Due to its increasing complexity, today's software systems are frequently built by leveraging reusable code in the form of libraries and packages. Software ecosystems (e.g., npm) are the primary enablers of this code reuse, providing developers with a platform to share their own and use others' code. These ecosystems evolve rapidly: developers add new packages every day to solve new problems or provide alternative solutions, causing obsolete packages to decline in their importance to the community. Developers should avoid depending on packages in decline, as these packages are reused less over time and may become less frequently maintained. However, current popularity metrics (e.g., Stars, and Downloads) are not fit to provide this information to developers because their semantics do not aptly capture shifts in the community interest. In this paper, we propose a scalable approach that uses the package's centrality in the ecosystem to identify packages in decline. We evaluate our approach with the npm ecosystem and show that the trends of centrality over time can correctly distinguish packages in decline with a ROC-AUC of 0.9. The approach can capture 87% of the packages in decline, on average 18 months before the trend is shown in currently used package popularity metrics. We implement this approach in a tool that can be used to augment npms metrics and help developers avoid packages in decline when reusing packages from npm.
翻译:由于其日益复杂,今天的软件系统往往是通过利用图书馆和软件包形式的可再使用代码来建造的。软件生态系统(例如npm)是该代码再利用的主要促进因素,为开发者提供一个共享自身和使用他人代码的平台。这些生态系统迅速演变:开发者每天增加新的软件包,以解决新问题或提供替代解决方案,导致过时软件包对社区的重要性下降。开发者应当避免依赖正在下降的软件包,因为这些软件包经过一段时间后再利用较少,而且可能不再经常得到维护。然而,目前的普及度量(例如星和下载)不适合向开发者提供这一信息,因为其语义学不能恰当地反映社区利益的变化。在本文中,我们提出了一个可推广的方法,即利用软件包在生态系统中的核心地位来查明正在下降的软件包。我们用Npm生态系统评估了我们的方法,并表明随着时间的推移,核心性趋势可以正确地区分正在下降的软件包,而ROC-AC则可能越来越少。这一方法可以将87%的软件包(例如星和下载)提供给开发者,因为他们的语系没有适当地捕捉到平均18个月前的软件包,我们使用的通用的版本。