research-article

Semantic versioning and impact of breaking changes in the Maven repository

Authors:

A. van Deursen,

J. VisserAuthors Info & Claims

Journal of Systems and Software, Volume 129, Issue C

Pages 140 - 158

https://doi.org/10.1016/j.jss.2016.04.008

Published: 01 July 2017 Publication History

Abstract

Backward-incompatible interface changes are widespread in software libraries.Breaking changes have impact on client systems using these software libraries.Software developers do not follow proposed versioning guidelines. Systems that depend on third-party libraries may have to be updated when updates to these libraries become available in order to benefit from new functionality, security patches, bug fixes, or API improvements. However, often such changes come with changes to the existing interfaces of these libraries, possibly causing rework on the client system. In this paper, we investigate versioning practices in a set of more than 100,000 jar files from Maven Central, spanning over 7 years of history of more than 22,000 different libraries. We investigate to what degree versioning conventions are followed in this repository. Semantic versioning provides strict rules regarding major (breaking changes allowed), minor (no breaking changes allowed), and patch releases (only backward-compatible bug fixes allowed). We find that around one third of all releases introduce at least one breaking change. We perform an empirical study on potential rework caused by breaking changes in library releases and find that breaking changes have a significant impact on client libraries using the changed functionality. We find out that minor releases generally have larger release intervals than major releases. We also investigate the use of deprecation tags and find out that these tags are applied improperly in our dataset.

References

[1]

R. Andersen, SAGE Publications, Inc, 2008.

[2]

L. Badri, M. Badri, D. St-Yves, Supporting predictive change impact analysis: a control call graph based technique, 2005.

[3]

I. Balaban, F. Tip, R. Fuhrer, Refactoring support for class library migration, SIGPLAN Not., 40 (2005) 265-279.

Digital Library

[4]

J. Bauml, P. Brada, Automated versioning in OSGi: a mechanism for component software consistency guarantee, 2009.

[5]

B.E. Cossette, R.J. Walker, Seeking the ground truth: a retroactive study on the evolution and migration of software libraries, ACM, New York, NY, USA, 2012.

[6]

B. Dagenais, M.P. Robillard, Recommending adaptive changes for framework evolution, 2008.

[7]

J. Davies, D.M. German, M.W. Godfrey, A. Hindle, Software bertillonage: finding the provenance of an entity, 2011.

[8]

J. Davies, D.M. Germn, M.W. Godfrey, A. Hindle, Software bertillonage determining the provenance of software development artifacts, Empir. Softw. Eng., 18 (2013) 1195-1237.

Digital Library

[9]

J. Dietrich, K. Jezek, P. Brada, Broken promises: an empirical study into evolution problems in Java programs caused by library upgrades, IEEE, 2014.

[10]

D. Dig, C. Comertoglu, D. Marinov, R. Johnson, Automated detection of refactorings in evolving components, 2006.

[11]

D. Dig, R. Johnson, How do APIs evolve? A story of refactoring: research articles, J. Softw. Maint. Evol., 18 (2006) 83-107.

Digital Library

[12]

J.A. Duraes, H.S. Madeira, Emulation of software faults: a field data study and a practical approach, IEEE Trans. Softw. Eng., 32 (2006) 849-867.

Digital Library

[13]

B. Fluri, M. Wuersch, M. Pinzger, H. Gall, Change distilling: tree differencing for fine-grained source code change extraction, IEEE Trans. Softw. Eng., 33 (2007) 725-743.

Digital Library

[14]

J. Henkel, A. Diwan, CatchUp!: capturing and replaying refactorings to support API evolution, 2005.

[15]

P. Kapur, B. Cossette, R.J. Walker, Refactoring references for library migration, SIGPLAN Not., 45 (2010) 726-738.

Digital Library

[16]

S. Lehnert, A Review of Software Change Impact Analysis, Ilmenau University of Technology, Department of Software Systems/Process Informatics, 2011.

[17]

T. McDonnell, B. Ray, M. Kim, An empirical study of API stability and adoption in the android ecosystem, 2013.

[18]

J. Ossher, H. Sajnani, C. Lopes, Astra: bottomup construction of structured artifact repositories, 2012.

[19]

S. Raemaekers, A.v. Deursen, J. Visser, The maven repository dataset of metrics, changes, and dependencies, 2013.

[20]

X. Ren, B.G. Ryder, M. Stoerzer, F. Tip, Chianti: a change impact analysis tool for java programs, ACM, 2005.

[21]

R. Robbes, M. Lungu, D. Rthlisberger, How do developers react to API deprecation?: The case of a smalltalk ecosystem, 2012.

[22]

D. Romano, M. Pinzger, Analyzing the evolution of web services using fine-grained changes, 2012.

[23]

I. avga, M. Rudolf, Refactoring-based support for binary compatibility in evolving frameworks, 2007.

[24]

E. Tempero, G. Bierman, J. Noble, M. Parkinson, From Java to UpgradeJ: an empirical study, 2008.

[25]

C. Teyton, J.-R. Falleri, M. Palyart, X. Blanc, A Study of Library Migration in Java Software Journal of Software: Evolution and Process, 26 (2014) 1030-1052.

