DI-UMONS : Dépôt institutionnel de l’université de Mons

Recherche transversale
(titres de publication, de périodique et noms de colloque inclus)
2020-02-26 - Colloque/Article dans les actes avec comité de lecture - Anglais - 8 page(s)

Decan Alexandre , Mens Tom , "How Magic Is Zero? An Empirical Analysis of Initial Development Releases in Three Software Package Distributions" in SoHeal 2020 : 3rd International Workshop on Software Health, Seoul, South Korea, 2020

  • Codes CREF : Informatique appliquée logiciel (DI2570), Informatique mathématique (DI1160), Analyse de systèmes informatiques (DI2572)
  • Unités de recherche UMONS : Génie Logiciel (S852)
  • Instituts UMONS : Institut de Recherche en Technologies de l’Information et Sciences de l’Informatique (InforTech), Institut de Recherche sur les Systèmes Complexes (Complexys)
Texte intégral :

Abstract(s) :

(Anglais) Distributions of open source software packages dedicated to specific programming languages facilitate software development by allowing software projects to depend on the functionality provided by such reusable packages. The health of a software project can be affected by the maturity of the packages on which it depends. The version numbers of the used package releases provide an indication of their maturity. Packages with a 0.y.z version number are commonly assumed to be under initial development, implying that they are likely to be less stable, and depending on them may be less healthy. In this paper, we empirically study, for three open source package distributions (Cargo, npm and Packagist) to which extent 0.y.z package releases and ≥1.0.0 package releases behave differently. More specifically, we quantify the prevalence of 0.y.z releases, we explore how long packages remain in the initial development stage, we compare the update frequency of 0.y.z and ≥1.0.0 package releases, we study how often 0.y.z releases are required by other packages, and we assess whether semantic versioning is respected for dependencies towards them. Among others, we observe that package distributions are more permissive than what semantic versioning dictates for 0.y.z releases, and that many of the 0.y.z releases can be regarded as mature packages that are no longer under initial development. As a consequence, the version number does not provide a good indication of the health of a package release.