Assessing Third-Party Library Usage in Practice
نویسندگان
چکیده
Modern software systems build on a significant number of external libraries to deliver feature-rich and high-quality software in a cost-efficient and timely manner. As a consequence, these systems contain a considerable amount of third-party code. External libraries thus have a significant impact on maintenance activities in the project. However, most approaches that assess the maintainability of software systems largely neglect this factor. Hence, risks may remain unidentified, threatening the ability to effectively evolve the system in the future. We propose a structured approach to assess the third-party library usage in software projects and identify potential problems. Industrial experience strongly influences our approach, which we designed in a lightweight way to enable easy adoption in practice.
منابع مشابه
Automated Inference of Software Library Usage Patterns
Modern software systems are increasingly dependent on third-party libraries. It is widely recognized that using mature and well-tested third-party libraries can improve developers’ productivity, reduce time-to-market, and produce more reliable software. Today’s open-source repositories provide a wide range of libraries that can be freely downloaded and used. However, as software libraries are d...
متن کاملMeasuring Library Stability Through Historical Version Analysis
Backward compatibility is a major concern for any library developer. In this paper, we evaluate how stable a set of frequently used third-party libraries is in terms of method removals, implementation change, the ratio of change in old methods to change in new ones and the percentage of new methods in each snapshot. We provide a motivating example of a commercial company which demonstrates seve...
متن کاملThou Shalt Not Depend on Me: Analysing the Use of Outdated JavaScript Libraries on the Web
Web developers routinely rely on third-party JavaScript libraries such as jQuery to enhance the functionality of their sites. However, if not properly maintained, such dependencies can create attack vectors allowing a site to be compromised. In this paper, we conduct the first comprehensive study of client-side JavaScript library usage and the resulting security implications across the Web. Usi...
متن کاملOn the Impact of Micro-Packages: An Empirical Study of the npm JavaScript Ecosystem
The rise of user-contributed Open Source Software (OSS) ecosystems demonstrate their prevalence in the software engineering discipline. Libraries work together by depending on each other across the ecosystem. From these ecosystems emerges a minimized library called a micro-package. Micropackages become problematic when breaks in a critical ecosystem dependency ripples its effects to unsuspectin...
متن کاملAcademy of Nutrition and Dietetics Methodology for Conducting Systematic Reviews for the Evidence Analysis Library.
E VIDENCE-BASED NUTRITION practice guidelines generated from systematic reviews are imperative for registered dietitian nutritionists to provide safe and effective care. These guidelines are the foundation on which practitioners base their patient care, third party payers compensate care, and public policymakers set standards for general care. Systematic reviews are at the core of evidence-base...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Softwaretechnik-Trends
دوره 34 شماره
صفحات -
تاریخ انتشار 2014