CDA: Characterising Deprecated Android APIs

Because of functionality evolution, or security and performance-related changes, some APIs eventually become unnecessary in a software system and thus need to be cleaned to ensure proper maintainability. Those APIs are typically marked first as deprecated APIs and, as recommended, follow through a deprecated-replace-remove cycle, giving an opportunity to client application developers to smoothly adapt their code in next updates. Such a mechanism is adopted in the Android framework development where thousands of reusable APIs are made available to Android app developers. In this work, we present a research-based prototype tool called CDA and apply it to different revisions (i.e., releases or tags) of the Android framework code for characterising deprecated APIs. Based on the data mined by CDA, we then perform an empirical study on API deprecation in the Android ecosystem and the associated challenges for maintaining quality apps. In particular, we investigate the prevalence of deprecated APIs, their annotations and documentation, their removal and consequences, their replacement messages, developer reactions to API deprecation, as well as the evolution of the usage of deprecated APIs. Experimental results reveal several findings that further provide promising insights related to deprecated Android APIs. Notably, by mining the source code of the Android framework base, we have identified three bugs related to deprecated APIs. These bugs have been quickly assigned and positively appreciated by the framework maintainers, who claim that these issues will be updated in future releases.

[1]  Jacques Klein,et al.  Negative Results on Mining Crypto-API Usage Rules in Android Apps , 2019, 2019 IEEE/ACM 16th International Conference on Mining Software Repositories (MSR).

[2]  Marco Tulio Valente,et al.  When should internal interfaces be promoted to public? , 2016, SIGSOFT FSE.

[3]  Arie van Deursen,et al.  Semantic Versioning versus Breaking Changes: A Study of the Maven Repository , 2014, 2014 IEEE 14th International Working Conference on Source Code Analysis and Manipulation.

[4]  David Notkin,et al.  Semi-automatic update of applications in response to library changes , 1996, 1996 Proceedings of International Conference on Software Maintenance.

[5]  Romain Robbes,et al.  How do developers react to API deprecation?: the case of a smalltalk ecosystem , 2012, SIGSOFT FSE.

[6]  Gabriele Bavota,et al.  The Impact of API Change- and Fault-Proneness on the User Ratings of Android Apps , 2015, IEEE Transactions on Software Engineering.

[7]  Jeff H. Perkins Automatically generating refactorings to support API evolution , 2005, PASTE '05.

[8]  Alberto Bacchelli,et al.  On the reaction to deprecation of clients of 4 + 1 popular Java APIs and the JDK , 2018, Empirical Software Engineering.

[9]  Martin P. Robillard,et al.  Recommending adaptive changes for framework evolution , 2011, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[10]  Arie van Deursen,et al.  Unveiling Exception Handling Bug Hazards in Android Based on GitHub and Google Code Issues , 2015, MSR.

[11]  Ralph E. Johnson,et al.  How do APIs evolve? A story of refactoring , 2006 .

[12]  Lu Zhang,et al.  A history-based matching approach to identification of framework evolution , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[13]  Ralph E. Johnson,et al.  Refactoring-Aware Configuration Management for Object-Oriented Programs , 2007, 29th International Conference on Software Engineering (ICSE'07).

[14]  Gabriele Bavota,et al.  How do API changes trigger stack overflow discussions? a study on the Android SDK , 2014, ICPC 2014.

[15]  Jacques Klein,et al.  Parameter Values of Android APIs: A Preliminary Study on 100,000 Apps , 2016, 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER).

[16]  Marco Tulio Valente,et al.  Do Developers Deprecate APIs with Replacement Messages? A Large-Scale Analysis on Java Systems , 2016, 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER).

[17]  Romain Rouvoy,et al.  Tracking the Software Quality of Android Applications Along Their Evolution (T) , 2015, 2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[18]  Gabriele Bavota,et al.  Crowdsourcing user reviews to support the evolution of mobile apps , 2018, J. Syst. Softw..

[19]  Jacques Klein,et al.  Accessing Inaccessible Android APIs: An Empirical Study , 2016, 2016 IEEE International Conference on Software Maintenance and Evolution (ICSME).

[20]  Stas Negara,et al.  ReBA , 2008, 2008 ACM/IEEE 30th International Conference on Software Engineering.

[21]  Jacques Klein,et al.  Characterizing malicious Android apps by mining topic-specific data flow signatures , 2017, Inf. Softw. Technol..

[22]  Daqing Hou,et al.  Exploring the Intent behind API Evolution: A Case Study , 2011, 2011 18th Working Conference on Reverse Engineering.

[23]  J. Henkel,et al.  CatchUp! Capturing and replaying refactorings to support API evolution , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..

