English
Related papers

Related papers: Can We Trust Tests To Automate Dependency Updates?…

200 papers

Software testing is one of the very important Quality Assurance (QA) components. A lot of researchers deal with the testing process in terms of tester motivation and how tests should or should not be written. However, it is not known from…

Software Engineering · Computer Science 2022-01-04 Matej Madeja , Jaroslav Porubän , Michaela Bačíková , Matúš Sulír , Ján Juhár , Sergej Chodarev , Filip Gurbáľ

Automated tests play an important role in software evolution because they can rapidly detect faults introduced during changes. In practice, code-coverage metrics are often used as criteria to evaluate the effectiveness of test suites with…

Software Engineering · Computer Science 2016-11-23 Rainer Niedermayr , Elmar Juergens , Stefan Wagner

We study the evolution and impact of bloated dependencies in a single software ecosystem: Java/Maven. Bloated dependencies are third-party libraries that are packaged in the application binary but are not needed to run the application. We…

Software Engineering · Computer Science 2021-06-01 César Soto-Valero , Thomas Durieux , Benoit Baudry

Dependency management bots automatically open pull requests to update software dependencies on behalf of developers. Early research shows that developers are suspicious of updates performed by dependency management bots and feel tired of…

Software Engineering · Computer Science 2023-05-26 Runzhi He , Hao He , Yuxia Zhang , Minghui Zhou

BACKGROUND: Vulnerable dependencies are a known problem in today's open-source software ecosystems because OSS libraries are highly interconnected and developers do not always update their dependencies. AIMS: In this paper we aim to present…

Software Engineering · Computer Science 2018-08-30 Ivan Pashchenko , Henrik Plate , Serena Elisa Ponta , Antonino Sabetta , Fabio Massacci

Dependabot, a popular dependency management tool, includes a compatibility score feature that helps client packages assess the risk of accepting a dependency update by leveraging knowledge from "the crowd". For each dependency update,…

Software Engineering · Computer Science 2024-03-15 Benjamin Rombaut , Filipe R. Cogo , Ahmed E. Hassan

Defects4J is a large, peer-reviewed, structured dataset of real-world Java bugs. Each bug in Defects4J comes with a test suite and at least one failing test case that triggers the bug. In this paper, we report on an experiment to explore…

Software Engineering · Computer Science 2021-11-12 Matias Martinez , Thomas Durieux , Romain Sommerard , Jifeng Xuan , Martin Monperrus

As modern software extensively uses free open source packages as dependencies, developers have to regularly pull in new third-party code through frequent updates. However, without a proper review of every incoming change, vulnerable and…

Software Engineering · Computer Science 2022-11-08 Nasif Imtiaz , Laurie Williams

In the past decade, research on test-suite-based automatic program repair has grown significantly. Each year, new approaches and implementations are featured in major software engineering venues. However, most of those approaches are…

Software Engineering · Computer Science 2019-05-29 Thomas Durieux , Fernanda Madeiral , Matias Martinez , Rui Abreu

Modern software development reuses code by importing libraries as dependencies. Software projects typically include an average of 36 dependencies, with 80% being transitive, meaning they are dependencies of dependencies. Recent research…

Software Engineering · Computer Science 2025-10-24 Jonas Klauke , Tom Ohlmer , Stefan Schott , Serena Elisa Ponta , Wolfram Fischer , Eric Bodden

Test-based automated program repair has been a prolific field of research in software engineering in the last decade. Many approaches have indeed been proposed, which leverage test suites as a weak, but affordable, approximation to program…

Java projects are often built on top of various third-party libraries. If multiple versions of a library exist on the classpath, JVM will only load one version and shadow the others, which we refer to as dependency conflicts. This would…

Software Engineering · Computer Science 2020-06-16 Ying Wang , Rongxin Wu , Chao Wang , Ming Wen , Yepang Liu , Shing-Chi Cheung , Hai Yu , Chang Xu , Zhiliang Zhu

Open-source libraries are widely used by software developers to speed up the development of products, however, they can introduce security vulnerabilities, leading to incidents like Log4Shell. With the expanding usage of open-source…

Defects4J is a large, peer-reviewed, structured dataset of real-world Java bugs. Each bug in Defects4J is provided with a test suite and at least one failing test case that triggers the bug. In this paper, we report on an experiment to…

Software Engineering · Computer Science 2015-12-24 Matias Martinez , Thomas Durieux , Jifeng Xuan , Romain Sommerard , Martin Monperrus

Flaky tests are tests that can non-deterministically pass or fail, even in the absence of code changes.Despite being a source of false alarms, flaky tests often remain in test suites once they are detected, as they also may be relied upon…

Software Engineering · Computer Science 2024-01-30 Abdulrahman Alshammari , Paul Ammann , Michael Hilton , Jonathan Bell

E2E web test suites are prone to test dependencies due to the heterogeneous multi-tiered nature of modern web apps, which makes it difficult for developers to create isolated program states for each test case. In this paper, we present the…

Software Engineering · Computer Science 2019-10-11 Matteo Biagiola , Andrea Stocco , Ali Mesbah , Filippo Ricca , Paolo Tonella

Unlike most other software quality attributes, testability cannot be evaluated solely based on the characteristics of the source code. The effectiveness of the test suite and the budget assigned to the test highly impact the testability of…

Software Engineering · Computer Science 2022-08-25 Morteza Zakeri-Nasrabadi , Saeed Parsa

Dependencies between modules can trigger ripple effects when changes are made, making maintenance complex and costly, so minimizing these dependencies is crucial. Consequently, understanding what drives dependencies is important. One…

Software Engineering · Computer Science 2026-03-05 Zushuai Zhang , Elliott Wen , Ewan Tempero

Third-party library reuse has become common practice in contemporary software development, as it includes several benefits for developers. Library dependencies are constantly evolving, with newly added features and patches that fix bugs in…

Software Engineering · Computer Science 2017-09-15 Raula Gaikovina Kula , Daniel M. German , Ali Ouni , Takashi Ishio , Katsuro Inoue

Test Impact Analysis is an approach to obtain a subset of tests impacted by code changes. This approach is mainly applied to unit testing where the link between the code and its associated tests is easy to obtain. On the integration level,…

Software Engineering · Computer Science 2022-11-16 Muzammil Shahbaz
‹ Prev 1 2 3 10 Next ›