Hero: On the Chaos When PATH Meets Modules

by   Ying Wang, et al.

Ever since its first release in 2009, the Go programming language (Golang) has been well received by software communities. A major reason for its success is the powerful support of library-based development, where a Golang project can be conveniently built on top of other projects by referencing them as libraries. As Golang evolves, it recommends the use of a new library-referencing mode to overcome the limitations of the original one. While these two library modes are incompatible, both are supported by the Golang ecosystem. The heterogeneous use of library-referencing modes across Golang projects has caused numerous dependency management (DM) issues, incurring reference inconsistencies and even build failures. Motivated by the problem, we conducted an empirical study to characterize the DM issues, understand their root causes, and examine their fixing solutions. Based on our findings, we developed Hero, an automated technique to detect DM issues and suggest proper fixing solutions. We applied Hero to 19,000 popular Golang projects. The results showed that Hero achieved a high detection rate of 98.5% on a DM issue benchmark and found 2,422 new DM issues in 2,356 popular Golang projects. We reported 280 issues, among which 181 (64.6%) issues have been confirmed, and 160 of them (88.4%) have been fixed or are under fixing. Almost all the fixes have adopted our fixing suggestions.


page 8

page 11


Will Dependency Conflicts Affect My Program's Semantics?

Java projects are often built on top of various third-party libraries. I...

Interactive, Effort-Aware Library Version Harmonization

As a mixed result of intensive dependency on third-party libraries, flex...

Multi-Programming-Language Commits in OSS: An Empirical Study on Apache Projects

Modern software systems, such as Spark, are usually written in multiple ...

Giving Back: Contributions Congruent to Library Dependency Changes in a Software Ecosystem

Popular adoption of third-party libraries for contemporary software deve...

So Much in So Little: Creating Lightweight Embeddings of Python Libraries

In software engineering, different approaches and machine learning model...

An Empirical Study of Flaky Tests in JavaScript

Flaky tests (tests with non-deterministic outcomes) can be problematic f...

Dependency Smells in JavaScript Projects

Dependency management in modern software development poses many challeng...