SlideShare une entreprise Scribd logo

Evolving Software Ecosystems: Health and beyond

Télécharger en tant que PPTX, PDF
E
econst

This document summarizes research on software ecosystems and their health. It discusses how social and technical factors influence ecosystem evolution and survival. Studies examined package dependency networks and found packages depend on many indirect dependencies over time. Social changes like developer abandonment can greatly impact ecosystems. Developers who commit and communicate less frequently are more likely to abandon projects sooner. Both technical and social activity are needed for package and developer longevity. Current work aims to merge developer identities across platforms and forecast inactivity to help monitor ecosystem health.

Technologie
1  sur  45
Evolving software ecosystems: Health and beyond Eleni Constantinou Tom Mens University of Mons Belgium
SOCIO- TECHNICAL A Software Ecosystem is X
Software ecosystem research 2012-2017 2017-2019 2018-2021
SECOHealth Inter-disciplinary inter-university research project Towards an interdisciplinary, socio-technical methodology and analysis of the health of software ecosystems www.secohealth.org
SECO-Assist Automated Assistance for Developing Software in Ecosystems of the Future secoassist.github.io Inter-university research project Tom Mens University of Mons Anthony Cleve Université de Namur Coen De Roover Vrije Universiteit Brussel Serge Demeyer University of Antwerp
SECO health Sustainability Longevity Growth Success Resilience Survival Diversity Popularity
SECO health Sustainability Longevity Growth Success Resilience Survival Diversity Popularity
Technical Health Problems • Outdated dependencies • Security vulnerabilities • Bugs • Duplicated code • Incompatible licenses • … • Abandonment of contributors • Lack of communication / interaction • Social conflicts • Insufficient diversity • …
Technical SECO evolution
Evolution of package dependency networks A Decan, T Mens (2018) An Empirical Comparison of Dependency Network Evolution in Seven Software Packaging Ecosystems. Empirical Software Engineering Seven package dependency networks extracted using open source discovery service http://libraries.io (CC BY-SA 4.0) 830K packages – 5.8M package versions – 20.5M dependencies
Package changes are frequent Findings • #package updates grows over time • >50% of package releases are updated within 2 months. • Required and young packages are updated more frequently. Changeability index: Maximal value n such that there exist n packages having been updated at least n times during the last month. CRAN differs due to rolling release policy: “Submitting updates should be done responsibly and with respect for the volunteers’ time. Once a package is established, ‘no more than every 1–2 months’ seems appropriate.”
Package changes are frequent Package updates may cause many maintainability issues or even failures in dependent packages. "Especially with respect to package dependencies, the risk of things breaking at some point due to the fact that a version of a dependency has changed without you knowing about it is immense. That actually cost us weeks and months in a couple of professional projects I was part of."
Most packages depend on other packages Findings • 60% to 80% of all packages are connected. • A stable minority (20%) of required packages collect over 80% of all reverse dependencies. • # npm dependencies grows much faster. Reusability index: Maximal value n such that there exist n required packages having at least n dependent packages.
Package changes may have important impact March 2016 Unexpected removal of left-pad Caused > 2% of all packages to break (> 5,400 packages) November 2010 Release 0.5.0 of i18n broke dependent package ActiveRecord Transitively required by >5% of all packages
Example: leftpad
Most of the complexity is deeply hidden … … in the transitive dependencies Proportion of top-level packages by depth of dependency tree Over 50% of top-level packages have deep dependency tree. Ecosystem complexity
Package changes may have important impact Evolution of 5-Impact Index Findings • Dependent packages have few direct but many transitive dependencies. • Ratio of indirect over direct dependencies increases over time. P-Impact Index : Number of packages that are transitively required by at least P% of all packages.
Socio-technical SECO evolution
SECO evolution Empirical investigation of software ecosystems • Social changes • Technical impact of social changes
SECO impact
SECO health
SECO repositories
SECO repositories
SECO repositories
SECO repositories
SECO repositories
Evolution of package dependency networks E Constantinou, T Mens (2017) Socio-Technical Evolution of the Ruby Ecosystem in GitHub. SANER 2017 26K packages/projects, 69K forks 76K contributors 5M commits
SECO health – Social Growth
SECO health – Technical Growth Technical growth 2008 2009 2010 2011 2012 2013 2014 2015 2016 2000 4000 6000 8000 10000 Projects Obsolete Projects New Projects Active Projects 2008 2009 2010 2011 2012 2013 2014 2015 0 1 2 3 4 Specialization
SECO health Major social changes can highly impact the ecosystem evolution Monitoring these changes can help in identifying such issues early
SECO health – Survival
Evolution of package dependency networks E Constantinou, T Mens (2017) An Empirical Comparison of Developer Retention in the RubyGems and npm Software Ecosystems. Innovations in Systems and Software Engineering 70K packages/projects 32K contributors 3M commits 1.5M messages 179K packages/projects 64K contributors 8M commits 4M messages
SECO health – Survival Socio-technical activity • Intensity • Frequency • Inactivity length Survival analysis
SECO health – Developer survival
SECO health – Developer survival Population: all developers in an ecosystem Event: abandonment of a developer Developers tend to abandon the ecosystem sooner if they: do not communicate communicate less intensively communicate less frequently do not communicate for a longer period 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Social inactivity Social activity Social abandoner 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Social inactivity Social activity Social abandoner 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long
SECO health – Developer survival Developers tend to abandon the ecosystem sooner if they: commit less intensively commit less frequently do not commit for longer periods 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Very Weak Weak Strong Very Strong 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Very Weak Weak Strong Very Strong 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long
SECO health – Package survival 37
SECO health – Package survival Population: all packages in an ecosystem Event: commit inactivity of a package Packages tend to become inactive sooner if the developers contributing to these packages: do not communicate communicate less intensively communicate less frequently do not communicate for a longer period
SECO health – Package survival Packages tend to become inactive sooner if the developers contributing to these packages: commit less intensively commit less frequently do not commit for longer periods
SECO health – Survival Intense and frequent commit activity is not enough … Intense and frequent messaging activity is also necessary
Current work – Identity merging
Current work – Identity matching GitHub git Mailing list Gerrit BugZilla IRC
Current work – Forecasting inactivity
What next? Technical • Outdated dependencies • Security vulnerabilities • Bugs • Duplicated code • Incompatible licenses • … • Abandonment of contributors • Lack of communication / interaction • Social conflicts • Insufficient diversity • …
@eleni_const @tom_mens

