependency solving which allows for customizable constraints and optimization goals. We use PacSolve to build MaxNPM, a complete, drop-in replacement for NPM, which empowers developers to combine multiple objectives when installing dependencies. We evaluate MaxNPM with a large sample of packages from the NPM ecosystem and show that it can: 1)reduce more vulnerabilities in dependencies than NPM’s auditing tool in 33% cases; 2)chooses newer dependencies than NPM in 14% cases; and 3)chooses fewer dependencies than NPM in 21% cases. All our code and data is open and available.

Thu 18 May

Displayed time zone: Hobart change

13:45 - 15:15
13:45
15m
Talk
Autonomy Is An Acquired Taste: Exploring Developer Preferences for GitHub Bots
Technical Track
Amir Ghorbani University of Victoria, Nathan Cassee Eindhoven University of Technology, Derek Robinson University of Victoria, Adam Alami Aalborg University, Neil Ernst University of Victoria, Alexander Serebrenik Eindhoven University of Technology, Andrzej Wąsowski IT University of Copenhagen, Denmark
Pre-print
14:00
15m
Talk
Flexible and Optimal Dependency Management via Max-SMT
Technical Track
Donald Pinckney Northeastern University, Federico Cassano Northeastern University, Arjun Guha Northeastern University and Roblox Research, Jonathan Bell Northeastern University, Massimiliano Culpo np-complete, S.r.l., Todd Gamblin Lawrence Livermore National Laboratory
Pre-print
14:15
15m
Talk
Towards More Effective AI-assisted Programming: A Systematic Design Exploration to Improve Visual Studio IntelliCode's User Experience
SEIP - Software Engineering in Practice
Priyan Vaithilingam Harvard University, Elena Glassman Harvard University, Peter Groenwegen , Sumit Gulwani Microsoft, Austin Z. Henley Microsoft, Rohan Malpani , David Pugh , Arjun Radhakrishna Microsoft, Gustavo Soares Microsoft, Joey Wang , Aaron Yim
14:30
7m
Talk
DeepLog: Deep-Learning-Based Log Recommendation
DEMO - Demonstrations
Yang Zhang Hebei University of Science and Technology, Xiaosong Chang Hebei University of Science and Technology, Lining Fang Hebei University of Science and Technology, Yifan Lu Hebei University of Science and Technology
14:37
7m
Talk
ShellFusion: An Answer Generator for Shell Programming Tasks via Knowledge Fusion
DEMO - Demonstrations
Zhongqi Chen School of Software Engineering, Sun Yat-sen University, Neng Zhang School of Software Engineering, Sun Yat-sen University, Pengyue Si School of Software Engineering, Sun Yat-sen University, ChenQinde School of Software Engineering, Sun Yat-sen University, Chao Liu Chongqing University, Zibin Zheng School of Software Engineering, Sun Yat-sen University
14:45
7m
Talk
Revisiting, Benchmarking and Exploring API Recommendation: How Far are We?
Journal-First Papers
Yun Peng Chinese University of Hong Kong, Shuqing Li The Chinese University of Hong Kong, Wenwei Gu The Chinese University of Hong Kong, Yichen LI The Chinese University of Hong Kong, Wenxuan Wang The Chinese University of Hong Kong, Cuiyun Gao Harbin Institute of Technology, Michael Lyu The Chinese University of Hong Kong
14:52
7m
Talk
Semantically-enhanced Topic Recommendation Systems for Software Projects
Journal-First Papers
Maliheh Izadi Delft University of Technology, Mahtab Nejati University of Waterloo, Abbas Heydarnoori Bowling Green State University
15:00
7m
Talk
Code Librarian: A Software Package Recommendation System
SEIP - Software Engineering in Practice
Lili Tao JP Morgan Chase & Co, Alexandru-Petre Cazan JP Morgan Chase & Co, Senad Ibraimoski JP Morgan Chase & Co, Sean Moran JP Morgan Chase & Co