notice
Seminar by Rabe Abdalkareem (Concordia University)
Speaker: Rabe Abdalkareem (Concordia University)
Title: Why Do Developers Use Trivial Packages? An Empirical Case Study
on npm
Place: EV2.260
Time: 10:00-11:30am
Date: Monday, 26th November 2018
ABSTRACT
Code reuse is traditionally seen as good practice. Recent trends have
pushed the concept of code reuse to an extreme, by using packages that
implement simple and trivial tasks, which we call ‘trivial packages’. A
recent incident where a trivial package led to the breakdown of some of
the most popular web applications such as Facebook and Netƒix made it
imperative to question the growing use of trivial packages. Œerefore,
in this paper, we mine more than 230,000 npm packages and 38,000
JavaScript applications in order to study the prevalence of trivial
packages. We found that trivial packages are common and are increasing
in popularity, making up 16.8% of the studied npm packages. We
performed a survey with 88 Node.js developers who use trivial packages
to understand the reasons and drawbacks of their use. Our survey
revealed that trivial packages are used because they are perceived to
be well implemented and tested pieces of code. However, developers are
concerned about maintaining and the risks of breakages due to the extra
dependencies trivial packages introduce. To objectively verify the
survey results, we empirically validate the most cited reason and
drawback and €nd that, contrary to developers’ beliefs, only 45.2% of
trivial packages even have tests. However, trivial packages appear to
be ‘deployment tested’ and to have similar test, usage, and community
interest as non-trivial packages. On the other hand, we found that
11.5% of the studied trivial packages have more than 20 dependencies.
Hence, developers should be careful about which trivial packages they
decide to use.
Bio
Rabe Abdalkareem is a Ph.D. candidate in the Department of Computer
Science and Software Engineering at Concordia University, Montreal. His
research investigates how the adoption of crowdsourced knowledge
affects software development and maintenance. Abdalkareem received his
master’s in applied computer science from Concordia University. His
work has been published at premier venues such as FSE, ICSME, MSR, and
MobileSoft, as well as in major journals such as IEEE Software and IST.