Recommandé

Comparing semantic versioning practices in Cargo, npm, Packagist and Rubygems
Comparing semantic versioning practices in Cargo, npm, Packagist and RubygemsComparing semantic versioning practices in Cargo, npm, Packagist and Rubygems
Comparing semantic versioning practices in Cargo, npm, Packagist and RubygemsTom Mens
 
How magic is zero? An Empirical Analysis of Initial Development Releases in S...
How magic is zero? An Empirical Analysis of Initial Development Releases in S...How magic is zero? An Empirical Analysis of Initial Development Releases in S...
How magic is zero? An Empirical Analysis of Initial Development Releases in S...Tom Mens
 
Lost in Zero Space
Lost in Zero SpaceLost in Zero Space
Lost in Zero SpaceTom Mens
 
On backporting practices in package dependency networks
On backporting practices in package dependency networksOn backporting practices in package dependency networks
On backporting practices in package dependency networksTom Mens
 
Is my software ecosystem healthy? It depends!
Is my software ecosystem healthy? It depends!Is my software ecosystem healthy? It depends!
Is my software ecosystem healthy? It depends!Tom Mens
 
On the fragility of open source software packaging ecosystems
On the fragility of open source software packaging ecosystemsOn the fragility of open source software packaging ecosystems
On the fragility of open source software packaging ecosystemsTom Mens
 
Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...
Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...
Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...Fasten Project
 
Socio-Technical Analysis of Software Ecosystem Health
Socio-Technical Analysis of Software Ecosystem HealthSocio-Technical Analysis of Software Ecosystem Health
Socio-Technical Analysis of Software Ecosystem HealthTom Mens
 

Recommandé

Comparing semantic versioning practices in Cargo, npm, Packagist and Rubygems
Comparing semantic versioning practices in Cargo, npm, Packagist and RubygemsComparing semantic versioning practices in Cargo, npm, Packagist and Rubygems
Comparing semantic versioning practices in Cargo, npm, Packagist and RubygemsTom Mens
 
How magic is zero? An Empirical Analysis of Initial Development Releases in S...
How magic is zero? An Empirical Analysis of Initial Development Releases in S...How magic is zero? An Empirical Analysis of Initial Development Releases in S...
How magic is zero? An Empirical Analysis of Initial Development Releases in S...Tom Mens
 
Lost in Zero Space
Lost in Zero SpaceLost in Zero Space
Lost in Zero SpaceTom Mens
 
