DI-UMONS : Dépôt institutionnel de l’université de Mons

Recherche transversale
(titres de publication, de périodique et noms de colloque inclus)
2019-05-23 - Article/Dans un journal avec peer-review - Anglais - 15 page(s)

Decan Alexandre , Mens Tom , "What do package dependencies tell us about semantic versioning?," in IEEE Transactions on Software Engineering, 10.1109/TSE.2019.2918315

  • Edition : Institute of Electrical and Electronics Engineers (NY)
  • Codes CREF : Informatique mathématique (DI1160)
  • Unités de recherche UMONS : Génie Logiciel (S852)
  • Instituts UMONS : Institut de Recherche sur les Systèmes Complexes (Complexys)
Texte intégral :

Abstract(s) :

(Anglais) The semantic versioning (semver) policy is commonly accepted by open source package management systems to inform whether new releases of software packages introduce possibly backward incompatible changes. Maintainers depending on such packages can use this information to avoid or reduce the risk of breaking changes in their own packages by specifying version constraints on their dependencies. Depending on the amount of control a package maintainer desires to have over her package dependencies, these constraints can range from very permissive to very restrictive. This article empirically compares semver compliance of four software packaging ecosystems (Cargo, npm, Packagist and Rubygems), and studies how this compliance evolves over time. We explore to what extent ecosystem-specific characteristics or policies influence the degree of compliance. We also propose an evaluation based on the "wisdom of the crowds" principle to help package maintainers decide which type of version constraints they should impose on their dependencies.

Identifiants :
  • DOI : 10.1109/TSE.2019.2918315

Mots-clés :
  • (Anglais) version control
  • (Anglais) package manager
  • (Anglais) software ecosystem
  • (Anglais) software evolution
  • (Anglais) dependency management
  • (Anglais) open source software