I depended on you and you broke me: An empirical study of manifesting breaking changes in client packages

by   Daniel Venturini, et al.
Northern Arizona University

Complex software systems have a network of dependencies. Developers often configure package managers (e.g., npm) to automatically update dependencies with each publication of new releases containing bug fixes and new features. When a dependency release introduces backward-incompatible changes, commonly known as breaking changes, dependent packages may not build anymore. This may indirectly impact downstream packages, but the impact of breaking changes and how dependent packages recover from these breaking changes remain unclear. To close this gap, we investigated the manifestation of breaking changes in the npm ecosystem, focusing on cases where packages' builds are impacted by breaking changes from their dependencies. We measured the extent to which breaking changes affect dependent packages. Our analyses show that around 12 of the dependent packages and 14 change during updates of non-major releases of their dependencies. We observed that, from all of the manifesting breaking changes, 44 minor and patch releases, which in principle should be backward compatible. Clients recovered themselves from these breaking changes in half of the cases, most frequently by upgrading or downgrading the provider's version without changing the versioning configuration in the package manager. We expect that these results help developers understand the potential impact of such changes and recover from them.


page 1

page 2

page 3

page 4


Dependency Update Strategies and Package Characteristics

Managing project dependencies is a key maintenance issue in software dev...

A Large Scale Analysis of Semantic Versioning in NPM

The NPM package repository contains over two million packages and serves...

Many-Objective Software Remodularization using NSGA-III

Software systems nowadays are complex and difficult to maintain due to c...

A Machine Learning Approach to Determine the Semantic Versioning Type of npm Packages Releases

Semantic versioning policy is widely used to indicate the level of chang...

Accelerating package expansion in Rust through development of a semantic versioning tool

In many programming languages there exist countless nuances, making deve...

V2: Fast Detection of Configuration Drift in Python

Code snippets are prevalent, but are hard to reuse because they often la...

Please sign up or login with your details

Forgot password? Click here to reset