On backporting practices in package dependency networks
On backporting practices in package dependency networksOn backporting practices in package dependency networks
On backporting practices in package dependency networksTom Mens
 
Is my software ecosystem healthy? It depends!
Is my software ecosystem healthy? It depends!Is my software ecosystem healthy? It depends!
Is my software ecosystem healthy? It depends!Tom Mens
 
On the fragility of open source software packaging ecosystems
On the fragility of open source software packaging ecosystemsOn the fragility of open source software packaging ecosystems
On the fragility of open source software packaging ecosystemsTom Mens
 
Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...
Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...
Software Ecosystems as Networks - Advances on the FASTEN project, Paolo Boldi...Fasten Project
 
Socio-Technical Analysis of Software Ecosystem Health
Socio-Technical Analysis of Software Ecosystem HealthSocio-Technical Analysis of Software Ecosystem Health
Socio-Technical Analysis of Software Ecosystem HealthTom Mens
 
Empirically Analysing the Socio-Technical Health of Software Package Managers
Empirically Analysing the Socio-Technical Health of Software Package ManagersEmpirically Analysing the Socio-Technical Health of Software Package Managers
Empirically Analysing the Socio-Technical Health of Software Package ManagersTom Mens
 
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...Tom Mens
 
On the health of the npm packaging ecosystem
On the health of the npm packaging ecosystemOn the health of the npm packaging ecosystem
On the health of the npm packaging ecosystemTom Mens
 
Socio-Technical Empirical Comparison of Software Package Ecosystems
Socio-Technical Empirical Comparison of Software Package EcosystemsSocio-Technical Empirical Comparison of Software Package Ecosystems
Socio-Technical Empirical Comparison of Software Package EcosystemsTom Mens
 
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...FOSDEM 2020 Presentation: Comparing dependency management issues across packa...
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...Fasten Project
 
Comparing dependency issues across software package distributions (FOSDEM 2020)
Comparing dependency issues across software package distributions (FOSDEM 2020)Comparing dependency issues across software package distributions (FOSDEM 2020)
Comparing dependency issues across software package distributions (FOSDEM 2020)Tom Mens
 
Software Ecosystems = Big Data
Software Ecosystems = Big DataSoftware Ecosystems = Big Data
Software Ecosystems = Big DataTom Mens
 
Software Ecosystem Evolution. It's complex!
Software Ecosystem Evolution. It's complex!Software Ecosystem Evolution. It's complex!
Software Ecosystem Evolution. It's complex!Tom Mens
 
RE 2015 ecosystems tutorial
RE 2015 ecosystems tutorialRE 2015 ecosystems tutorial
RE 2015 ecosystems tutorialXavier Franch
 
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...South Tyrol Free Software Conference
 
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...Tom Mens
 
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemSocial and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemTom Mens
 
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemSocial and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software Ecosystemeconst
 
Investigating developer retention in socio-technical software ecosystems
Investigating developer retention in socio-technical software ecosystemsInvestigating developer retention in socio-technical software ecosystems
Investigating developer retention in socio-technical software ecosystemseconst
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseJames Wickett
 
Scientific software sustainability and ecosystem complexity
Scientific software sustainability and ecosystem complexityScientific software sustainability and ecosystem complexity
Scientific software sustainability and ecosystem complexityJames Howison
 
All Things Open 2022 - State of OSS Security & Support
All Things Open 2022 - State of OSS Security & SupportAll Things Open 2022 - State of OSS Security & Support
All Things Open 2022 - State of OSS Security & SupportJavier Perez
 
Scientific Software: Sustainability, Skills & Sociology
Scientific Software: Sustainability, Skills & SociologyScientific Software: Sustainability, Skills & Sociology
Scientific Software: Sustainability, Skills & SociologyNeil Chue Hong
 
SECO-Assist 2019 research seminar
SECO-Assist 2019 research seminarSECO-Assist 2019 research seminar
SECO-Assist 2019 research seminarTom Mens
 
Be Prepared for Growth - Confluence at Thales
Be Prepared for Growth - Confluence at ThalesBe Prepared for Growth - Confluence at Thales
Be Prepared for Growth - Confluence at ThalesAtlassian
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 

Contenu connexe

Similaire à Evolving Software Ecosystems: Health and beyond

Empirically Analysing the Socio-Technical Health of Software Package Managers
Empirically Analysing the Socio-Technical Health of Software Package ManagersEmpirically Analysing the Socio-Technical Health of Software Package Managers
Empirically Analysing the Socio-Technical Health of Software Package ManagersTom Mens
 