[24]  Robert J. Walker,et al.  Seeking the ground truth: a retroactive study on the evolution and migration of software libraries , 2012, SIGSOFT FSE.

[25]  Jacques Klein,et al.  Understanding Android App Piggybacking , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C).

[26]  Jacques Klein,et al.  CiD: automating the detection of API-related compatibility issues in Android apps , 2018, ISSTA.

[27]  Robert J. Walker,et al.  Refactoring references for library migration , 2010, OOPSLA.

[28]  Erik Derr,et al.  Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android , 2017, CCS.

[29]  Zdenek Tronícek,et al.  Migration from deprecated API in Java , 2013, SPLASH '13.

[30]  Ralph E. Johnson,et al.  The role of refactorings in API evolution , 2005, 21st IEEE International Conference on Software Maintenance (ICSM'05).

[31]  Michael Eichberg,et al.  What should developers be aware of? An empirical study on the directives of API documentation , 2011, Empirical Software Engineering.

[32]  Jürgen Dingel,et al.  Analyzing a decade of Linux system calls , 2017, Empirical Software Engineering.

[33]  Arie van Deursen,et al.  Understanding Developers' Needs on Deprecation as a Language Feature , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE).

[34]  David Notkin,et al.  Using twinning to adapt programs to alternative APIs , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[35]  Haoyu Wang,et al.  WuKong: a scalable and accurate two-phase approach to Android app clone detection , 2015, ISSTA.

[36]  Andy Zaidman,et al.  Web API growing pains: Stories from client developers and their code , 2014, 2014 Software Evolution Week - IEEE Conference on Software Maintenance, Reengineering, and Reverse Engineering (CSMR-WCRE).

[37]  Jacques Klein,et al.  On vulnerability evolution in Android apps , 2018, ICSE.

[38]  Marco Tulio Valente,et al.  How do developers react to API evolution? The Pharo ecosystem case , 2015, 2015 IEEE International Conference on Software Maintenance and Evolution (ICSME).

[39]  Jacques Klein,et al.  Characterising Deprecated Android APIs , 2018, 2018 IEEE/ACM 15th International Conference on Mining Software Repositories (MSR).

[40]  Eleni Stroulia,et al.  API-Evolution Support with Diff-CatchUp , 2007, IEEE Transactions on Software Engineering.

[41]  James D. Herbsleb,et al.  How to break an API: cost negotiation and community values in three software ecosystems , 2016, SIGSOFT FSE.

[42]  Narseo Vallina-Rodriguez,et al.  Beyond Google Play: A Large-Scale Comparative Study of Chinese Android App Markets , 2018, Internet Measurement Conference.

[43]  Sooyong Park,et al.  API Document Quality for Resolving Deprecated APIs , 2014, 2014 21st Asia-Pacific Software Engineering Conference.

[44]  Marco Tulio Valente,et al.  Why and how Java developers break APIs , 2018, 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER).

[45]  Jacques Klein,et al.  An Investigation into the Use of Common Libraries in Android Apps , 2015, 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER).

[46]  Jacques Klein,et al.  AndroZoo: Collecting Millions of Android Apps for the Research Community , 2016, 2016 IEEE/ACM 13th Working Conference on Mining Software Repositories (MSR).

[47]  Jing Zhou,et al.  API deprecation: a retrospective analysis and detection method for code examples on the web , 2016, SIGSOFT FSE.

[48]  Jacques Klein,et al.  Understanding Android App Piggybacking: A Systematic Study of Malicious Code Grafting , 2017, IEEE Transactions on Information Forensics and Security.

[49]  Wei Wu,et al.  AURA: a hybrid approach to identify framework evolution , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[50]  Marco Tulio Valente,et al.  On the use of replacement messages in API deprecation: An empirical study , 2018, J. Syst. Softw..

[51]  Alberto Bacchelli,et al.  On the Reaction to Deprecation of 25, 357 Clients of 4+1 Popular Java APIs , 2016, ICSME.

[52]  Jacques Klein,et al.  IccTA: Detecting Inter-Component Privacy Leaks in Android Apps , 2015, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.

[53]  Anand Ashok Sawant,et al.  Why are Features Deprecated? An Investigation Into the Motivation Behind Deprecation , 2018, ICSME.

[54]  Miryung Kim,et al.  An Empirical Study of API Stability and Adoption in the Android Ecosystem , 2013, 2013 IEEE International Conference on Software Maintenance.

[55]  Jacques Klein,et al.  AndroZoo++: Collecting Millions of Android Apps and Their Metadata for the Research Community , 2017, ArXiv.