Towards Automatic Updates of Software Dependencies based on Artificial Intelligence

Software reusability encourages developers to heavily rely on a variety of third-party libraries and packages, resulting in dependent software products. Often ignored by developers due to the risk of breakage but dependent software have to adopt security and performance updates in their external dependencies. Existing work advocates a shift towards Automatic updation of dependent software code to implement update dependencies. Emerging automatic dependency management tools notify the availability of new updates, detect their impacts on dependent software and identify potential breakages or other vulnerabilities. However, support for automatic source code refactoring to fix potential breaking changes (to the best of my current knowledge) is missing from these tools. This paper presents a prototyping tool, DepRefactor, that assist in the programmed refactoring of software code caused by automatic updating of their dependencies. To measure the accuracy and effectiveness of DepRefactor, we test it on various students project developed in C#.

[1]  Fabio Massacci,et al.  A Qualitative Study of Dependency Management and Its Security Implications , 2020, CCS.

[2]  Mohamed Wiem Mkaouer,et al.  On the Impact of Refactoring on the Relationship between Quality Attributes and Design Metrics , 2019, 2019 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM).

[3]  Danny Dig,et al.  Accurate and Efficient Refactoring Detection in Commit History , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE).

[4]  Marco Tulio Valente,et al.  APIDiff: Detecting API breaking changes , 2018, 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[5]  Chris Parnin,et al.  Can automated pull requests encourage software developers to upgrade out-of-date dependencies? , 2017, 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[6]  Alessandro F. Garcia,et al.  How does refactoring affect internal quality attributes?: A multi-project study , 2017, SBES.

[7]  Katsuro Inoue,et al.  Do developers update their library dependencies? , 2017, Empirical Software Engineering.

[8]  Marco Tulio Valente,et al.  Historical and impact analysis of API breaking changes: A large-scale study , 2017, 2017 IEEE 24th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[9]  Ghulam Rasool,et al.  A Lightweight Approach for Detection of Code Smells , 2016, Arabian Journal for Science and Engineering.

[10]  Darko Marinov,et al.  Usage, costs, and benefits of continuous integration in open-source projects , 2016, 2016 31st IEEE/ACM International Conference on Automated Software Engineering (ASE).

[11]  Ghulam Rasool,et al.  A review of code smell mining techniques , 2015, J. Softw. Evol. Process..

[12]  Arie van Deursen,et al.  Tracking known security vulnerabilities in proprietary software systems , 2015, 2015 IEEE 22nd International Conference on Software Analysis, Evolution, and Reengineering (SANER).

[13]  Foutse Khomh,et al.  Software Release Patterns When is it a good time to update a software component? , 2020, ANT/EDI40.

[14]  Erik Dackebro,et al.  An empirical investigation into problems caused by breaking changes in API evolution , 2019 .