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...Tom Mens
 
On the health of the npm packaging ecosystem
On the health of the npm packaging ecosystemOn the health of the npm packaging ecosystem
On the health of the npm packaging ecosystemTom Mens
 
Socio-Technical Empirical Comparison of Software Package Ecosystems
Socio-Technical Empirical Comparison of Software Package EcosystemsSocio-Technical Empirical Comparison of Software Package Ecosystems
Socio-Technical Empirical Comparison of Software Package EcosystemsTom Mens
 
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...FOSDEM 2020 Presentation: Comparing dependency management issues across packa...
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...Fasten Project
 
Comparing dependency issues across software package distributions (FOSDEM 2020)
Comparing dependency issues across software package distributions (FOSDEM 2020)Comparing dependency issues across software package distributions (FOSDEM 2020)
Comparing dependency issues across software package distributions (FOSDEM 2020)Tom Mens
 
Software Ecosystems = Big Data
Software Ecosystems = Big DataSoftware Ecosystems = Big Data
Software Ecosystems = Big DataTom Mens
 
Software Ecosystem Evolution. It's complex!
Software Ecosystem Evolution. It's complex!Software Ecosystem Evolution. It's complex!
Software Ecosystem Evolution. It's complex!Tom Mens
 
RE 2015 ecosystems tutorial
RE 2015 ecosystems tutorialRE 2015 ecosystems tutorial
RE 2015 ecosystems tutorialXavier Franch
 
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...South Tyrol Free Software Conference
 
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...Tom Mens
 
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemSocial and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemTom Mens
 
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemSocial and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software Ecosystemeconst
 
Investigating developer retention in socio-technical software ecosystems
Investigating developer retention in socio-technical software ecosystemsInvestigating developer retention in socio-technical software ecosystems
Investigating developer retention in socio-technical software ecosystemseconst
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseJames Wickett
 
Scientific software sustainability and ecosystem complexity
Scientific software sustainability and ecosystem complexityScientific software sustainability and ecosystem complexity
Scientific software sustainability and ecosystem complexityJames Howison
 
All Things Open 2022 - State of OSS Security & Support
All Things Open 2022 - State of OSS Security & SupportAll Things Open 2022 - State of OSS Security & Support
All Things Open 2022 - State of OSS Security & SupportJavier Perez
 
Scientific Software: Sustainability, Skills & Sociology
Scientific Software: Sustainability, Skills & SociologyScientific Software: Sustainability, Skills & Sociology
Scientific Software: Sustainability, Skills & SociologyNeil Chue Hong
 
SECO-Assist 2019 research seminar
SECO-Assist 2019 research seminarSECO-Assist 2019 research seminar
SECO-Assist 2019 research seminarTom Mens
 
Be Prepared for Growth - Confluence at Thales
Be Prepared for Growth - Confluence at ThalesBe Prepared for Growth - Confluence at Thales
Be Prepared for Growth - Confluence at ThalesAtlassian
 

Similaire à Evolving Software Ecosystems: Health and beyond (20)

Empirically Analysing the Socio-Technical Health of Software Package Managers
Empirically Analysing the Socio-Technical Health of Software Package ManagersEmpirically Analysing the Socio-Technical Health of Software Package Managers
Empirically Analysing the Socio-Technical Health of Software Package Managers
 
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...
Towards Laws of Software Ecosystem Evolution: An Empirical Comparison of Seve...
 
On the health of the npm packaging ecosystem
On the health of the npm packaging ecosystemOn the health of the npm packaging ecosystem
On the health of the npm packaging ecosystem
 
Socio-Technical Empirical Comparison of Software Package Ecosystems
Socio-Technical Empirical Comparison of Software Package EcosystemsSocio-Technical Empirical Comparison of Software Package Ecosystems
Socio-Technical Empirical Comparison of Software Package Ecosystems
 
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...FOSDEM 2020 Presentation: Comparing dependency management issues across packa...
FOSDEM 2020 Presentation: Comparing dependency management issues across packa...
 
Comparing dependency issues across software package distributions (FOSDEM 2020)
Comparing dependency issues across software package distributions (FOSDEM 2020)Comparing dependency issues across software package distributions (FOSDEM 2020)
Comparing dependency issues across software package distributions (FOSDEM 2020)
 
Software Ecosystems = Big Data
Software Ecosystems = Big DataSoftware Ecosystems = Big Data
Software Ecosystems = Big Data
 
Software Ecosystem Evolution. It's complex!
Software Ecosystem Evolution. It's complex!Software Ecosystem Evolution. It's complex!
Software Ecosystem Evolution. It's complex!
 
