Dependency management bots in open-source systems—prevalence and adoption
Journal article, 2022

Bots have become active contributors in maintaining open-source repositories. However, the definitions of bot activity in open-source software vary from a more lenient stance encompassing every non-human contributions vs frameworks that cover contributions from tools that have autonomy or human-like traits (i.e., Devbots). Understanding which of those definitions are being used is essential to enable (i) reliable sampling of bots and (ii) fair comparison of their practical impact in, e.g., developers’ productivity. This paper reports on an empirical study composed of both quantitative and qualitative analysis of bot activity. By analysing those two bot definitions in an existing dataset of bot commits, we see that only 10 out of 54 listed tools (mainly dependency management) comply with the characteristics of Devbots. Moreover, five of those Devbots have similar patterns of contributions over 93 projects, such as similar proportions of merged pull-requests and days until issues are closed. Our analysis also reveals that most projects (77%) experiment with more than one bot before deciding to adopt or switch between bots. In fact, a thematic analysis of developers’ comments in those projects reveal factors driving the discussions about Devbot adoption or removal, such as the impact of the generated noise and the needed adaptation in development practices within the project.

Software engineering

Software bots

Dependency management

Mining software repositories

Author

Linda Erlenhov

Chalmers, Computer Science and Engineering (Chalmers), Interaction Design and Software Engineering

Francisco Gomes

University of Gothenburg

Philipp Leitner

Chalmers, Computer Science and Engineering (Chalmers), Interaction Design and Software Engineering

PeerJ Computer Science

23765992 (eISSN)

Vol. 8 e849

ImmeRSEd - Developer-Targeted Performance Engineering for Immersed Release and Software Engineers

Swedish Research Council (VR) (2018-04127), 2019-01-01 -- 2023-12-31.

Areas of Advance

Information and Communication Technology

Subject Categories

Software Engineering

Information Science

DOI

10.7717/peerj-cs.849

Related datasets

Replication package to Dependency Management Bots in Open-Source Systems - Prevalence and Adoption [dataset]

DOI: 10.5281/zenodo.4974218 URI: https://zenodo.org/record/5567370

More information

Latest update

5/2/2022 7