A Comprehensive Study of Bloated Dependencies in the Maven Ecosystem

01/21/2020
by   César Soto Valero, et al.
0

Build automation tools and package managers have a profound influence on software development. They facilitate the reuse of third-party libraries, support a clear separation between the application's code and its external dependencies, and automate several software development tasks. However, the wide adoption of these tools introduces new challenges related to dependency management. In this paper, we propose an original study of one such challenge: the emergence of bloated dependencies. Bloated dependencies are libraries that the build tool packages with the application's compiled code but that are actually not necessary to build and run the application. This phenomenon artificially grows the size of the built binary and increases maintenance effort. We propose a tool, called DepClean, to analyze the presence of bloated dependencies in Maven artifacts. We analyze 9,639 Java artifacts hosted on Maven Central, which include a total of 723,444 dependency relationships. Our key result is that 75.1 dependency relationships are bloated. In other words, it is feasible to reduce the number of dependencies of Maven artifacts up to 1/4 of its current count. We also perform a qualitative study with 30 notable open-source projects. Our results indicate that developers pay attention to their dependencies and are willing to remove bloated dependencies: 18/21 answered pull requests were accepted and merged by developers, removing 131 dependencies in total.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/29/2021

A Longitudinal Analysis of Bloated Java Dependencies

We study the evolution and impact of bloated dependencies in a single so...
research
01/16/2019

The Maven Dependency Graph: a Temporal Graph-based Representation of Maven Central

The Maven Central Repository provides an extraordinary source of data to...
research
08/11/2021

The Used, the Bloated, and the Vulnerable: Reducing the Attack Surface of an Industrial Application

Software reuse may result in software bloat when significant portions of...
research
08/08/2018

Can Network Analysis Techniques help to Predict Design Dependencies? An Initial Study

The degree of dependencies among the modules of a software system is a k...
research
08/19/2020

Trace-based Debloat for Java Bytecode

Software bloat is code that is packaged in an application but is actuall...
research
04/11/2023

APISENS- Sentiment Scoring Tool for APIs with Crowd-Knowledge

Utilizing pre-existing software artifacts, such as libraries and Applica...
research
09/06/2023

The Microservice Dependency Matrix

Microservices have been recognized for over a decade. They reshaped syst...

Please sign up or login with your details

Forgot password? Click here to reset