RE 2015 ecosystems tutorial
RE 2015 ecosystems tutorialRE 2015 ecosystems tutorial
RE 2015 ecosystems tutorial
 
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...
SFSCON23 - Ranindya Paramitha - Technical leverage analysis in the Python eco...
 
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...
ICSME 2016 keynote: An ecosystemic and socio-technical view on software maint...
 
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemSocial and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
 
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software EcosystemSocial and Technical Evolution of the Ruby on Rails Software Ecosystem
Social and Technical Evolution of the Ruby on Rails Software Ecosystem
 
Investigating developer retention in socio-technical software ecosystems
Investigating developer retention in socio-technical software ecosystemsInvestigating developer retention in socio-technical software ecosystems
Investigating developer retention in socio-technical software ecosystems
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the Enterprise
 
Scientific software sustainability and ecosystem complexity
Scientific software sustainability and ecosystem complexityScientific software sustainability and ecosystem complexity
Scientific software sustainability and ecosystem complexity
 
All Things Open 2022 - State of OSS Security & Support
All Things Open 2022 - State of OSS Security & SupportAll Things Open 2022 - State of OSS Security & Support
All Things Open 2022 - State of OSS Security & Support
 
Scientific Software: Sustainability, Skills & Sociology
Scientific Software: Sustainability, Skills & SociologyScientific Software: Sustainability, Skills & Sociology
Scientific Software: Sustainability, Skills & Sociology
 
SECO-Assist 2019 research seminar
SECO-Assist 2019 research seminarSECO-Assist 2019 research seminar
SECO-Assist 2019 research seminar
 
Be Prepared for Growth - Confluence at Thales
Be Prepared for Growth - Confluence at ThalesBe Prepared for Growth - Confluence at Thales
Be Prepared for Growth - Confluence at Thales
 

Dernier

Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Dernier (20)

Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

Evolving Software Ecosystems: Health and beyond

  • 1. Evolving software ecosystems: Health and beyond Eleni Constantinou Tom Mens University of Mons Belgium
  • 4. SECOHealth Inter-disciplinary inter-university research project Towards an interdisciplinary, socio-technical methodology and analysis of the health of software ecosystems www.secohealth.org
  • 5. SECO-Assist Automated Assistance for Developing Software in Ecosystems of the Future secoassist.github.io Inter-university research project Tom Mens University of Mons Anthony Cleve Université de Namur Coen De Roover Vrije Universiteit Brussel Serge Demeyer University of Antwerp
  • 8. Technical Health Problems • Outdated dependencies • Security vulnerabilities • Bugs • Duplicated code • Incompatible licenses • … • Abandonment of contributors • Lack of communication / interaction • Social conflicts • Insufficient diversity • …
  • 10. Evolution of package dependency networks A Decan, T Mens (2018) An Empirical Comparison of Dependency Network Evolution in Seven Software Packaging Ecosystems. Empirical Software Engineering Seven package dependency networks extracted using open source discovery service http://libraries.io (CC BY-SA 4.0) 830K packages – 5.8M package versions – 20.5M dependencies
  • 11. Package changes are frequent Findings • #package updates grows over time • >50% of package releases are updated within 2 months. • Required and young packages are updated more frequently. Changeability index: Maximal value n such that there exist n packages having been updated at least n times during the last month. CRAN differs due to rolling release policy: “Submitting updates should be done responsibly and with respect for the volunteers’ time. Once a package is established, ‘no more than every 1–2 months’ seems appropriate.”
  • 12. Package changes are frequent Package updates may cause many maintainability issues or even failures in dependent packages. "Especially with respect to package dependencies, the risk of things breaking at some point due to the fact that a version of a dependency has changed without you knowing about it is immense. That actually cost us weeks and months in a couple of professional projects I was part of."
  • 13. Most packages depend on other packages Findings • 60% to 80% of all packages are connected. • A stable minority (20%) of required packages collect over 80% of all reverse dependencies. • # npm dependencies grows much faster. Reusability index: Maximal value n such that there exist n required packages having at least n dependent packages.
  • 14. Package changes may have important impact March 2016 Unexpected removal of left-pad Caused > 2% of all packages to break (> 5,400 packages) November 2010 Release 0.5.0 of i18n broke dependent package ActiveRecord Transitively required by >5% of all packages
  • 16. Most of the complexity is deeply hidden … … in the transitive dependencies Proportion of top-level packages by depth of dependency tree Over 50% of top-level packages have deep dependency tree. Ecosystem complexity
  • 17. Package changes may have important impact Evolution of 5-Impact Index Findings • Dependent packages have few direct but many transitive dependencies. • Ratio of indirect over direct dependencies increases over time. P-Impact Index : Number of packages that are transitively required by at least P% of all packages.
  • 19. SECO evolution Empirical investigation of software ecosystems • Social changes • Technical impact of social changes
  • 27. Evolution of package dependency networks E Constantinou, T Mens (2017) Socio-Technical Evolution of the Ruby Ecosystem in GitHub. SANER 2017 26K packages/projects, 69K forks 76K contributors 5M commits
  • 28. SECO health – Social Growth
  • 29. SECO health – Technical Growth Technical growth 2008 2009 2010 2011 2012 2013 2014 2015 2016 2000 4000 6000 8000 10000 Projects Obsolete Projects New Projects Active Projects 2008 2009 2010 2011 2012 2013 2014 2015 0 1 2 3 4 Specialization
  • 30. SECO health Major social changes can highly impact the ecosystem evolution Monitoring these changes can help in identifying such issues early
  • 31. SECO health – Survival
  • 32. Evolution of package dependency networks E Constantinou, T Mens (2017) An Empirical Comparison of Developer Retention in the RubyGems and npm Software Ecosystems. Innovations in Systems and Software Engineering 70K packages/projects 32K contributors 3M commits 1.5M messages 179K packages/projects 64K contributors 8M commits 4M messages
  • 33. SECO health – Survival Socio-technical activity • Intensity • Frequency • Inactivity length Survival analysis
  • 34. SECO health – Developer survival
  • 35. SECO health – Developer survival Population: all developers in an ecosystem Event: abandonment of a developer Developers tend to abandon the ecosystem sooner if they: do not communicate communicate less intensively communicate less frequently do not communicate for a longer period 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Social inactivity Social activity Social abandoner 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Social inactivity Social activity Social abandoner 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long
  • 36. SECO health – Developer survival Developers tend to abandon the ecosystem sooner if they: commit less intensively commit less frequently do not commit for longer periods 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Very Weak Weak Strong Very Strong 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Very Weak Weak Strong Very Strong 0 50 100 150 200 0.00.20.40.60.81.0 npm Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long 0 50 100 150 0.00.20.40.60.81.0 RubyGems Duration of commit activity (months) Survivalprobability Very Short Short Long Very Long
  • 37. SECO health – Package survival 37
  • 38. SECO health – Package survival Population: all packages in an ecosystem Event: commit inactivity of a package Packages tend to become inactive sooner if the developers contributing to these packages: do not communicate communicate less intensively communicate less frequently do not communicate for a longer period
  • 39. SECO health – Package survival Packages tend to become inactive sooner if the developers contributing to these packages: commit less intensively commit less frequently do not commit for longer periods
  • 40. SECO health – Survival Intense and frequent commit activity is not enough … Intense and frequent messaging activity is also necessary
  • 41. Current work – Identity merging
  • 42. Current work – Identity matching GitHub git Mailing list Gerrit BugZilla IRC
  • 43. Current work – Forecasting inactivity
  • 44. What next? Technical • Outdated dependencies • Security vulnerabilities • Bugs • Duplicated code • Incompatible licenses • … • Abandonment of contributors • Lack of communication / interaction • Social conflicts • Insufficient diversity • …

Notes de l'éditeur

  1. Technical Diversity: different platforms, different programming languages, different application domains, different packages with similar functionality Community Smells: Lone Wolfs, Isolated Teams, Communication Problems Contributor Abandonment: Rage quitting
  2. npm and nuget more subject to package updates. CRAN less subject to package updates.
  3. “The package leftpad essentially contains a few lines of source code but has thousands of dependent projects, including Node and Babel. When its developer decided to unpublish all his modules for npm, this had important consequences, “almost breaking the internet “ March 2016 Unexpected removal of left-pad caused > 2% of all packages to break (> 5,400 packages) RubyGems, November 2010 Release 0.5.0 of i18n broke dependent package ActiveRecord, transitively required by >5% of all packages (930)
  4. Study factors affecting the time to event (such as child birth, recovering from a disease, etc). Estimate the survival rate of a population over time, considering the notion of censoring.