Understanding Breaking Changes in the Wild
Modern software applications rely heavily on the usage of libraries, which provide reusable functionality, to accelerate the development process. As libraries evolve and release new versions, the software systems that depend on those libraries (the clients) should update their dependencies to use these new versions as the new release could, for example, include critical fixes for security vulnerabilities. However, updating is not always a smooth process, as it can result in software failures in the clients if the new version
includes breaking changes. Yet, there is little research on how these breaking changes impact the client projects in the wild.
To identify if changes between two library versions cause breaking changes at the client end, we perform an empirical study on Java projects built using Maven. For the analysis, we used 18,415 Maven artifacts, which declared 142,355 direct dependencies, of which 71.60% were not up-to-date. We updated these dependencies and found
that 11.58% of the dependency updates contain breaking changes that impact the client. We further analyzed these changes in the library which impact the client projects and examine if libraries have adhered to the semantic versioning scheme when introducing breaking changes in their releases. Our results show that changes in transitive dependencies were a major factor in introducing breaking changes during dependency updates and almost half of the detected client impacting breaking changes violate the semantic versioning scheme by introducing breaking changes in non-Major updates.
Tue 18 JulDisplayed time zone: Pacific Time (US & Canada) change
15:30 - 17:00 | ISSTA Online 3: Empirical StudiesTechnical Papers at Bezos Seminar Room (Gates G04) Chair(s): Jordan Samhi University of Luxembourg | ||
15:30 10mTalk | Understanding Breaking Changes in the Wild Technical Papers Dhanushka Jayasuriya University of Auckland, Valerio Terragni University of Auckland, Jens Dietrich Victoria University of Wellington, Samuel Ou University of Auckland, Kelly Blincoe University of Auckland DOI | ||
15:40 10mTalk | LiResolver: License Incompatibility Resolution for Open Source Software Technical Papers Sihan Xu Nankai University, Ya Gao Nankai University, Lingling Fan Nankai University, Linyu Li Nankai University, Xiangrui Cai Nankai University, Zheli Liu Nankai University DOI | ||
15:50 10mTalk | An Empirical Study on Concurrency Bugs in Interrupt-Driven Embedded Software Technical Papers Chao Li Beijing Institute of Control Engineering; Beijing Sunwise Information Technology, Rui Chen Beijing Institute of Control Engineering; Beijing Sunwise Information Technology, Boxiang Wang Beijing Institute of Control Engineering; Beijing Sunwise Information Technology, Zhixuan Wang Xidian University, Tingting Yu Beijing Institute of Control Engineering; Beijing Sunwise Information Technology, Yunsong Jiang Beijing Institute of Control Engineering; Beijing Sunwise Information Technology, Mengfei Yang China Academy of Space Technology DOI | ||
16:00 10mTalk | An Empirical Study of Functional Bugs in Android AppsACM SIGSOFT Distinguished Paper Technical Papers Yiheng Xiong East China Normal University, Mengqian Xu East China Normal University, Ting Su East China Normal University, Jingling Sun East China Normal University, Jue Wang Nanjing University, He Wen East China Normal University, Geguang Pu East China Normal University, Jifeng He East China Normal University, Zhendong Su ETH Zurich DOI | ||
16:10 10mTalk | Testing the Compiler for a New-Born Programming Language: An Industrial Case Study (Experience Paper) Technical Papers Yingquan Zhao Tianjin University, Junjie Chen Tianjin University, Ruifeng Fu Tianjin University, Haojie Ye Huawei, Zan Wang Tianjin University DOI | ||
16:20 10mTalk | An Empirical Study on the Effects of Obfuscation on Static Machine Learning-Based Malicious JavaScript Detectors Technical Papers Kunlun Ren Huazhong University of Science and Technology, Qiang Weizhong Huazhong University of Science and Technology, Yueming Wu Nanyang Technological University, yi zhou Huazhong University of Science and Technology, Deqing Zou Huazhong University of Science and Technology, Hai Jin Huazhong University of Science and Technology DOI | ||
16:30 10mTalk | Security Checking of Trigger-Action-Programming Smart Home Integrations Technical Papers Lei Bu Nanjing University, Qiuping Zhang Nanjing University, Suwan Li Nanjing University, Jinglin Dai Nanjing University, Guangdong Bai University of Queensland, Kai Chen Institute of Information Engineering at Chinese Academy of Sciences, Xuandong Li Nanjing University DOI | ||
16:40 10mTalk | Third-Party Library Dependency for Large-Scale SCA in the C/C++ Ecosystem: How Far Are We? Technical Papers Ling Jiang Southern University of Science and Technology, Hengchen Yuan Southern University of Science and Technology, Qiyi Tang Tencent Security Keen Lab, Sen Nie Tencent Security Keen Lab, Shi Wu Tencent Security Keen Lab, Yuqun Zhang Southern University of Science and Technology DOI | ||
16:50 10mTalk | Who Judges the Judge: An Empirical Study on Online Judge Tests Technical Papers Kaibo Liu Peking University, Yudong Han Peking University, Jie M. Zhang King’s College London, Zhenpeng Chen University College London, Federica Sarro University College London, Mark Harman University College London, Gang Huang Peking University; National Key Laboratory of Data Space Technology and System, Yun Ma Peking University DOI | ||