Digital Library

[26]

Z. Xing, E. Stroulia, API-evolution support with Diff-CatchUp, IEEE Trans. Softw. Eng., 33 (2007) 818-836.

Digital Library

[27]

Y. Zhou, M. Wursch, E. Giger, H. Gall, J. Lu, A bayesian network based approach for change coupling prediction, 2008.

[28]

T. Zimmermann, A. Zeller, P. Weissgerber, S. Diehl, Mining version histories to guide software changes, IEEE Trans. Softw. Eng., 31 (2005) 429-445.

Digital Library

Cited By

Jayasuriya DTerragni VDietrich JBlincoe K(2024)Understanding the Impact of APIs Behavioral Breaking Changes on Client ApplicationsProceedings of the ACM on Software Engineering10.1145/36437821:FSE(1238-1261)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643782
Cheng WHu WMa X(2024)Revisiting Knowledge-Based Inference of Python Runtime Environments: A Realistic and Adaptive ApproachIEEE Transactions on Software Engineering10.1109/TSE.2023.334647450:2(258-279)Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1109/TSE.2023.3346474
Serbout SPautasso C(2024)How Many Web APIs Evolve Following Semantic Versioning?Web Engineering10.1007/978-3-031-62362-2_25(344-359)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-62362-2_25
Show More Cited By

Recommendations

Breaking bad? Semantic versioning and impact of breaking changes in Maven Central: An external and differentiated replication study
Abstract
Just like any software, libraries evolve to incorporate new features, bug fixes, security patches, and refactorings. However, when a library evolves, it may break the contract previously established with its clients by introducing Breaking Changes ...
Semantic Versioning versus Breaking Changes: A Study of the Maven Repository
SCAM '14: Proceedings of the 2014 IEEE 14th International Working Conference on Source Code Analysis and Manipulation

For users of software libraries or public programming interfaces (APIs), backward compatibility is a desirable trait. Without compatibility, library users will face increased risk and cost when upgrading their dependencies. In this study, we investigate ...
How Many Web APIs Evolve Following Semantic Versioning?
Web Engineering
Abstract
More and more Web APIs use semantic versioning to represent the impact of changes on clients depending on previous versions. Our goal is to provide insights about the extent to which evolving Web APIs align with semantic versioning rules. In this ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Systems and Software

Journal of Systems and Software Volume 129, Issue C

July 2017

134 pages

ISSN:0164-1212

Issue’s Table of Contents

Copyright © Elsevier Inc.

Publisher

Elsevier Science Inc.

United States

Publication History

Published: 01 July 2017

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

32
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 04 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Jayasuriya DTerragni VDietrich JBlincoe K(2024)Understanding the Impact of APIs Behavioral Breaking Changes on Client ApplicationsProceedings of the ACM on Software Engineering10.1145/36437821:FSE(1238-1261)Online publication date: 12-Jul-2024
https://dl.acm.org/doi/10.1145/3643782
Cheng WHu WMa X(2024)Revisiting Knowledge-Based Inference of Python Runtime Environments: A Realistic and Adaptive ApproachIEEE Transactions on Software Engineering10.1109/TSE.2023.334647450:2(258-279)Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1109/TSE.2023.3346474
Serbout SPautasso C(2024)How Many Web APIs Evolve Following Semantic Versioning?Web Engineering10.1007/978-3-031-62362-2_25(344-359)Online publication date: 17-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-62362-2_25
Carvalho LVasconcelos V(2023)Semantic Versioning for Python ProgramsCompanion Proceedings of the 2023 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity10.1145/3618305.3623589(13-15)Online publication date: 22-Oct-2023
https://dl.acm.org/doi/10.1145/3618305.3623589
Jayasuriya DTerragni VDietrich JOu SBlincoe KJust RFraser G(2023)Understanding Breaking Changes in the WildProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598147(1433-1444)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598147
Rombaut BCogo FAdams BHassan A(2023)There’s no Such Thing as a Free Lunch: Lessons Learned from Exploring the Overhead Introduced by the Greenkeeper Dependency Bot in NpmACM Transactions on Software Engineering and Methodology10.1145/352258732:1(1-40)Online publication date: 13-Feb-2023
https://dl.acm.org/doi/10.1145/3522587
He RHe HZhang YZhou M(2023)Automating Dependency Updates in Practice: An Exploratory Study on GitHub DependabotIEEE Transactions on Software Engineering10.1109/TSE.2023.327812949:8(4004-4022)Online publication date: 1-Aug-2023
https://dl.acm.org/doi/10.1109/TSE.2023.3278129
Wang YSun PPei LYu YXu CCheung SYu HZhu Z(2023)Plumber: Boosting the Propagation of Vulnerability Fixes in the npm EcosystemIEEE Transactions on Software Engineering10.1109/TSE.2023.324326249:5(3155-3181)Online publication date: 1-May-2023
https://dl.acm.org/doi/10.1109/TSE.2023.3243262
Decan AMens TOnsori Delicheh H(2023)On the outdatedness of workflows in the GitHub Actions ecosystemJournal of Systems and Software10.1016/j.jss.2023.111827206:COnline publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1016/j.jss.2023.111827
Tanabe YLubis LAotani TMasuhara H(2023)Compilation Semantics for a Programming Language with VersionsProgramming Languages and Systems10.1007/978-981-99-8311-7_1(3-23)Online publication date: 26-Nov-2023
https://dl.acm.org/doi/10.1007/978-981-99-8311-7_1
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents