Dependency management bots in open-source systems—prevalence and adoption
Artikel i vetenskaplig tidskrift, 2022

Bots have become active contributors in maintaining open-source repositories. However, the definitions of bot activity in open-source software vary from a more lenient stance encompassing every non-human contributions vs frameworks that cover contributions from tools that have autonomy or human-like traits (i.e., Devbots). Understanding which of those definitions are being used is essential to enable (i) reliable sampling of bots and (ii) fair comparison of their practical impact in, e.g., developers’ productivity. This paper reports on an empirical study composed of both quantitative and qualitative analysis of bot activity. By analysing those two bot definitions in an existing dataset of bot commits, we see that only 10 out of 54 listed tools (mainly dependency management) comply with the characteristics of Devbots. Moreover, five of those Devbots have similar patterns of contributions over 93 projects, such as similar proportions of merged pull-requests and days until issues are closed. Our analysis also reveals that most projects (77%) experiment with more than one bot before deciding to adopt or switch between bots. In fact, a thematic analysis of developers’ comments in those projects reveal factors driving the discussions about Devbot adoption or removal, such as the impact of the generated noise and the needed adaptation in development practices within the project.

Software engineering

Software bots

Dependency management

Mining software repositories


Linda Erlenhov

Chalmers, Data- och informationsteknik, Interaktionsdesign och Software Engineering, Cyber Physical Systems

Francisco Gomes

Göteborgs universitet

Philipp Leitner

Chalmers, Data- och informationsteknik, Interaktionsdesign och Software Engineering, Cyber Physical Systems

PeerJ Computer Science

23765992 (eISSN)

Vol. 8 e849

Utvecklarfokuserad prestandaförbättring för programvaruingenjörer

Vetenskapsrådet (VR) (2018-04127), 2019-01-01 -- 2023-12-31.


Informations- och kommunikationsteknik






Relaterade dataset

Replication package to Dependency Management Bots in Open-Source Systems - Prevalence and Adoption [dataset]

DOI: 10.5281/zenodo.4974218 URI:

Mer information

Senast uppdaterat