English
Related papers

Related papers: Possible Directions for Improving Dependency Versi…

200 papers

Motivation: The question of what combination of attributes drives the adoption of a particular software technology is critical to developers. It determines both those technologies that receive wide support from the community and those which…

Software Engineering · Computer Science 2019-09-05 Yuxing Ma , Audris Mockus , Beth Milhollin , Russel Zaretzki , Randy Bradley , Bogdan Bichescu

Package managers are everywhere, with seemingly every language and operating system implementing their own solution. The lack of interoperability between these systems means that multi-lingual projects are unable to express precise…

Modern software development is increasingly dependent on components, libraries and frameworks coming from third-party vendors or open-source suppliers and made available through a number of platforms (or forges). This way of writing…

Software Engineering · Computer Science 2020-12-16 Paolo Boldi , Georgios Gousios

Binary package managers install software quickly but they limit configurability due to rigid ABI requirements that ensure compatibility between binaries. Source package managers provide flexibility in building software, but compilation can…

Software Engineering · Computer Science 2025-09-10 John Gouwar , Gregory Becker , Tamara Dahlgren , Nathan Hanford , Arjun Guha , Todd Gamblin

This letter introduced a new R package 'coexist' which can perform species coexistence simulation and analysis. The package was initially developed for understanding the role of different combinations of varying species growth rates,…

Populations and Evolution · Quantitative Biology 2014-04-11 Youhua Chen

Background: Widespread use of third-party libraries makes ecosystems like Node Package Manager (npm) critical to modern software development. However, this interconnected chain of dependencies also creates challenges: bugs in one library…

Software Engineering · Computer Science 2025-11-10 Mohammadreza Saeidi , Ethan Thoma , Raula Gaikovina Kula , Gema Rodríguez-Pérez

The NPM package repository contains over two million packages and serves tens of billions of downloads per-week. Nearly every single JavaScript application uses the NPM package manager to install packages from the NPM repository. NPM relies…

Software Engineering · Computer Science 2023-04-04 Donald Pinckney , Federico Cassano , Arjun Guha , Jonathan Bell

Social network research has focused on hyperlink graphs, bibliographic citations, friend/follow patterns, influence spread, etc. Large software repositories also form a highly valuable networked artifact, usually in the form of a collection…

Information Retrieval · Computer Science 2021-01-22 Rima Hazra , Hardik Aggarwal , Pawan Goyal , Animesh Mukherjee , Soumen Chakrabarti

Open-source libraries are widely used by software developers to speed up the development of products, however, they can introduce security vulnerabilities, leading to incidents like Log4Shell. With the expanding usage of open-source…

As modern software development increasingly relies on reusable libraries and components, managing dependencies has become critical for ensuring software stability and security. However, challenges such as outdated dependencies, missed…

Software Engineering · Computer Science 2025-04-01 Barisha Chowdhury , Md Fazle Rabbi , S. M. Mahedy Hasan , Minhaz F. Zibran

Rebuilding packages from open source is a common practice to improve the security of software supply chains, and is now done at an industrial scale. The basic principle is to acquire the source code used to build a package published in a…

Software Engineering · Computer Science 2026-02-24 Jens Dietrich , Behnaz Hassanshahi

Third-party dependency updates can cause a build to fail if the new dependency version introduces a change that is incompatible with the usage: this is called a breaking dependency update. Research on breaking dependency updates is active,…

Software Engineering · Computer Science 2024-03-21 Frank Reyes , Yogya Gamage , Gabriel Skoglund , Benoit Baudry , Martin Monperrus

Security vulnerabilities introduced by applications using third-party dependencies are on the increase, caused by the emergence of large ecosystems of libraries such as the NPM packages for JavaScript. Nowadays, libraries depend on each…

Python software development heavily relies on third-party packages. Direct and transitive dependencies create a labyrinth of software supply chains. While it is convenient to reuse code, vulnerabilities within these dependency chains can…

Cryptography and Security · Computer Science 2026-03-11 Jacob Mahon , Chenxi Hou , Zhihao Yao

In this paper I explain the reasons that led me to research and conceive a novel technology for dependency parsing, mixing together the strengths of data-driven transition-based and constraint-based approaches. In particular I highlight the…

Computation and Language · Computer Science 2015-07-22 Matteo Grella

Considering user preferences is a determining factor in optimizing the value of a software release. This is due to the fact that user preferences for software features specify the values of those features and consequently determine the…

Software Engineering · Computer Science 2017-02-21 Davoud Mougouei , David M. W. Powers

CONTEXT The R programming language has a huge and active community, especially in the area of statistical computing. Its interpreted nature allows for several interesting constructs, like the manipulation of functions at run-time, that…

Programming Languages · Computer Science 2024-01-30 Florian Sihler , Lukas Pietzschmann , Raphael Straub , Matthias Tichy , Andor Diera , Abdelhalim Dahou

While large language models (LLMs) have shown considerable promise in code generation, real-world software development demands advanced repository-level reasoning. This includes understanding dependencies, project structures, and managing…

Software Engineering · Computer Science 2025-03-11 Junjia Du , Yadi Liu , Hongcheng Guo , Jiawei Wang , Haojian Huang , Yunyi Ni , Zhoujun Li

The robustness of npm dependency network is a crucial property, since many projects and web applications heavily rely on the functionalities of packages, especially popular ones that have many dependant packages. In the past, there have…

Social and Information Networks · Computer Science 2021-10-25 Andrej Hafner , Anže Mur , Jaka Bernard

AI coding agents increasingly modify real software repositories and make dependency decisions, including adding, removing, or updating third-party packages. These choices can materially affect security posture and maintenance burden, yet…

Software Engineering · Computer Science 2026-02-02 Tanmay Singla , Berk Çakar , Paschal C. Amusuo , James C. Davis