Skip to main content
Thesis defences

PhD Oral Exam - Suhaib Mujahid, Computer Science and Software Engineering

Effective Dependency Management for the JavaScript Software Ecosystem


Date & time
Monday, November 22, 2021 (all day)
Cost

This event is free

Organization

School of Graduate Studies

Contact

Dolly Grewal

Where

Online

When studying for a doctoral degree (PhD), candidates submit a thesis that provides a critical review of the current state of knowledge of the thesis subject as well as the student’s own contributions to the subject. The distinguishing criterion of doctoral graduate research is a significant and original contribution to knowledge.

Once accepted, the candidate presents the thesis orally. This oral exam is open to the public.

Abstract

Open source software ecosystems are essential to software development. Developers depend on packages from the ecosystem to utilize their functionalities and avoid having to reinvent the wheel. On the one hand, this allows developers to write less code, increasing productivity, improving quality, and delivering more features. On the other hand, the package dependencies themselves need to be maintained. The overhead starts with the process of selecting a quality package to use out of a large set of packages, going through updating the dependencies and avoiding breakage-inducing versions, ending with replacing obsolete dependencies and finding better alternatives. Neglecting the maintenance of the dependencies can have an expensive negative impact. Hence, in this thesis, we propose facilitating the dependency management activities, encouraging developers to keep healthy dependencies in their projects.

In this thesis, we employ information extracted from the software ecosystem to help developers better manage their software dependencies. We first present an empirical study on the factors used to select dependency packages from the npm software ecosystem. Next, we propose an approach that leverages tests from the ecosystem to help identify breakage-inducing versions, which increase developers’ confidence in updating the dependencies and help them to make more informed decisions when they update dependencies. Also, we propose an approach to identify packages in decline as early as possible. The underlying rationale of our approach is that decline in community interest leads to having packages used less over time, becoming less frequently maintained, and eventually, could become abandoned. Furthermore, we propose an approach to find alternatives to replace packages in decline. Finally, we empirically evaluated our approach and characterized the alternative packages.

Back to top

© Concordia University